This documentation is archived and is not being maintained.

UrlIdentityPermission Class

Defines the identity permission for the URL from which the code originates. This class cannot be inherited.

Namespace:  System.Security.Permissions
Assembly:  mscorlib (in mscorlib.dll)

'Declaration
<SerializableAttribute> _
<ComVisibleAttribute(True)> _
Public NotInheritable Class UrlIdentityPermission _
	Inherits CodeAccessPermission
'Usage
Dim instance As UrlIdentityPermission

The complete URL is considered, including the protocol (HTTP, HTTPS, FTP) and the file. For example, http://www.fourthcoffee.com/process/grind.htm is a complete URL.

URLs can be matched exactly or by a wildcard in the final position, for example: http://www.fourthcoffee.com/process/*. URLs can also contain a wildcard ("*") prefix at the dot delimiter. For example, the URL name string http://www.fourthcoffee.com/process/grind.htm/ is a subset of http://*.fourthcoffee.com/process/grind.htm/ and http://*.com/process/grind.htm/.

Important noteImportant Note:

In the .NET Framework versions 1.0 and 1.1, demands on the identity permissions are effective even when the calling assembly is fully trusted. That is, although the calling assembly has full trust, a demand for an identity permission fails if the assembly does not meet the demanded criteria. In the .NET Framework version 2.0, demands for identity permissions are ineffective if the calling assembly has full trust. That is, a demand for an identity always succeeds, regardless of the identity of the assembly, if the assembly has been granted full trust. This assures consistency for all permissions, eliminating the treatment of identity permissions as a special case.

In the .NET Framework versions 1.0 and 1.1, demands on the identity permissions are effective, even when the calling assembly is fully trusted. That is, although the calling assembly has full trust, a demand for an identity permission fails if the assembly does not meet the demanded criteria. In the .NET Framework version 2.0, demands for identity permissions are ineffective if the calling assembly has full trust. This assures consistency for all permissions, eliminating the treatment of identity permissions as a special case.

Caution noteCaution:

UrlIdentityPermission grants permission for all paths to the file, including both the URL and the IP address. To Deny access to the file, you must Deny all possible paths to the file. For example, if http://www.fourthcoffee.com/process/grind.htm is located at IP address 192.168.238.241, to Deny access to http://www.fourthcoffee.com/process/grind.htm, you must Deny http://www.fourthcoffee.com/process/grind.htm, 192.168.238.241/grind.htm and any other path that you can use to access the code. Unfortunately, there are a myriad of ways URL paths can be phrased, so it is extremely difficult to block all paths through the use of Deny alone. A better technique to deal with multiple paths is to use a combination of PermitOnly and Deny. PermitOnly allows you to identify a finite set of URLs that you can provide access to, and then Deny allows you to explicitly select addresses from that set that you want to deny access to. For more information on this subject and the use of PermitOnly with Deny, see Canonicalization Problems Using Deny in the Using the Deny Method topic.

NoteNote:

In the .NET Framework versions 1.0 and 1.1, identity permissions cannot have an Unrestricted permission state value. In the .NET Framework version 2.0, identity permissions can have any permission state value. This means that in version 2.0, identity permissions have the same behavior as permissions that implement the IUnrestrictedPermission interface. For information on executing version 2.0 applications with version 1.1 CAS policy, see <legacyV1CASPolicy> Element.

The following code example shows the behavior of the UrlIdentityPermission class methods.

NoteNote:

The code example is intended to show the behavior of the methods, not to demonstrate their use. In general, the methods of permission classes are used by the security infrastructure; they are not typically used in applications. Generally, only the constructors are used in application code. The created instance validates or controls resource access by using inherited CodeAccessPermission methods such as Demand.

Imports System
Imports System.Security
Imports System.Security.Permissions



Public Class UrlIdentityPermissionDemo

    Public Shared Sub Main(ByVal args() As String)
        IsSubsetOfDemo()
        CopyDemo()
        UnionDemo()
        IntersectDemo()
        ToFromXmlDemo()

    End Sub 'Main


    ' IsSubsetOf determines whether the current permission is a subset of the specified permission. 
    Private Shared Sub IsSubsetOfDemo()
        Dim permIdPerm1 As New UrlIdentityPermission("http://www.fourthcoffee.com/process/")
        Dim permIdPerm2 As New UrlIdentityPermission("http://www.fourthcoffee.com/*")

        If permIdPerm1.IsSubsetOf(permIdPerm2) Then
            Console.WriteLine(permIdPerm1.Url + " is a subset of " + permIdPerm2.Url)
        Else
            Console.WriteLine(permIdPerm1.Url + " is not a subset of " + permIdPerm2.Url)
        End If 
        If permIdPerm2.IsSubsetOf(permIdPerm1) Then
            Console.WriteLine(permIdPerm2.Url + " is a subset of " + permIdPerm1.Url)
        Else
            Console.WriteLine(permIdPerm2.Url + " is not a subset of " + permIdPerm1.Url)
        End If 

    End Sub 'IsSubsetOfDemo

    ' Union creates a new permission that is the union of the current permission 
    ' and the specified permission. 
    Private Shared Sub UnionDemo()
        Dim permIdPerm1 As New UrlIdentityPermission("http://www.fourthcoffee.com/process/")
        Dim permIdPerm2 As New UrlIdentityPermission("http://www.fourthcoffee.com/*")
        Dim p3 As UrlIdentityPermission = CType(permIdPerm1.Union(permIdPerm2), UrlIdentityPermission)
        Try 
            If Not (p3 Is Nothing) Then
                Console.WriteLine("The union of " + permIdPerm1.Url + " and " + vbLf + vbTab + permIdPerm2.Url + " is " + vbLf + vbTab + p3.Url + vbLf)

            Else
                Console.WriteLine("The union of " + permIdPerm1.Url + " and " + vbLf + vbTab + permIdPerm2.Url + " is null." + vbLf)
            End If 
        Catch e As SystemException
            Console.WriteLine("The union of " + permIdPerm1.Url + " and " + vbLf + vbTab + permIdPerm2.Url + " failed.")

            Console.WriteLine(e.Message)
        End Try 

    End Sub 'UnionDemo

    ' Intersect creates and returns a new permission that is the intersection of the 
    ' current permission and the permission specified. 
    Private Shared Sub IntersectDemo()

        Dim permIdPerm1 As New UrlIdentityPermission("http://www.fourthcoffee.com/process/")
        Dim permIdPerm2 As New UrlIdentityPermission("http://www.fourthcoffee.com/*")
        Dim p3 As UrlIdentityPermission = CType(permIdPerm1.Intersect(permIdPerm2), UrlIdentityPermission)

        If Not (p3 Is Nothing) Then
            Console.WriteLine("The intersection of " + permIdPerm1.Url + " and " + vbLf + vbTab + permIdPerm2.Url + " is " + p3.Url + vbLf)

        Else
            Console.WriteLine("The intersection of " + permIdPerm1.Url + " and " + vbLf + vbTab + permIdPerm2.Url + " is null." + vbLf)
        End If 

    End Sub 'IntersectDemo



    'Copy creates and returns an identical copy of the current permission. 
    Private Shared Sub CopyDemo()

        Dim permIdPerm1 As New UrlIdentityPermission("http://www.fourthcoffee.com/process/*")
        Dim permIdPerm2 As New UrlIdentityPermission(PermissionState.None)
        permIdPerm2 = CType(permIdPerm1.Copy(), UrlIdentityPermission)
        If Not (permIdPerm2 Is Nothing) Then
            Console.WriteLine("The copy succeeded:  " + permIdPerm2.ToString() + " " + vbLf)
        End If 

    End Sub 'CopyDemo

    ' ToXml creates an XML encoding of the permission and its current state; FromXml reconstructs a 
    ' permission with the specified state from the XML encoding. 
    Private Shared Sub ToFromXmlDemo()


        Dim permIdPerm1 As New UrlIdentityPermission("http://www.fourthcoffee.com/process/*")
        Dim permIdPerm2 As New UrlIdentityPermission(PermissionState.None)
        permIdPerm2.FromXml(permIdPerm1.ToXml())
        Dim result As Boolean = permIdPerm2.Equals(permIdPerm1)
        If result Then
            Console.WriteLine("Result of ToFromXml = " + permIdPerm2.ToString())
        Else
            Console.WriteLine(permIdPerm2.ToString())
            Console.WriteLine(permIdPerm1.ToString())
        End If 

    End Sub 'ToFromXmlDemo 
End Class 'UrlIdentityPermissionDemo

System.Object
  System.Security.CodeAccessPermission
    System.Security.Permissions.UrlIdentityPermission

Any public static (Shared in Visual Basic) members of this type are thread safe. Any instance members are not guaranteed to be thread safe.

Windows 7, Windows Vista, Windows XP SP2, Windows XP Media Center Edition, Windows XP Professional x64 Edition, Windows XP Starter Edition, Windows Server 2008 R2, Windows Server 2008, Windows Server 2003, Windows Server 2000 SP4, Windows Millennium Edition, Windows 98

The .NET Framework and .NET Compact Framework do not support all versions of every platform. For a list of the supported versions, see .NET Framework System Requirements.

.NET Framework

Supported in: 3.5, 3.0, 2.0, 1.1, 1.0
Show: