Đang chuẩn bị liên kết để tải về tài liệu:
Professional ASP.NET 2.0 Security, Membership, and Role Management phần 4

Không đóng trình duyệt đến khi xuất hiện nút TẢI XUỐNG Tải xuống

Có ít được biết đến khả năng trong hệ thống cấu hình mà bạn có thể sử dụng để hỗ trợ các ứng dụng tin tưởng một phần. Bạn có thể sử dụng một lớp cấu hình tùy chỉnh như là một loại gatekeeper một tính năng và ngăn chặn các tính năng đang được sử dụng trong một ứng dụng tin tưởng một phần | Configuration System Security Demanding Permissions from a Configuration Class There is little known capability in the configuration system that you can use for supporting partial trust applications. You can use a custom configuration class as a kind of gatekeeper to a feature and prevent the feature from being used in a partial trust application. If you remember back to the Chapter 3 on trust levels and the discussion on the processRequestInApplicationTrust attribute there is a subtle issue with features and code being called when only trusted code is on the stack. Custom configuration classes are part of this issue because when configuration is being loaded it isn t guaranteed that there will be any user code on the stack. More importantly the feature that carries out work and that consumes the configuration information may itself always be called with trusted code on the stack. Scenarios like GAC d classes that are HttpModules have this problem. An HttpModule only has the ASP.NET pipeline code sitting above it so any demands a custom HttpModule located in the GAC makes always succeed. A feature can indirectly work around this problem by taking advantage of the fact that the configuration system calls PermitOnly on the named permission set for the current trust level. This behavior is the same approach that the page handler takes when it calls PermitOnly prior to running a page. The configuration system makes this call just before attempting to deserialize a configuration section. As a result a custom configuration class that overrides ConfigurationSection.PostDeserialize can demand an appropriate permission in an override of this method. using System using System.Data.SqlClient using System.Security.Permissions using System.Configuration public class SampleConfigClass ConfigurationSection public SkeletalConfigClass protected override void PostDeserialize SqlClientPermission scp new SqlClientPermission PermissionState.Unrestricted scp.Demand the rest of the .