System.Net.WebPermission Class

Summary

Controls rights to access an HTTP Internet resources.

C# Syntax:

[Serializable] public sealed class WebPermission : CodeAccessPermission, IUnrestrictedPermission

WebPermission provides a set of methods and properties to control access to Internet resources. You can use a WebPermission to provide either restricted or unrestricted access to your resource, based on the PermissionState set when the WebPermission is created.

Create a WebPermission instance by calling its constructor using one of the following sets of parameters:

• No parameters. The default PermissionState is PermissionState.None.
• A PermissionState. Specify either PermissionState.Unrestricted to allow any URI to be used in the target class, or PermissionState.None to allow access only to URIs you specify through the use of the WebPermission.AddPermission method.
• A NetworkAccess value and a URI string. The specified URI has permissions granted by the NetworkAccess value.
• A NetworkAccess specifier and URI regular expression.

The WebPermission.ConnectList and WebPermission.AcceptList hold the URIs to which you have granted access permission. To add a URI to either of these lists, use WebPermission.AddPermission. If you pass NetworkAccess.Accept as the NetworkAccess parameter, the URI will be added to the WebPermission.AcceptList. WebPermission will allow connections to your target class with URIs matching the WebPermission.AcceptList.

The following example demonstrates how to create a new instance of WebPermission using a Regex. Additional hosts are added to the connect and accept list of WebPermission. Finally the connect and accept list are displayed to the console.

System.Net Namespace | CodeAccessPermission | PermissionState | NetworkAccess

System.Net.WebPermission Member List:

Public Constructors

ctor #1	Overloaded: .ctor() Default constructor. This constructor is called by derived class constructors to initialize state in this type. Creates a new instance of the WebPermission class.
ctor #2	Overloaded: .ctor(PermissionState state) Creates a new instance of the WebPermission class that passes all demands or fails all demands.
ctor #3	Overloaded: .ctor(NetworkAccess access, Regex uriRegex) Initializes a new instance of the WebPermission class with the specified access rights for the specified URI regular expression.
ctor #4	Overloaded: .ctor(NetworkAccess access, string uriString) Initializes a new instance of the WebPermission class with the specified access rights for the specified URI.

Public Properties

AcceptList	Read-only This property returns an enumeration of a single accept permissions held by this WebPermission. The possible objects types contained in the returned enumeration are String and Regex.
ConnectList	Read-only This property returns an enumeration of a single connect permissions held by this WebPermission. The possible objects types contained in the returned enumeration are String and Regex.

Public Methods

AddPermission	Overloaded: AddPermission(NetworkAccess access, Regex uriRegex) Adds the specified URI with the specified access rights to the current WebPermission.
AddPermission	Overloaded: AddPermission(NetworkAccess access, string uriString) Adds the specified URI string with the specified access rights to the current WebPermission.
Assert (inherited from System.Security.CodeAccessPermission)	See base class member description: System.Security.CodeAccessPermission.Assert Asserts that calling code can access the resource identified by the current permission through the code that calls this method, even if callers higher in the stack have not been granted permission to access the resource.
Copy	Overridden: Creates a copy of a WebPermission.
Demand (inherited from System.Security.CodeAccessPermission)	See base class member description: System.Security.CodeAccessPermission.Demand Forces a SecurityException at run time if all callers higher in the call stack have not been granted the permission specified by the current instance.
Deny (inherited from System.Security.CodeAccessPermission)	See base class member description: System.Security.CodeAccessPermission.Deny Prevents callers higher in the call stack from using the code that calls this method to access the resource specified by the current instance.
Equals (inherited from System.Object)	See base class member description: System.Object.Equals Derived from System.Object, the primary base class for all objects.
FromXml	Overridden: Reconstructs a WebPermission from an XML encoding.
GetHashCode (inherited from System.Object)	See base class member description: System.Object.GetHashCode Derived from System.Object, the primary base class for all objects.
GetType (inherited from System.Object)	See base class member description: System.Object.GetType Derived from System.Object, the primary base class for all objects.
Intersect	Overridden: Returns the logical intersection of two WebPermission s.
IsSubsetOf	Overridden: Determines whether the current WebPermission is a subset of the specified object.
IsUnrestricted	Checks the overall permission state of the WebPermission.
PermitOnly (inherited from System.Security.CodeAccessPermission)	See base class member description: System.Security.CodeAccessPermission.PermitOnly Prevents callers higher in the call stack from using the code that calls this method to access all resources except for the resource specified by the current instance.
ToString (inherited from System.Security.CodeAccessPermission)	See base class member description: System.Security.CodeAccessPermission.ToString Creates and returns a string representation of the current permission object.
ToXml	Overridden: Creates an XML encoding of a WebPermission and its current state.
Union	Overridden: Returns the logical union between two instances of the WebPermission class.

Protected Methods

Finalize (inherited from System.Object)	See base class member description: System.Object.Finalize Derived from System.Object, the primary base class for all objects.
MemberwiseClone (inherited from System.Object)	See base class member description: System.Object.MemberwiseClone Derived from System.Object, the primary base class for all objects.

Hierarchy:

• System.Object
• System.Security.CodeAccessPermission
• System.Net.WebPermission

System.Net.WebPermission Member Details

Summary

Creates a new instance of the WebPermission class.

Default constructor. This constructor is called by derived class constructors to initialize state in this type.

C# Syntax:

public WebPermission();

Creates a new instance of the WebPermission class. This constructor does not initialize WebPermission with any PermissionState. If you want to set the PermissionState,use the public method WebPermission.IsUnrestricted.

Return to top

Summary

Creates a new instance of the WebPermission class that passes all demands or fails all demands.

C# Syntax:

public WebPermission(    PermissionState state );

state

A PermissionState value.

The value of the state parameter is either PermissionState.None or PermissionState.Unrestricted, respectively yielding fully restricted or fully unrestricted access to all security variables. If you specify PermissionState.None, then you may give access to individual URI's using WebPermission.AddPermission.

The following example creates an instance of WebPermission and gives access rights to only one URL.

		      // Creates a 'WebPermission'.	
		      WebPermission myWebPermission1 = new WebPermission(PermissionState.None);

		      // Allows access to the first set of URL's.
		      myWebPermission1.AddPermission(NetworkAccess.Connect,"http://www.microsoft.com");
               myWebPermission1.AddPermission(NetworkAccess.Connect,"http://www.msn.com");

		      // Checks whether all callers higher in the call stack have been granted the permissionor not.
		      myWebPermission1.Demand();


    

Return to top

Summary

Initializes a new instance of the WebPermission class with the specified access rights for the specified URI regular expression.

C# Syntax:

public WebPermission(    NetworkAccess access,    Regex uriRegex );

access

A NetworkAccess value indicating what kind of access to grant to the specified URI. NetworkAccess.Accept indicates that the application is allowed to accept connections from the Internet on a local resource. NetworkAccess.Connect indicates that the application is allowed to connect to specific Internet resources. A NetworkAccess value indicating what kind of access to grant to the specified URI. NetworkAccess.Accept indicates that the application is allowed to accept connections from the Internet on a local resource. NetworkAccess.Connect indicates that the application is allowed to connect to specific Internet resources.

uriRegex

A regular expression describing the URI to which acess is to be granted.

This constructor initializes a WebPermission and grants its target permission to either make a remote host connection or to accept a remote host connection using the URI described by the uriRegex parameter.

Note It is recommended to create uriRegex using the RegexOptions.IgnoreCase, RegexOptions.Compiled, and RegexOptions.Singleline flags.

The following example creates a new instance of WebPermission with connect rights for the specified Regex.

		  // Creates an instance of 'Regex' that accepts all  URL's containing the host fragment 'www.contoso.com'.
		  Regex myRegex = new Regex("http://www.contoso.com/*");

		  // Creates a 'WebPermission' that gives the permissions to all the hosts containing same host fragment.
        WebPermission myWebPermission = new WebPermission(NetworkAccess.Connect,myRegex);
        myWebPermission.AddPermission(NetworkAccess.Connect,"http://www.contoso.com/Servers");
		  myWebPermission.AddPermission(NetworkAccess.Connect,"http://www.contoso.com/windows");
		  myWebPermission.AddPermission(NetworkAccess.Connect,"http://www.contoso.com/office");
		  // Checks all callers higher in the call stack have been granted the permission.
		  myWebPermission.Demand();
		  

    

Return to top

Summary

Initializes a new instance of the WebPermission class with the specified access rights for the specified URI.

C# Syntax:

public WebPermission(    NetworkAccess access,    string uriString );

access

A NetworkAccess value indicating what kind of access to grant to the specified URI. NetworkAccess.Accept indicates that the application is allowed to accept connections from the Internet on a local resource. NetworkAccess.Connect indicates that the application is allowed to connect to specific Internet resources. A NetworkAccess value indicating what kind of access to grant to the specified URI. NetworkAccess.Accept indicates that the application is allowed to accept connections from the Internet on a local resource. NetworkAccess.Connect indicates that the application is allowed to connect to specific Internet resources.

uriString

A URI string to which access rights are granted.

This constructor initializes a WebPermission and grants its target permission to either make a remote host connection or to accept a remote host connection using the URI described by the uriString parameter.

The following example creates a new instance of WebPermission with connect rights for the specified URI.

	      // Creates a WebPermission.
	      WebPermission myWebPermission1 = new WebPermission(NetworkAccess.Connect,"http://www.contoso.com");
	      myWebPermission1.Demand();

    

Return to top

Summary

This property returns an enumeration of a single accept permissions held by this WebPermission. The possible objects types contained in the returned enumeration are String and Regex.

C# Syntax:

public IEnumerator AcceptList {get;}

This property gets a list of local resources permitted by this WebPermission. The class to which you have applied WebPermission only has permission to receive an incoming connection to local resources found in this list.

Note You can add URIs to this list using WebPermission.AddPermission.

The following example prints the URL's in the WebPermission.AcceptList to the console.

      		
 		      // Get all URI's with Accept permission.	  
	         IEnumerator myEnum1 = myWebPermission1.AcceptList;
		      Console.WriteLine("\n\nThe URIs with Accept permission are :\n");
		      while (myEnum1.MoveNext())
		               Console.WriteLine("\tThe URI is : "+myEnum1.Current);
      			  

    

Return to top

Summary

This property returns an enumeration of a single connect permissions held by this WebPermission. The possible objects types contained in the returned enumeration are String and Regex.

C# Syntax:

public IEnumerator ConnectList {get;}

This property gets a list of remote resources permitted by this WebPermission. The class to which you have applied WebPermission only has permission to connect with resources found in this list.

Note You can add URIs to this list using WebPermission.AddPermission.

The following example prints the URL's in the WebPermission.ConnectList to the console.

      		  
		      // Gets all URIs with Connect permission.
		      IEnumerator myEnum = myWebPermission1.ConnectList;
		      Console.WriteLine("\nThe URIs with Connect permission are :\n");
		      while (myEnum.MoveNext())
		               Console.WriteLine("\tThe URI is : "+myEnum.Current);
      			  

    

Return to top

Summary

Adds the specified URI with the specified access rights to the current WebPermission.

C# Syntax:

public void AddPermission(    NetworkAccess access,    Regex uriRegex );

access

A NetworkAccess specifying the access rights granted to the URI.

uriRegex

A regular expression describing the set of URI's to which access rights are granted.

Exceptions

Exception Type	Condition
ArgumentNullException	The uriRegex parameter is null.

If you have specified PermissionState.None as the PermissionState, use WebPermission.AddPermission to allow the use of uriRegex in the target class. Specify NetworkAccess.Accept as the access parameter to add the URI specified by the uriRegex parameter to the list of URI accept strings, or specify NetworkAccess.Connect as the access parameter to add the URI to the list of URI connect strings.

Note Calling WebPermission.AddPermission on an PermissionState.Unrestricted WebPermission instance will have no effect as permission is granted to all URI's.

Note It is recommended to create uriRegex using the RegexOptions.IgnoreCase, RegexOptions.Compiled, and RegexOptions.Singleline flags.

The following example uses WebPermission.AddPermission to give access rights for the specified URI.

	      // Creates a WebPermission.
	      WebPermission myWebPermission1 = new WebPermission();

	      // Allows Connect access to the specified URLs.
	      myWebPermission1.AddPermission(NetworkAccess.Connect,"http://www.contoso.com");
		   myWebPermission1.AddPermission(NetworkAccess.Connect,"http://www.adventure-works.com");
	      myWebPermission1.AddPermission(NetworkAccess.Connect,"http://www.alpineskihouse.com");

	     
	      // Creates a Regex with the www.contoso.com host fragment as the regular expression. 	
	      Regex myRegex = new Regex("http://www.contoso.com/*");

      	// Allows access to the set of URLs that contain the regular expression myRegex.
	      myWebPermission1.AddPermission(NetworkAccess.Connect,myRegex);
	      myWebPermission1.Demand();


    

Return to top

Summary

Adds the specified URI string with the specified access rights to the current WebPermission.

C# Syntax:

public void AddPermission(    NetworkAccess access,    string uriString );

access

A NetworkAccess specifying the access rights granted to the URI

uriString

A string describing the URI to which access rights are granted.

Exceptions

Exception Type	Condition
ArgumentNullException	uriString is null.

If you have specified PermissionState.None as the PermissionState, use WebPermission.AddPermission to permit the use of uriString in the target class. The way that uriString can be used by the target class is specified by access. Specify NetworkAccess.Accept as the access parameter to add the URI specified by the uriString parameter to the list of URI accept strings, or specify NetworkAccess.Connect as the access parameter to add the URI to the list of URI connect strings.

Note Calling WebPermission.AddPermission on PermissionState.Unrestricted WebPermission will have no effect, as permission is granted to all URI's.

The following example demonstrates how to add access rights to particular URL strings.

		    // Allows access to a set of resources.
	           myWebPermission1.AddPermission(NetworkAccess.Connect,"http://www.contoso.com");
	           myWebPermission1.AddPermission(NetworkAccess.Connect,"http://www.adventure-works.com");
		    
                 // Checks whether all callers higher in the call stack have been granted the permissionor.
		    myWebPermission1.Demand();
		 


    

Return to top

Inherited
See base class member description: System.Security.CodeAccessPermission.Assert

Summary

Asserts that calling code can access the resource identified by the current permission through the code that calls this method, even if callers higher in the stack have not been granted permission to access the resource.

C# Syntax:

public void Assert();

Exceptions

Exception Type	Condition
SecurityException	The calling code does not have SecurityPermissionFlag.Assertion. -or- There is already an active CodeAccessPermission.Assert for the current frame.

Implements:

IStackWalk.Assert

The call stack is typically represented as growing down, so that methods higher in the call stack call methods lower in the call stack. Calling CodeAccessPermission.Assert prevents a stack walk originating lower in the call stack from proceeding up the call stack beyond the code that calls this method. Therefore, even if callers higher on the call stack do not have the requisite permissions to access a resource, they can still access it through the code that calls this method on the necessary permission. An assertion is effective only if the code that calls CodeAccessPermission.Assert passes the security check for the permission that it is asserting.

The call to CodeAccessPermission.Assert is effective until the calling code returns to its caller. Only one CodeAccessPermission.Assert can be active on a frame. An attempt to call CodeAccessPermission.Assert when an active CodeAccessPermission.Assert exists on the frame results in a SecurityException. Call CodeAccessPermission.RevertAssert or CodeAccessPermission.RevertAll to remove an active CodeAccessPermission.Assert.

CodeAccessPermission.Assert is ignored for a permission not granted because a demand for that permission will not succeed. However, if code lower on the call stack calls CodeAccessPermission.Demand for that permission, a SecurityException is thrown when the stack walk reaches the code that tried to call CodeAccessPermission.Assert. This happens because the code that called CodeAccessPermission.Assert has not been granted the permission, even though it tried to CodeAccessPermission.Assert it.

Because calling CodeAccessPermission.Assert removes the requirement that all code in the call chain must be granted permission to access the specified resource, it can open up security vulnerabilities if used incorrectly or inappropriately. Therefore, it should be used with great caution.

Notes to inheritors: You cannot override this method.

SecurityPermission for the ability to call CodeAccessPermission.Assert. Associated enumeration: SecurityPermissionFlag.Assertion

Return to top

Summary

Creates a copy of a WebPermission.

C# Syntax:

public override IPermission Copy();

Return Value:

A new instance of the WebPermission class that has the same values as the original

Implements:

IPermission.Copy

The IPermission returned by this method represents the same access to resources as the original WebPermission. This method overrides CodeAccessPermission.Copy and is implemented to support the IPermission interface.

The following example demonstrates how to create a second instance of WebPermission using WebPermission.Copy. This second instance is identical to the first.

		      // Creates another WebPermission instance that is the copy of the above WebPermission instance.
	         WebPermission myWebPermission2 = (WebPermission) myWebPermission1.Copy();

		      // Checks whether all callers higher in the call stack have been granted the permissionor not.
		      myWebPermission2.Demand();
	   

    

Return to top

Inherited
See base class member description: System.Security.CodeAccessPermission.Demand

Summary

Forces a SecurityException at run time if all callers higher in the call stack have not been granted the permission specified by the current instance.

C# Syntax:

public void Demand();

Exceptions

Exception Type	Condition
SecurityException	A caller higher in the call stack does not have the permission specified by the current instance. -or- A caller higher in the call stack has called CodeAccessPermission.Deny on the current permission object.

Implements:

IPermission.Demand

Implements:

IStackWalk.Demand

This method is typically used by secure libraries to ensure that callers have permission to access a resource. For example, a file class in a secure class library calls CodeAccessPermission.Demand for the necessary FileIOPermission before performing a file operation requested by the caller.

The permissions of the code that calls this method are not examined; the check begins from the immediate caller of that code and proceeds up the stack. The call stack is typically represented as growing down, so that methods higher in the call stack call methods lower in the call stack. CodeAccessPermission.Demand succeeds only if no SecurityException is raised.

Notes to inheritors: You cannot override this method.

Return to top

Inherited
See base class member description: System.Security.CodeAccessPermission.Deny

Summary

Prevents callers higher in the call stack from using the code that calls this method to access the resource specified by the current instance.

C# Syntax:

public void Deny();

Exceptions

Exception Type	Condition
SecurityException	There is already an active CodeAccessPermission.Deny for the current frame.

Implements:

IStackWalk.Deny

This method prevents callers higher in the call stack from accessing the protected resource through the code that calls this method, even if those callers have been granted permission to access it. The call stack is typically represented as growing down, so that methods higher in the call stack call methods lower in the call stack.

CodeAccessPermission.Deny can limit the liability of the programmer or prevent accidental security vulnerabilities because it prevents the method that calls CodeAccessPermission.Deny from being used to access the resource protected by the denied permission. If a method calls CodeAccessPermission.Deny on a permission, and if a CodeAccessPermission.Demand for that permission is invoked by a caller lower in the call stack, that security check will fail when it reaches the CodeAccessPermission.Deny.

The call to CodeAccessPermission.Deny is effective until the calling code returns to its caller. Only one CodeAccessPermission.Deny can be active on a frame. An attempt to call CodeAccessPermission.Deny when an active CodeAccessPermission.Deny exists on the frame results in a SecurityException. Call CodeAccessPermission.RevertDeny or CodeAccessPermission.RevertAll to remove an active CodeAccessPermission.Deny. CodeAccessPermission.Deny is ignored for a permission not granted because a demand for that permission will not succeed.

Notes to inheritors: You cannot override this method.

Return to top

Inherited
See base class member description: System.Object.Equals

C# Syntax:

public virtual bool Equals(    object obj );

For more information on members inherited from System.Object click on the link above.

Return to top

Inherited
See base class member description: System.Object.Finalize

C# Syntax:

~WebPermission();

For more information on members inherited from System.Object click on the link above.

Return to top

Summary

Reconstructs a WebPermission from an XML encoding.

C# Syntax:

public override void FromXml(    SecurityElement securityElement );

securityElement

The XML encoding from which to reconstruct the WebPermission. The XML encoding from which to reconstruct the WebPermission.

Exceptions

Exception Type	Condition
ArgumentNullException	The securityElement parameter is null
ArgumentException	securityElement is not a permission element for this type.

Implements:

ISecurityEncodable.FromXml

The WebPermission.FromXml method reconstructs a WebPermission from an XML encoding defined by the SecurityElement class.

Use the WebPermission.ToXml method to XML-encode the WebPermission, including state information.

The following example creates a SecurityElement, populates its attributes, and uses WebPermission.FromXml to transfer this information to an instance of WebPermission.

		   // Creates  a WebPermission with no permission to the protected resource.
		   WebPermission myWebPermission1 = new WebPermission(PermissionState.None);

		   // Creates a SecurityElement by calling the ToXml method on WebPermission instance and 
			// print its attributes which hold the XML encoding of the WebPermission.
		   Console.WriteLine("Attributes and Values of the WebPermission are :");
		   PrintKeysAndValues(myWebPermission1.ToXml().Attributes);

                 // Creates another WebPermission with no permission to the protected resource.
		   WebPermission myWebPermission2 = new WebPermission(PermissionState.None);

		   //Converts the new WebPermission from XML using myWebPermission1.
		    myWebPermission2.FromXml(myWebPermission1.ToXml());

		    

    

Return to top

Inherited
See base class member description: System.Object.GetHashCode

C# Syntax:

public virtual int GetHashCode();

For more information on members inherited from System.Object click on the link above.

Return to top

Inherited
See base class member description: System.Object.GetType

C# Syntax:

public Type GetType();

For more information on members inherited from System.Object click on the link above.

Return to top

Summary

Returns the logical intersection of two WebPermission s.

C# Syntax:

public override IPermission Intersect(    IPermission target );

target

The WebPermission to compare with the current instance.

Return Value:

A new WebPermission that represents the intersection of the current instance and the target parameter. If the intersection is empty, the method returns null.

Exceptions

Exception Type	Condition
ArgumentException	target is not of type WebPermission

Implements:

IPermission.Intersect

WebPermission.Intersect returns a WebPermission that contains those permissions that are common in both target and the current instance.

This method overrides CodeAccessPermission.Intersect and is implemented to support the IPermission interface.

The following example shows how to create an instance of WebPermission using the logical intersection of two exisiting WebPermission s.

		    // Creates a third WebPermission instance by logical intersection of the first two WebPermission instances.
	       WebPermission myWebPermission3 =(WebPermission) myWebPermission1.Intersect(myWebPermission2);

	       Console.WriteLine("\nAttributes and Values of  the WebPermission instance after the Intersect are:\n");   
	       Console.WriteLine(myWebPermission3.ToXml().ToString());


    

Return to top

Summary

Determines whether the current WebPermission is a subset of the specified object.

C# Syntax:

public override bool IsSubsetOf(    IPermission target );

target

The WebPermission to compare to the current WebPermission.

Return Value:

true if the current instance is a subset of the target parameter; otherwise, false. If the target is null, the method returns true for an empty current permission and false otherwise.

Exceptions

Exception Type	Condition
ArgumentException	the target parameter is not an instance of WebPermission.
NotSupportedException	If the current instance contains a Regex-encoded right and there is not exactly same right found in the target instance.

Implements:

IPermission.IsSubsetOf

If the current WebPermission specifies a set of associated resources that is wholly contained by the target parameter, then the current WebPermission is a subset of target. This method overrides WebPermission.IsSubsetOf and is implemented to support the IPermission interface.

The following example uses WebPermission.IsSubsetOf to determine if the access rights found in one instance of WebPermission are found in another instance of WebPermission.

// Create the target permission.
WebPermission targetPermission = new WebPermission();
targetPermission.AddPermission(NetworkAccess.Connect, new Regex("www\\.contoso\\.com/Public/*"));

// Create the permission for a URI matching target.
WebPermission connectPermission = new WebPermission();
connectPermission.AddPermission(NetworkAccess.Connect, "www.contoso.com/Public/default.htm");

//The following statement prints true.
Console.WriteLine(connectPermission.IsSubsetOf(targetPermission));

    

Return to top

Summary

Checks the overall permission state of the WebPermission.

C# Syntax:

public bool IsUnrestricted();

Return Value:

true if the WebPermission was created with the PermissionState.Unrestricted PermissionState; otherwise, false.

Implements:

IUnrestrictedPermission.IsUnrestricted

If WebPermission is PermissionState.Unrestricted, then the target class can use all URIs. Otherwise, specific permission must be given for any URI you want to use with the target class.

Note Use WebPermission.AddPermission to add a URI and specify its permissions.

Return to top

Inherited
See base class member description: System.Object.MemberwiseClone

C# Syntax:

protected object MemberwiseClone();

For more information on members inherited from System.Object click on the link above.

Return to top

Inherited
See base class member description: System.Security.CodeAccessPermission.PermitOnly

Summary

Prevents callers higher in the call stack from using the code that calls this method to access all resources except for the resource specified by the current instance.

C# Syntax:

public void PermitOnly();

Exceptions

Exception Type	Condition
SecurityException	There is already an active CodeAccessPermission.PermitOnly for the current frame.

Implements:

IStackWalk.PermitOnly

CodeAccessPermission.PermitOnly is similar to CodeAccessPermission.Deny, in that both cause stack walks to fail when they would otherwise succeed. The difference is that CodeAccessPermission.Deny specifies permissions that will cause the stack walk to fail, but CodeAccessPermission.PermitOnly specifies the only permissions that do not cause the stack walk to fail.

Call this method to ensure that your code can be used to access only the specified resources. The call to CodeAccessPermission.PermitOnly is effective until the calling code returns to its caller. Only one CodeAccessPermission.PermitOnly can be active on a frame. An attempt to call CodeAccessPermission.PermitOnly when an active CodeAccessPermission.PermitOnly exists on the frame results in a SecurityException. Call CodeAccessPermission.RevertPermitOnly or CodeAccessPermission.RevertAll to remove an active CodeAccessPermission.PermitOnly.

CodeAccessPermission.PermitOnly is ignored for a permission not granted because a demand for that permission will not succeed. However, if code lower on the call stack later calls CodeAccessPermission.Demand for that permission, a SecurityException is thrown when the stack walk reaches the code that tried to call CodeAccessPermission.PermitOnly. This is because the code that called CodeAccessPermission.PermitOnly has not been granted the permission, even though it called CodeAccessPermission.PermitOnly for that permission. The call stack is typically represented as growing down, so that methods higher in the call stack call methods lower in the call stack.

Notes to inheritors: You cannot override this method.

Return to top

Inherited
See base class member description: System.Security.CodeAccessPermission.ToString

Summary

Creates and returns a string representation of the current permission object.

C# Syntax:

public override string ToString();

Return Value:

A string representation of the current permission object.

This method is useful in debugging when you need to display the permission as a string.

Return to top

Summary

Creates an XML encoding of a WebPermission and its current state.

C# Syntax:

public override SecurityElement ToXml();

Return Value:

A SecurityElement containing an XML-encoded representation of the WebPermission, including state information.

Implements:

ISecurityEncodable.ToXml

Use the WebPermission.FromXml method to restore the state information from a SecurityElement.

The following example demonstrates how to use WebPermission.ToXml to create a SecurityElement and print its attributes to the console.

		   // Creates  a WebPermission with no permission to the protected resource.
		   WebPermission myWebPermission1 = new WebPermission(PermissionState.None);

		   // Creates a SecurityElement by calling the ToXml method on WebPermission instance and 
			// print its attributes which hold the XML encoding of the WebPermission.
		   Console.WriteLine("Attributes and Values of the WebPermission are :");
		   PrintKeysAndValues(myWebPermission1.ToXml().Attributes);

                 // Creates another WebPermission with no permission to the protected resource.
		   WebPermission myWebPermission2 = new WebPermission(PermissionState.None);

		   //Converts the new WebPermission from XML using myWebPermission1.
		    myWebPermission2.FromXml(myWebPermission1.ToXml());

		    

    

Return to top

Summary

Returns the logical union between two instances of the WebPermission class.

C# Syntax:

public override IPermission Union(    IPermission target );

target

The WebPermission to combine with the current WebPermission.

Return Value:

A WebPermission that represents the union of the current instance and the target parameter. If either WebPermission is PermissionState.Unrestricted, the method returns a WebPermission that is PermissionState.Unrestricted. If the target is null, returns a copy of current WebPermission.

Implements:

IPermission.Union

WebPermission.Union returns a WebPermission that contains all the permissions in both target and the current instance.

The following example takes the logical union of two WebPermission instances to create a third instance of WebPermission.

	      // Creates another WebPermission that is the Union of the two WebPermission instances.
	      WebPermission myWebPermission3 =(WebPermission) myWebPermission1.Union(myWebPermission2);
	      Console.WriteLine("\nAttributes and values of the WebPermission after the Union are : ");
    	   // Displays the attributes,values and children.
    	      Console.WriteLine(myWebPermission3.ToXml().ToString());


    

Return to top

Top of page