HomeDigital EditionSys-Con RadioSearch Web Services Cd
B2B Beginning WS Business Process Management Case Studies Content Management Distributing Computing e-Business Electronic Data Interchange Enterprise Industry Insight Integration Interviews Java & Web Services .NET Portal Product Reviews Scalability & Performance Security SOAP Source Code UDDI Wireless WS Standards WS Tips & Techniques WSDL WS Editorials XML

The Basics of Code Access Security by Thom Robbins
WSJ Vol 03 Issue 3 - pg.31 

	


Listing 1: Imports System

	Imports System.Security.Permissions
Imports System.Runtime.InteropServices
'The request is placed on the assembly level.
<assembly: SecurityPermissionAttribute(SecurityAction.RequestMinimum,
Flags := SecurityPermissionFlag.UnmanagedCode)>

Namespace MyNamespace
   Public Class MyClass1
      Public Sub New()

      End Sub
       
      Public Sub MyMethod()
         'Perform interoperation with unmanaged code here.
      End Sub 
   End Class
End Namespace

Listing 2: Generic implementation of role-based security

using System;
using System.Threading;
using System.Security;
using System.Security.Principal;

namespace RoleBasedSecurity
{
   class Sample
   {
      static void Main(string[] args)
      {
         String [] roles = {"Lecturer", "Student"};
         GenericIdentity i = new GenericIdentity("Thom");
         GenericPrincipal g = new GenericPrincipal(i, 
                  roles);
         Thread.CurrentPrincipal = g;
         if(Thread.CurrentPrincipal.Identity.Name == 
                  "Thom")
            Console.WriteLine("Hello Thom");
         if(Thread.CurrentPrincipal.IsInRole("Lecturer"))
            Console.WriteLine("Hello Lecturer");
         if(Thread.CurrentPrincipal.IsInRole("Employee"))
            Console.WriteLine("Hello Employee");
      }
   }
}