Re: bug? -- PrincipalPermissionAttribute & GetCustomAttributes

From: lx (alex_at_merchise.com)
Date: 06/21/03 

Date: Fri, 20 Jun 2003 19:48:44 -0400

Hi Shawn,

Unfortunately, nowhere in .NET Documentation, Microsoft warns developers
about this "peculiarity".

It seems that not even Microsoft Technical Writers are aware of that patch:

Keith Brown published:

Bear in mind that you can use reflection to read these attributes ("relative
to PrincipalPermissionAttribute") from an assembly. This should make it easy
to generate documentation for your classes, including which roles are
allowed access to which classes and methods. This is another good reason to
prefer using declarative checks over imperative checks wherever possible...

MSDN Magazine > January 2002 > SECURITY BRIEFS | Managed Security Context in
ASP.NET
http://msdn.microsoft.com/msdnmag/issues/02/01/security/

This undocumented peculiarity refers to "PrincipalPermissionAttribute" only.
Or does it include a wider range of "Attribute-Morphos" framework objects ?

Thanks,

alex

"Shawn Farkas [MS]" <shawnfa@online.microsoft.com> wrote in message
news:O$cPz73NDHA.1556@TK2MSFTNGP10.phx.gbl...
> Hi Alex,
>
> Unfortunately, although they look like custom attributes when you
apply
> them, declarative security demands are not stored as custom attributes in
an
> assembly. Therefore you won't be able to see them when you reflect over
the
> custom security. In current releases of the framework, there is no way to
> use reflection to access declaritive security, although we are considering
> adding this feature to a future version.
>
> -Shawn
>