HostSecurityManager 类

定义

允许控制和自定义应用程序域的安全行为。

public ref class HostSecurityManager
public class HostSecurityManager
[System.Runtime.InteropServices.ComVisible(true)]
[System.Serializable]
public class HostSecurityManager
[System.Runtime.InteropServices.ComVisible(true)]
[System.Serializable]
[System.Security.SecurityCritical]
public class HostSecurityManager
type HostSecurityManager = class
[<System.Runtime.InteropServices.ComVisible(true)>]
[<System.Serializable>]
type HostSecurityManager = class
[<System.Runtime.InteropServices.ComVisible(true)>]
[<System.Serializable>]
[<System.Security.SecurityCritical>]
type HostSecurityManager = class
Public Class HostSecurityManager
继承
HostSecurityManager
属性

示例

以下示例演示 的非常简单的 HostSecurityManager实现。

// To replace the default security manager with MySecurityManager, add the 
// assembly to the GAC and call MySecurityManager in the
// custom implementation of the AppDomainManager.

using System;
using System.Collections;
using System.Net;
using System.Reflection;
using System.Security;
using System.Security.Permissions;
using System.Security.Policy;
using System.Security.Principal;
using System.Threading;
using System.Runtime.InteropServices;
using System.Runtime.Hosting;

[assembly: System.Security.AllowPartiallyTrustedCallersAttribute()]
namespace MyNamespace
{
    [Serializable()]
    [SecurityPermissionAttribute(SecurityAction.Demand, Flags = SecurityPermissionFlag.Infrastructure)]
    public class MySecurityManager : HostSecurityManager
    {
        public MySecurityManager()
        {
            Console.WriteLine(" Creating MySecurityManager.");
        }

        private HostSecurityManagerOptions hostFlags = HostSecurityManagerOptions.HostDetermineApplicationTrust |
                                                   HostSecurityManagerOptions.HostAssemblyEvidence;
        public override HostSecurityManagerOptions Flags
        {
            get
            {
                return hostFlags;
            }
        }

        public override Evidence ProvideAssemblyEvidence(Assembly loadedAssembly, Evidence evidence)
        {
            Console.WriteLine("Provide assembly evidence for: " + (loadedAssembly == null ? "Unknown" : loadedAssembly.ToString()) + ".");
            if (evidence == null)
                return null;

            evidence.AddAssemblyEvidence(new CustomEvidenceType());
            return evidence;
        }
        public override Evidence ProvideAppDomainEvidence(Evidence evidence)
        {
            Console.WriteLine("Provide evidence for the " + AppDomain.CurrentDomain.FriendlyName + " AppDomain.");
            if (evidence == null)
                return null;

            evidence.AddHostEvidence(new CustomEvidenceType());
            return evidence;
        }

        [SecurityPermissionAttribute(SecurityAction.Demand, Execution = true)]
        [SecurityPermissionAttribute(SecurityAction.Assert, Unrestricted = true)]
        public override ApplicationTrust DetermineApplicationTrust(Evidence applicationEvidence, Evidence activatorEvidence, TrustManagerContext context)
        {
            if (applicationEvidence == null)
                throw new ArgumentNullException("applicationEvidence");

            // Get the activation context from the application evidence.
            // This HostSecurityManager does not examine the activator evidence
            // nor is it concerned with the TrustManagerContext;
            // it simply grants the requested grant in the application manifest.

            IEnumerator enumerator = applicationEvidence.GetHostEnumerator();
            ActivationArguments activationArgs = null;
            while (enumerator.MoveNext())
            {
                activationArgs = enumerator.Current as ActivationArguments;
                if (activationArgs != null)
                    break;
            }

            if (activationArgs == null)
                return null;

            ActivationContext activationContext = activationArgs.ActivationContext;
            if (activationContext == null)
                return null;

            ApplicationTrust trust = new ApplicationTrust(activationContext.Identity);
            ApplicationSecurityInfo asi = new ApplicationSecurityInfo(activationContext);
            trust.DefaultGrantSet = new PolicyStatement(asi.DefaultRequestSet, PolicyStatementAttribute.Nothing);
            trust.IsApplicationTrustedToRun = true;
            return trust;
        }
    }
    [Serializable()]
    public class CustomEvidenceType : EvidenceBase
    {
        public CustomEvidenceType() { }

        public override string ToString()
        {
            return "CustomEvidenceType";
        }
    }
}
' To replace the default security manager with MySecurityManager, add the 
' assembly to the GAC and call MySecurityManager in the
' custom implementation of the AppDomainManager.
Imports System.Collections
Imports System.Net
Imports System.Reflection
Imports System.Security
Imports System.Security.Permissions
Imports System.Security.Policy
Imports System.Security.Principal
Imports System.Threading
Imports System.Runtime.InteropServices
Imports System.Runtime.Hosting



<Assembly: System.Security.AllowPartiallyTrustedCallersAttribute()> 

<Serializable(), SecurityPermissionAttribute(SecurityAction.Demand, Flags:=SecurityPermissionFlag.Infrastructure)> _
Public Class MySecurityManager
    Inherits HostSecurityManager

    Public Sub New()
        Console.WriteLine(" Creating MySecurityManager.")

    End Sub


    Private hostFlags As HostSecurityManagerOptions = HostSecurityManagerOptions.HostDetermineApplicationTrust Or HostSecurityManagerOptions.HostAssemblyEvidence

    Public Overrides ReadOnly Property Flags() As HostSecurityManagerOptions
        Get
            Return hostFlags
        End Get
    End Property

    Public Overrides Function ProvideAssemblyEvidence(ByVal loadedAssembly As [Assembly], ByVal evidence As Evidence) As Evidence
        Console.WriteLine("Provide assembly evidence for: " + IIf(loadedAssembly Is Nothing, "Unknown", loadedAssembly.ToString()) + ".") 'TODO: For performance reasons this should be changed to nested IF statements
        If evidence Is Nothing Then
            Return Nothing
        End If
        evidence.AddAssemblyEvidence(New CustomEvidenceType())
        Return evidence

    End Function 'ProvideAssemblyEvidence

    Public Overrides Function ProvideAppDomainEvidence(ByVal evidence As Evidence) As Evidence
        Console.WriteLine("Provide evidence for the " + AppDomain.CurrentDomain.FriendlyName + " AppDomain.")
        If evidence Is Nothing Then
            Return Nothing
        End If
        evidence.AddHostEvidence(New CustomEvidenceType())
        Return evidence

    End Function 'ProvideAppDomainEvidence

    <SecurityPermissionAttribute(SecurityAction.Demand, Execution:=True), SecurityPermissionAttribute(SecurityAction.Assert, Unrestricted:=True)> _
    Public Overrides Function DetermineApplicationTrust(ByVal applicationEvidence As Evidence, ByVal activatorEvidence As Evidence, ByVal context As TrustManagerContext) As ApplicationTrust
        If applicationEvidence Is Nothing Then
            Throw New ArgumentNullException("applicationEvidence")
        End If
        ' Get the activation context from the application evidence.
        ' This HostSecurityManager does not examine the activator evidence
        ' nor is it concerned with the TrustManagerContext;
        ' it simply grants the requested grant in the application manifest.
        Dim enumerator As IEnumerator = applicationEvidence.GetHostEnumerator()
        Dim activationArgs As ActivationArguments = Nothing
        While enumerator.MoveNext()
            activationArgs = enumerator.Current '
            If Not (activationArgs Is Nothing) Then
                Exit While
            End If
        End While
        If activationArgs Is Nothing Then
            Return Nothing
        End If
        Dim activationContext As ActivationContext = activationArgs.ActivationContext
        If activationContext Is Nothing Then
            Return Nothing
        End If
        Dim trust As New ApplicationTrust(activationContext.Identity)
        Dim asi As New ApplicationSecurityInfo(activationContext)
        trust.DefaultGrantSet = New PolicyStatement(asi.DefaultRequestSet, PolicyStatementAttribute.Nothing)
        trust.IsApplicationTrustedToRun = True
        Return trust

    End Function 'DetermineApplicationTrust
End Class
<Serializable()> _
Public Class CustomEvidenceType
    Inherits EvidenceBase

    Public Sub New()

    End Sub

    Public Overrides Function ToString() As String
        Return "CustomEvidenceType"

    End Function 'ToString
End Class

注解

创建新的 AppDomain时,公共语言运行时会查询 AppDomainManagerHostSecurityManager是否存在 ,它参与为 AppDomain做出安全决策。 主机提供程序应实现从 HostSecurityManager 类继承的主机安全管理器。

继承者说明

每当加载程序集时,会以隐式或显式方式调用 的某些成员 HostSecurityManagerProvideAssemblyEvidence(Assembly, Evidence)ProvideAppDomainEvidence(Evidence) 方法不得加载任何程序集,因为这样做将导致以递归方式调用 的成员HostSecurityManager。 若要避免循环引用,应创建类的新实例,这些实例会导致在派生自 HostSecurityManager的类的构造函数中隐式或显式加载程序集。

构造函数

HostSecurityManager()

初始化 HostSecurityManager 类的新实例。

属性

DomainPolicy
已过时.

在派生类中重写时,获取当前应用程序域的安全策略。

Flags

获取表示与主机相关的安全策略组件的标志。

方法

DetermineApplicationTrust(Evidence, Evidence, TrustManagerContext)

决定是否应执行应用程序。

Equals(Object)

确定指定对象是否等于当前对象。

(继承自 Object)
GenerateAppDomainEvidence(Type)

请求应用程序域的特定证据类型。

GenerateAssemblyEvidence(Type, Assembly)

请求程序集的特定证据类型。

GetHashCode()

作为默认哈希函数。

(继承自 Object)
GetHostSuppliedAppDomainEvidenceTypes()

确定主机可以为应用程序域提供哪些证据类型(如果请求了证据类型)。

GetHostSuppliedAssemblyEvidenceTypes(Assembly)

确定主机可以为程序集提供哪些证据类型(如果请求了证据类型)。

GetType()

获取当前实例的 Type

(继承自 Object)
MemberwiseClone()

创建当前 Object 的浅表副本。

(继承自 Object)
ProvideAppDomainEvidence(Evidence)

为正在加载的程序集提供应用程序域证据。

ProvideAssemblyEvidence(Assembly, Evidence)

为正在加载的程序集提供程序集证据。

ResolvePolicy(Evidence)
已过时.

根据指定的证据确定向代码授予什么权限。

ToString()

返回表示当前对象的字符串。

(继承自 Object)

适用于