XmlSecureResolver 构造函数
定义
重要
一些信息与预发行产品相关,相应产品在发行之前可能会进行重大修改。 对于此处提供的信息,Microsoft 不作任何明示或暗示的担保。
初始化 XmlSecureResolver 类的新实例。
重载
| 名称 | 说明 |
|---|---|
| XmlSecureResolver(XmlResolver, PermissionSet) |
使用和XmlSecureResolverXmlResolver指定初始化类的新实例PermissionSet。 |
| XmlSecureResolver(XmlResolver, Evidence) |
使用和XmlSecureResolverXmlResolver指定初始化类的新实例Evidence。 |
| XmlSecureResolver(XmlResolver, String) |
使用XmlSecureResolver提供的 URL 初始化类的新实例XmlResolver。 |
注解
这三个构造函数提供三种类型的访问限制:
构造 XmlSecureResolver(XmlResolver, String) 函数使用 URL 限制访问。
构造 XmlSecureResolver(XmlResolver, PermissionSet) 函数使用权限集限制访问。
构造 XmlSecureResolver(XmlResolver, Evidence) 函数使用证据限制访问。
有关这些类型的限制的示例,请参阅构造函数参考主题。
XmlSecureResolver(XmlResolver, PermissionSet)
使用和XmlSecureResolverXmlResolver指定初始化类的新实例PermissionSet。
public:
XmlSecureResolver(System::Xml::XmlResolver ^ resolver, System::Security::PermissionSet ^ permissionSet);public XmlSecureResolver(System.Xml.XmlResolver resolver, System.Security.PermissionSet permissionSet);new System.Xml.XmlSecureResolver : System.Xml.XmlResolver * System.Security.PermissionSet -> System.Xml.XmlSecureResolverPublic Sub New (resolver As XmlResolver, permissionSet As PermissionSet)参数
- resolver
- XmlResolver
由 . 包装的 XmlSecureResolverXML 解析程序。
- permissionSet
- PermissionSet
要应用于基础 XmlResolver的权限集。 XmlSecureResolver调用PermitOnly()基础 XML 解析程序上的方法之前,先对权限集调用GetEntity(Uri, String, Type)该方法。
示例
以下示例使用自定义权限集构造对象 XmlSecureResolver 。
public static Object GetFile (String fileURL, XmlResolver resolver) {
// Generate the default PermissionSet using the file URL.
Evidence evidence = XmlSecureResolver.CreateEvidenceForUrl(fileURL);
PermissionSet myPermissions = SecurityManager.ResolvePolicy(evidence);
// Modify the PermissionSet to only allow access to http://www.contoso.com.
// Create a WebPermission which only allows access to http://www.contoso.com.
WebPermission myWebPermission = new WebPermission(NetworkAccess.Connect, "http://www.contoso.com");
// Replace the existing WebPermission in myPermissions with the updated WebPermission.
myPermissions.SetPermission(myWebPermission);
// Use the modified PermissionSet to construct the XmlSecureResolver.
XmlSecureResolver sResolver = new XmlSecureResolver(resolver, myPermissions);
// Get the object.
Uri fullUri = sResolver.ResolveUri(null, fileURL);
return sResolver.GetEntity(fullUri, null, null);
}
public shared function GetFile (fileURL as String , resolver as XmlResolver) as Object
' Generate the default PermissionSet using the file URL.
Dim evidence as Evidence = XmlSecureResolver.CreateEvidenceForUrl(fileURL)
Dim myPermissions as PermissionSet = SecurityManager.ResolvePolicy(evidence)
' Modify the PermissionSet to only allow access to http://www.contoso.com.
' Create a WebPermission that only allows access to http://www.contoso.com.
Dim myWebPermission as WebPermission = new WebPermission(NetworkAccess.Connect, "http://www.contoso.com")
' Replace the existing WebPermission in myPermissions with the updated WebPermission.
myPermissions.SetPermission(myWebPermission)
' Use the modified PermissionSet to construct the XmlSecureResolver.
Dim sResolver as XmlSecureResolver = new XmlSecureResolver(resolver, myPermissions)
' Get the object.
Dim fullUri as Uri = sResolver.ResolveUri(nothing, fileURL)
return sResolver.GetEntity(fullUri, nothing, nothing)
end function
另请参阅
适用于
XmlSecureResolver(XmlResolver, Evidence)
使用和XmlSecureResolverXmlResolver指定初始化类的新实例Evidence。
public:
XmlSecureResolver(System::Xml::XmlResolver ^ resolver, System::Security::Policy::Evidence ^ evidence);public XmlSecureResolver(System.Xml.XmlResolver resolver, System.Security.Policy.Evidence evidence);new System.Xml.XmlSecureResolver : System.Xml.XmlResolver * System.Security.Policy.Evidence -> System.Xml.XmlSecureResolverPublic Sub New (resolver As XmlResolver, evidence As Evidence)参数
- resolver
- XmlResolver
由 . 包装的 XmlSecureResolverXML 解析程序。
- evidence
- Evidence
用于创建 PermissionSet 将应用于基础 XmlResolver的证据。 调用XmlSecureResolver基础PermitOnly()之前PermissionSet所创建GetEntity(Uri, String, Type)的方法。XmlResolver
注解
下面是一些可能的方案以及为每个方案提供的证据类型:
如果在完全信任的环境中工作,请使用程序集来创建证据:
Evidence myEvidence = this.GetType().Assembly.Evidence; XmlSecureResolver myResolver; myResolver = new XmlSecureResolver(new XmlUrlResolver(), myEvidence);Dim myEvidence As Evidence = Me.GetType().Assembly.Evidence Dim myResolver As XmlSecureResolver myResolver = New XmlSecureResolver(New XmlUrlResolver(), myEvidence)如果在半受信任的环境中工作,则具有来自外部源的代码或数据,并且知道外部源的来源并具有可验证 URI,请使用 URI 创建证据:
Evidence myEvidence = XmlSecureResolver.CreateEvidenceForUrl(sourceURI); XmlSecureResolver myResolver = new XmlSecureResolver(new XmlUrlResolver(), myEvidence);Dim myEvidence As Evidence = XmlSecureResolver.CreateEvidenceForUrl(sourceURI) Dim myResolver As New XmlSecureResolver(New XmlUrlResolver(), myEvidence)如果在半受信任的环境中工作,并且代码或数据来自外部源,但你也不知道外部源的来源:
将
evidence参数设置为null。 这样就不能访问资源。-或-
如果应用程序需要对资源进行一些访问,请从调用方请求证据。
适用于
XmlSecureResolver(XmlResolver, String)
- Source:
- XmlSecureResolver.cs
- Source:
- XmlSecureResolver.cs
- Source:
- XmlSecureResolver.cs
- Source:
- XmlSecureResolver.cs
- Source:
- XmlSecureResolver.cs
使用XmlSecureResolver提供的 URL 初始化类的新实例XmlResolver。
public:
XmlSecureResolver(System::Xml::XmlResolver ^ resolver, System::String ^ securityUrl);public XmlSecureResolver(System.Xml.XmlResolver resolver, string? securityUrl);public XmlSecureResolver(System.Xml.XmlResolver resolver, string securityUrl);new System.Xml.XmlSecureResolver : System.Xml.XmlResolver * string -> System.Xml.XmlSecureResolverPublic Sub New (resolver As XmlResolver, securityUrl As String)参数
- resolver
- XmlResolver
由 . 包装的 XmlSecureResolverXML 解析程序。
- securityUrl
- String
用于创建 PermissionSet 将应用于基础 XmlResolver的 URL。 XmlSecureResolver在调用基础PermitOnly()之前创建的PermissionSet调用GetEntity(Uri, String, Type)XmlResolver。
示例
此示例使用 XmlSecureResolver(XmlResolver, String) 构造函数创建 XmlSecureResolver 仅允许访问本地 Intranet 站点的对象。
XmlSecureResolver myResolver = new XmlSecureResolver(new XmlUrlResolver(), "http://myLocalSite/");
Dim myResolver As New XmlSecureResolver(New XmlUrlResolver(), "http://myLocalSite/")
注解
Important
在 .NET Framework 公共语言运行时(CLR)上运行的代码的安全基础结构和在 Microsoft SQL Server 2005 中集成的 CLR 上运行的代码存在差异。 这可能会导致为 .NET Framework CLR 开发的代码在SQL Server集成 CLR 上使用时以不同的方式运行的情况。 当你有基于 URL 的证据(即使用XmlSecureResolver方法或CreateEvidenceForUrl构造函数时),其中一个差异会影响XmlSecureResolver(XmlResolver, String)类。 SQL Server 集成 CLR 的策略解析机制不使用 Url 或 Zone 信息。 而是根据服务器在加载程序集时添加的 GUID 授予权限。 在 SQL Server 集成 CLR 中使用 XmlSecureResolver 时,通过使用指定的 PermissionSet 直接提供所需的任何证据。
