Re: bug? -- PrincipalPermissionAttribute & GetCustomAttributes
From: Ivan Medvedev [MS] (ivanmed_at_online.microsoft.com)
Date: 06/27/03
- Previous message: Ivan Medvedev [MS]: "Re: xml Signature and XmlDsigXPathTransform"
- In reply to: Shawn Farkas [MS]: "Re: bug? -- PrincipalPermissionAttribute & GetCustomAttributes"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Thu, 26 Jun 2003 17:30:42 -0700
You can, however, use a tool called permview.exe (included in the SDK) to
view declarative security attributes.
--Ivan
This posting is provided "AS IS" with no warranties, and confers no rights
"Shawn Farkas [MS]" <shawnfa@online.microsoft.com> wrote in message
news:O2%23hg55NDHA.2308@TK2MSFTNGP11.phx.gbl...
> This refers to all declaritive security demands, any permission that you
put
> in an attribute will be unreadable through reflection.
>
> --
>
> --------------------------------------------------
> This posting is provided "AS IS" with no warranties, and confers no rights
> "lx" <alex@merchise.com> wrote in message
> news:#0#VAa4NDHA.2768@tk2msftngp13.phx.gbl...
> > Hi Shawn,
> >
> > Unfortunately, nowhere in .NET Documentation, Microsoft warns
developers
> > about this "peculiarity".
> >
> > It seems that not even Microsoft Technical Writers are aware of that
> > patch:
> >
> > Keith Brown published:
> >
> > Bear in mind that you can use reflection to read these attributes
> > ("relative
> > to PrincipalPermissionAttribute") from an assembly. This should make it
> > easy
> > to generate documentation for your classes, including which roles are
> > allowed access to which classes and methods. This is another good reason
> > to
> > prefer using declarative checks over imperative checks wherever
> > possible...
> >
> > MSDN Magazine > January 2002 > SECURITY BRIEFS | Managed Security
Context
> > in
> > ASP.NET
> > http://msdn.microsoft.com/msdnmag/issues/02/01/security/
> >
> >
> > This undocumented peculiarity refers to "PrincipalPermissionAttribute"
> > only.
> > Or does it include a wider range of "Attribute-Morphos" framework
objects
> > ?
> >
> > Thanks,
> >
> > alex
> >
> >
> >
> > "Shawn Farkas [MS]" <shawnfa@online.microsoft.com> wrote in message
> > news:O$cPz73NDHA.1556@TK2MSFTNGP10.phx.gbl...
> >> Hi Alex,
> >>
> >> Unfortunately, although they look like custom attributes when you
> > apply
> >> them, declarative security demands are not stored as custom attributes
in
> > an
> >> assembly. Therefore you won't be able to see them when you reflect
over
> > the
> >> custom security. In current releases of the framework, there is no way
> >> to
> >> use reflection to access declaritive security, although we are
> >> considering
> >> adding this feature to a future version.
> >>
> >> -Shawn
> >>
> >
> >
>
>
- Previous message: Ivan Medvedev [MS]: "Re: xml Signature and XmlDsigXPathTransform"
- In reply to: Shawn Farkas [MS]: "Re: bug? -- PrincipalPermissionAttribute & GetCustomAttributes"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
