System.Net.WebPermissionAttribute Class

Summary

Specifies permission to access Internet resources. This class cannot be inherited.

C# Syntax:

[AttributeUsage(AttributeTargets.Assembly | AttributeTargets.Class | AttributeTargets.Struct | AttributeTargets.Constructor | AttributeTargets.Method)] [Serializable] public sealed class WebPermissionAttribute : CodeAccessSecurityAttribute

WebPermissionAttribute allows you to declaratively specify which URI strings and regular expression strings your class can use.

The security information specified in the WebPermissionAttribute is stored in the metadata of the attribute target, which is the class to which WebPermissionAttribute is applied. The system accesses this information at run time. The SecurityAction passed to the constructor determines the allowable WebPermissionAttribute targets. The system uses the WebPermission returned by the WebPermissionAttribute.CreatePermission method to convert the security information of the attribute target to a serializable form stored in metadata.

Note WebPermissionAttribute is used only for the conceptual topic at MSDN: declarativesecurity. For the conceptual topic at MSDN: imperativesecurity, use the corresponding WebPermission.

The following example demonstrates how to apply WebPermissionAttribute to a method.

	// Checks the permission using declarative security for the URL.
	 [WebPermission(SecurityAction.Demand, ConnectPattern = "http://www.contoso.com.*")]
	 public void Connect() 
	 {
	       // Creates a Connection.	 
	       HttpWebRequest myWebRequest = (HttpWebRequest)WebRequest.Create("http://www.contoso.com");
	       Console.WriteLine("Connecting to 'http://www.contoso.com'...........");
	       HttpWebResponse myWebResponse = (HttpWebResponse)myWebRequest.GetResponse();
	       Console.WriteLine("Connection Created Successfully:\n");
	       Console.WriteLine("Getting data from 'www.contoso.com..............");
	       StreamReader readStream = new StreamReader(myWebResponse.GetResponseStream());
	       Console.WriteLine("The contents of the file are :\n");
	       Console.WriteLine(readStream.ReadToEnd());
		    readStream.Close();
	       // Releases the response object resources.
		    myWebResponse.Close();
	 }


    

System.Net Namespace

System.Net.WebPermissionAttribute Member List:

Public Constructors

ctor #1

Initializes a new instance of the WebPermissionAttribute class with a value that specifies the security actions that can be performed on this class.

Public Properties

Accept	Read-write Gets or sets the URI string accepted by the current WebPermissionAttribute.
AcceptPattern	Read-write Gets or sets a regular expression pattern that describes the URI accepted by the current WebPermissionAttribute.
Action (inherited from System.Security.Permissions.SecurityAttribute)	Read-write See base class member description: System.Security.Permissions.SecurityAttribute.Action Gets or sets a security action.
Connect	Read-write Gets or sets the URI connection string controlled by the current WebPermissionAttribute.
ConnectPattern	Read-write Gets or sets a regular expression pattern that describes the URI connection controlled by the current WebPermissionAttribute.
TypeId (inherited from System.Attribute)	Read-only See base class member description: System.Attribute.TypeId When implemented in a derived class, gets a unique identifier for this Attribute.
Unrestricted (inherited from System.Security.Permissions.SecurityAttribute)	Read-write See base class member description: System.Security.Permissions.SecurityAttribute.Unrestricted Gets or sets a value indicating whether full (unrestricted) permission to the resource protected by the attribute is declared.

Public Methods

CreatePermission	Overridden: Creates and returns a new instance of the WebPermission class.
Equals (inherited from System.Object)	See base class member description: System.Object.Equals Derived from System.Object, the primary base class for all objects.
GetHashCode (inherited from System.Attribute)	See base class member description: System.Attribute.GetHashCode Returns the hash code for this instance.
GetType (inherited from System.Object)	See base class member description: System.Object.GetType Derived from System.Object, the primary base class for all objects.
IsDefaultAttribute (inherited from System.Attribute)	See base class member description: System.Attribute.IsDefaultAttribute When overridden in a derived class, returns an indication whether the value of this instance is the default value for the derived class.
Match (inherited from System.Attribute)	See base class member description: System.Attribute.Match When overridden in a derived class, returns a value indicating whether this instance equals a specified object.
ToString (inherited from System.Object)	See base class member description: System.Object.ToString Derived from System.Object, the primary base class for all objects.

Protected Methods

Finalize (inherited from System.Object)	See base class member description: System.Object.Finalize Derived from System.Object, the primary base class for all objects.
MemberwiseClone (inherited from System.Object)	See base class member description: System.Object.MemberwiseClone Derived from System.Object, the primary base class for all objects.

Hierarchy:

• System.Object
• System.Attribute
• System.Security.Permissions.SecurityAttribute
• System.Security.Permissions.CodeAccessSecurityAttribute
• System.Net.WebPermissionAttribute

System.Net.WebPermissionAttribute Member Details

Summary

Initializes a new instance of the WebPermissionAttribute class with a value that specifies the security actions that can be performed on this class.

C# Syntax:

public WebPermissionAttribute(    SecurityAction action );

action

One of the SecurityAction values. One of the SecurityAction values.

The SecurityAction value passed to this constructor specifies the allowable security actions that can be performed on this class.

The following example demonstrates how to apply WebPermissionAttribute to a method.

	// Demonstrates the declarative security for the URI.
	 [WebPermission(SecurityAction.Deny, Connect = "http://www.contoso.com/")]
	 public void Connect() 
	 {
	       // Throws an exception.	 
              try{
	          HttpWebRequest myWebRequest = (HttpWebRequest)WebRequest.Create("http://www.contoso.com");
	       }
	       catch(Exception e){
                  Console.WriteLine("Exception : " + e.ToString());
	       }

    

Return to top

Summary

Gets or sets the URI string accepted by the current WebPermissionAttribute.

C# Syntax:

public string Accept {get; set;}

Exceptions

Exception Type	Condition
ArgumentException	WebPermissionAttribute.Accept is not null when you attempt to set the value. If you wish to specify more than one Accept URI, use an additional attribute declaration statement.

When applying WebPermissionAttribute to your class, this property specifies what URI string will be accepted for use within your class. This permission is applied when the security system calls WebPermissionAttribute.CreatePermission. This property is write-once.

The following example demonstrates how to use WebPermissionAttribute to specify an allowable WebPermissionAttribute.Accept string.

[WebPermission(SecurityAction.Deny, Accept="http://www.contoso.com/Private.htm")]
[WebPermission(SecurityAction.Assert, Accept="http://www.contoso.com/Public.htm")]
public static void CheckAcceptPermission(string uriToCheck) {
	WebPermission permissionToCheck = new WebPermission();
	permissionToCheck.AddPermission(NetworkAccess.Accept, uriToCheck);
	permissionToCheck.Demand();
}

public static void demoDenySite() {
	//Passes a security check.
	CheckAcceptPermission("http://www.contoso.com/Public.htm");
	Console.WriteLine("Public page has passed Accept permission check");
	try {
		//Throws a SecurityException.
		CheckAcceptPermission("http://www.contoso.com/Private.htm");
		Console.WriteLine("This line will not be printed");
	}
	catch (SecurityException e) {
		Console.WriteLine("Expected exception" + e.Message);
	}

 }


    

Return to top

Summary

Gets or sets a regular expression pattern that describes the URI accepted by the current WebPermissionAttribute.

C# Syntax:

public string AcceptPattern {get; set;}

Exceptions

Exception Type	Condition
ArgumentException	WebPermissionAttribute.AcceptPattern is not null when you attempt to set the value. If you wish to specify more than one Accept URI, use an additional attribute declaration statement.

When applying WebPermissionAttribute to your class, this property specifies what regular expression string will be accepted for use within your class. This property is write-once.

The following example demonstrates how to use WebPermissionAttribute to specify an allowable WebPermissionAttribute.AcceptPattern.

[WebPermission(SecurityAction.Deny, AcceptPattern="http://www.contoso\\.com/Private/.*")]
[WebPermission(SecurityAction.Assert, AcceptPattern="http://www.contoso\\.com/Public/.*")]
public static void CheckAcceptPermission(string uriToCheck) {
	WebPermission permissionToCheck = new WebPermission();
	permissionToCheck.AddPermission(NetworkAccess.Accept, uriToCheck);
	permissionToCheck.Demand();
}

public static void demoDenySite() {
	//Passes a security check.
	CheckAcceptPermission("http://www.contoso.com/Public/page.htm");
	Console.WriteLine("Public page has passed Accept permission check");

	try {
		//Throws a SecurityException.
		CheckAcceptPermission("http://www.contoso.com/Private/page.htm");
		Console.WriteLine("This line will not be printed");
}
	catch (SecurityException e) {
		Console.WriteLine("Expected exception" + e.Message);
	}

 }


    

Return to top

Inherited
See base class member description: System.Security.Permissions.SecurityAttribute.Action

Summary

Gets or sets a security action.

C# Syntax:

public SecurityAction Action {get; set;}

This property is inherited by all classes implementing custom attributes for declarative security.

Return to top

Summary

Gets or sets the URI connection string controlled by the current WebPermissionAttribute.

C# Syntax:

public string Connect {get; set;}

Exceptions

Exception Type	Condition
ArgumentException	WebPermissionAttribute.Connect is not null when you attempt to set the value. If you wish to specify more than one Connect URI, use an additional attribute declaration statement.

When applying WebPermissionAttribute to your class, this property specifies what URI connection is accepted for use within your class. This property is write-once.

The following example demonstrates how to use WebPermissionAttribute to specify an allowable WebPermissionAttribute.Connect string.

[WebPermission(SecurityAction.Deny, Connect="http://www.contoso.com/Private.htm")]
[WebPermission(SecurityAction.Assert, Connect="http://www.contoso.com/Public.htm")]
public static void CheckConnectPermission(string uriToCheck) {
	WebPermission permissionToCheck = new WebPermission();
	permissionToCheck.AddPermission(NetworkAccess.Connect, uriToCheck);
	permissionToCheck.Demand();
}

public static void demoDenySite() {
	//Passes a security check.
	CheckConnectPermission("http://www.contoso.com/Public.htm");
	Console.WriteLine("Public page has passed connect permission check");
	try {
		//Throws a SecurityException.
		CheckConnectPermission("http://www.contoso.com/Private.htm");
		Console.WriteLine("This line will not be printed");
	}
	catch (SecurityException e) {
		Console.WriteLine("Expected exception" + e.Message);
	}

 }


    

Return to top

Summary

Gets or sets a regular expression pattern that describes the URI connection controlled by the current WebPermissionAttribute.

C# Syntax:

public string ConnectPattern {get; set;}

Exceptions

Exception Type	Condition
ArgumentException	WebPermissionAttribute.ConnectPattern is not null when you attempt to set the value. If you wish to specify more than one connect URI, use an additional attribute declaration statement.

When applying WebPermissionAttribute to your class, this property specifies what regular expression connect string is accepted for use within your class. This property is write-once.

The following example demonstrates how to use WebPermissionAttribute to specify an allowable WebPermissionAttribute.ConnectPattern.

[WebPermission(SecurityAction.Deny, ConnectPattern="http://www.contoso\\.com/Private/.*")]
[WebPermission(SecurityAction.Assert, ConnectPattern="http://www.contoso\\.com/Public/.*")]
public static void CheckConnectPermission(string uriToCheck) {
	WebPermission permissionToCheck = new WebPermission();
	permissionToCheck.AddPermission(NetworkAccess.Connect, uriToCheck);
	permissionToCheck.Demand();
}

public static void demoDenySite() {
	//Passes a security check.
	CheckConnectPermission("http://www.contoso.com/Public/page.htm");
	Console.WriteLine("Public page has passed Connect permission check");

	try {
		//Throws a SecurityException.
		CheckConnectPermission("http://www.contoso.com/Private/page.htm");
		Console.WriteLine("This line will not be printed");
}
	catch (SecurityException e) {
		Console.WriteLine("Expected exception" + e.Message);
	}

 }


    

Return to top

Inherited
See base class member description: System.Attribute.TypeId

Summary

When implemented in a derived class, gets a unique identifier for this Attribute.

C# Syntax:

public virtual object TypeId {get;}

As implemented, this identifier is merely the Type of the attribute. However, it is intended that the unique identifier be used to identify two attributes of the same type.

Return to top

Inherited
See base class member description: System.Security.Permissions.SecurityAttribute.Unrestricted

Summary

Gets or sets a value indicating whether full (unrestricted) permission to the resource protected by the attribute is declared.

C# Syntax:

public bool Unrestricted {get; set;}

This property is inherited by all classes implementing custom attributes for declarative security.

Return to top

Summary

Creates and returns a new instance of the WebPermission class.

C# Syntax:

public override IPermission CreatePermission();

Return Value:

A WebPermission corresponding to the security declaration.

The SocketPermissionAttribute.CreatePermission method is called by the security system, not by application code.

The security information described by WebPermissionAttribute is stored in the metadata of the attribute target, which is the class to which WebPermissionAttribute is applied. The system accesses the information at run time. The system uses the WebPermission returned by SocketPermissionAttribute.CreatePermission to convert the security information of the attribute target to a serializable form stored in metadata.

Return to top

Inherited
See base class member description: System.Object.Equals

C# Syntax:

public virtual bool Equals(    object obj );

For more information on members inherited from System.Object click on the link above.

Return to top

Inherited
See base class member description: System.Object.Finalize

C# Syntax:

~WebPermissionAttribute();

For more information on members inherited from System.Object click on the link above.

Return to top

Inherited
See base class member description: System.Attribute.GetHashCode

Summary

Returns the hash code for this instance.

C# Syntax:

public override int GetHashCode();

Return Value:

A 32-bit signed integer hash code.

Return to top

Inherited
See base class member description: System.Object.GetType

C# Syntax:

public Type GetType();

For more information on members inherited from System.Object click on the link above.

Return to top

Inherited
See base class member description: System.Attribute.IsDefaultAttribute

Summary

When overridden in a derived class, returns an indication whether the value of this instance is the default value for the derived class.

C# Syntax:

public virtual bool IsDefaultAttribute();

Return Value:

true if this instance is the default attribute for the class; otherwise, false.

The default implementation of this class returns false, and must be implemented in the derived class to be useful to that class.

The implementation of this method in a derived class compares the value of this instance to a standard, default value obtained by some means, then returns a Boolean value that indicates whether the value of this instance is equal to the standard. The standard value is typically coded as a constant in the implementation, or stored programmatically in a field used by the implementation.

Return to top

Inherited
See base class member description: System.Attribute.Match

Summary

When overridden in a derived class, returns a value indicating whether this instance equals a specified object.

C# Syntax:

public virtual bool Match(    object obj );

obj

An Object to compare with this instance of Attribute.

Return Value:

true if this instance equals obj; otherwise, false.

This method determines if one Attribute equals another. Its default implementation is the same as Attribute.Equals, which performs a value and reference comparison. Override this method to implement support for attribute values, such as flags or bitfields, that consist of components that are meaningful in themselves. For example, consider an attribute whose value is a binary field divided into a bitfield of flags. Two instances of this attribute have one flag in set in common while all the other flags differ. The Equal method cannot determine that the two instances have the same flag set, but the Match method can.

Return to top

Inherited
See base class member description: System.Object.MemberwiseClone

C# Syntax:

protected object MemberwiseClone();

For more information on members inherited from System.Object click on the link above.

Return to top

Inherited
See base class member description: System.Object.ToString

C# Syntax:

public virtual string ToString();

For more information on members inherited from System.Object click on the link above.

Return to top

Top of page