System.Security.Policy.NetCodeGroup Class

Summary

Grants Web permission to the site from which the assembly was downloaded. This class cannot be inherited.

C# Syntax:

[Serializable] public sealed class NetCodeGroup : CodeGroup

Code groups are the building blocks of code access security policy. Each policy level consists of a root code group that can have child code groups. Each child code group can have its own child code groups; this behavior extends to any number of levels, forming a tree. Each code group has a membership condition that determines if a given assembly belongs to it based on the evidence for that assembly. Only code groups whose membership conditions match a given assembly, along with their child code groups, apply code access security policy.

NetCodeGroup has the same merge semantics as that of UnionCodeGroup; it forms the union of the PolicyStatement objects of all matching child code groups and the PolicyStatement it generates from the input Url evidence. However, NetCodeGroup returns a permission set that contains a dynamically-calculated WebPermission that grants connect access to the site from which the code is run; UnionCodeGroup only returns a static permission set.

Access is only granted for the protocol over which the code was run, with the exception that code run over the HTTP protocol is granted access for both the HTTP and HTTPS protocols. For example, code from http://www.fourthcoffee.com/1/2/app.exe is granted permission to connect to http://www.fourthcoffee.com/* and https://www.fourthcoffee.com/*, but code from https://www.fourthcoffee.com/1/2/app.exe only gets permission to connect to https://www.fourthcoffee.com/*. This is done to ensure that an assembly cannot communicate over a less secure protocol than the one from which it was run. If an assembly could communicate over a less secure protocol, it would violate the user's expectation regarding the security of any information transmitted by that assembly.

System.Security.Policy Namespace See also:
MSDN: codegroups

System.Security.Policy.NetCodeGroup Member List:

Public Constructors

ctor #1

Initializes a new instance of the NetCodeGroup class.

Public Properties

AttributeString	Read-only Overridden: Gets a string representation of the attributes of the policy statement for the code group.
Children (inherited from System.Security.Policy.CodeGroup)	Read-write See base class member description: System.Security.Policy.CodeGroup.Children Gets or sets an ordered list of the child code groups of a code group.
Description (inherited from System.Security.Policy.CodeGroup)	Read-write See base class member description: System.Security.Policy.CodeGroup.Description Gets or sets the description of the code group.
MembershipCondition (inherited from System.Security.Policy.CodeGroup)	Read-write See base class member description: System.Security.Policy.CodeGroup.MembershipCondition Gets or sets the code group's membership condition.
MergeLogic	Read-only Overridden: Gets the logic to use for merging groups.
Name (inherited from System.Security.Policy.CodeGroup)	Read-write See base class member description: System.Security.Policy.CodeGroup.Name Gets or sets the name of the code group.
PermissionSetName	Read-only Overridden: Gets the name of the NamedPermissionSet for the code group.
PolicyStatement (inherited from System.Security.Policy.CodeGroup)	Read-write See base class member description: System.Security.Policy.CodeGroup.PolicyStatement Gets or sets the policy statement associated with the code group.

Public Methods

AddChild (inherited from System.Security.Policy.CodeGroup)	See base class member description: System.Security.Policy.CodeGroup.AddChild Adds a child code group to the current code group.
Copy	Overridden: Makes a deep copy of the current code group.
Equals (inherited from System.Security.Policy.CodeGroup)	Overloaded: Equals(object o) See base class member description: System.Security.Policy.CodeGroup.Equals Determines whether the specified code group is equivalent to the current code group.
Equals (inherited from System.Security.Policy.CodeGroup)	Overloaded: Equals(CodeGroup cg, bool compareChildren) See base class member description: System.Security.Policy.CodeGroup.Equals Determines whether the specified code group is equivalent to the current code group, checking the child code groups as well, if specified.
FromXml (inherited from System.Security.Policy.CodeGroup)	Overloaded: FromXml(SecurityElement e) See base class member description: System.Security.Policy.CodeGroup.FromXml Reconstructs a security object with a given state from an XML encoding.
FromXml (inherited from System.Security.Policy.CodeGroup)	Overloaded: FromXml(SecurityElement e, PolicyLevel level) See base class member description: System.Security.Policy.CodeGroup.FromXml Reconstructs a security object with a given state and policy level from an XML encoding.
GetHashCode (inherited from System.Security.Policy.CodeGroup)	See base class member description: System.Security.Policy.CodeGroup.GetHashCode Gets the hash code of the current code group.
GetType (inherited from System.Object)	See base class member description: System.Object.GetType Derived from System.Object, the primary base class for all objects.
RemoveChild (inherited from System.Security.Policy.CodeGroup)	See base class member description: System.Security.Policy.CodeGroup.RemoveChild Removes the specified child code group.
Resolve	Overridden: Resolves policy for the code group and its descendants for a set of evidence.
ResolveMatchingCodeGroups	Overridden: Resolves matching code groups.
ToString (inherited from System.Object)	See base class member description: System.Object.ToString Derived from System.Object, the primary base class for all objects.
ToXml (inherited from System.Security.Policy.CodeGroup)	Overloaded: ToXml() See base class member description: System.Security.Policy.CodeGroup.ToXml Creates an XML encoding of the security object and its current state.
ToXml (inherited from System.Security.Policy.CodeGroup)	Overloaded: ToXml(PolicyLevel level) See base class member description: System.Security.Policy.CodeGroup.ToXml Creates an XML encoding of the security object, its current state, and the policy level within which the code exists.

Protected Methods

CreateXml (inherited from System.Security.Policy.CodeGroup)	See base class member description: System.Security.Policy.CodeGroup.CreateXml When overridden in a derived class, serializes properties and internal state specific to a derived code group and adds the serialization to the specified SecurityElement.
Finalize (inherited from System.Object)	See base class member description: System.Object.Finalize Derived from System.Object, the primary base class for all objects.
MemberwiseClone (inherited from System.Object)	See base class member description: System.Object.MemberwiseClone Derived from System.Object, the primary base class for all objects.
ParseXml (inherited from System.Security.Policy.CodeGroup)	See base class member description: System.Security.Policy.CodeGroup.ParseXml When overridden in a derived class, reconstructs properties and internal state specific to a derived code group from the specified SecurityElement.

Hierarchy:

• System.Object
• System.Security.Policy.CodeGroup
• System.Security.Policy.NetCodeGroup

System.Security.Policy.NetCodeGroup Member Details

Summary

Initializes a new instance of the NetCodeGroup class.

C# Syntax:

public NetCodeGroup(    IMembershipCondition membershipCondition );

membershipCondition

A membership condition that tests evidence to determine whether this code group applies code access security policy.

Exceptions

Exception Type	Condition
ArgumentNullException	The membershipCondition parameter is null.
ArgumentException	The type of the membershipCondition parameter is not valid.

Return to top

Summary

Gets a string representation of the attributes of the policy statement for the code group.

C# Syntax:

public override string AttributeString {get;}

Return to top

Inherited
See base class member description: System.Security.Policy.CodeGroup.Children

Summary

Gets or sets an ordered list of the child code groups of a code group.

C# Syntax:

public IList Children {get; set;}

Exceptions

Exception Type	Condition
ArgumentException	An attempt is made to set this property to null.

The order of child code groups is significant for certain code groups.

Return to top

Inherited
See base class member description: System.Security.Policy.CodeGroup.Description

Summary

Gets or sets the description of the code group.

C# Syntax:

public string Description {get; set;}

Return to top

Inherited
See base class member description: System.Security.Policy.CodeGroup.MembershipCondition

Summary

Gets or sets the code group's membership condition.

C# Syntax:

public IMembershipCondition MembershipCondition {get; set;}

Exceptions

Exception Type	Condition
ArgumentException	An attempt is made to set this parameter to null.

A membership condition tests evidence and returns a Boolean value that tells whether there is a match.

Return to top

Summary

Gets the logic to use for merging groups.

C# Syntax:

public override string MergeLogic {get;}

Return to top

Inherited
See base class member description: System.Security.Policy.CodeGroup.Name

Summary

Gets or sets the name of the code group.

C# Syntax:

public string Name {get; set;}

Return to top

Summary

Gets the name of the NamedPermissionSet for the code group.

C# Syntax:

public override string PermissionSetName {get;}

This property can be null if the code group has an unnamed permission set.

Return to top

Inherited
See base class member description: System.Security.Policy.CodeGroup.PolicyStatement

Summary

Gets or sets the policy statement associated with the code group.

C# Syntax:

public PolicyStatement PolicyStatement {get; set;}

The policy statement applies to code in assemblies when evidence matches the membership condition.

This property can also be set by passing a policy statement to the constructor.

The following example sets the PolicyStatement for a code group.

        codeGroup.PolicyStatement = new PolicyStatement(new NamedPermissionSet("MyPermissionSet"));

    

Return to top

Inherited
See base class member description: System.Security.Policy.CodeGroup.AddChild

Summary

Adds a child code group to the current code group.

C# Syntax:

public void AddChild(    CodeGroup group );

group

The code group to be added as a child. This new child code group is added to the end of the list.

Exceptions

Exception Type	Condition
ArgumentNullException	The group parameter is null.
ArgumentException	The group parameter is not a valid code group.

Return to top

Summary

Makes a deep copy of the current code group.

C# Syntax:

public override CodeGroup Copy();

Return Value:

An equivalent copy of the current code group, including its membership conditions and child code groups.

This method makes a deep copy of the code group, meaning that copies of all objects the code group contains are also made.

Return to top

Inherited
See base class member description: System.Security.Policy.CodeGroup.CreateXml

Summary

When overridden in a derived class, serializes properties and internal state specific to a derived code group and adds the serialization to the specified SecurityElement.

C# Syntax:

protected virtual void CreateXml(    SecurityElement element,    PolicyLevel level );

element

The XML encoding to which to add the serialization.

level

The policy level within which the code group exists.

CodeGroup.ToXml cannot be overridden. If you need to serialize members specific to a particular implementation of CodeGroup, you must override CodeGroup.CreateXml and serialize your members there. When the code group is serialized, CodeGroup.ToXml calls CodeGroup.CreateXml and adds your serialization to the SecurityElement created by CodeGroup.ToXml.

The XML created using this method is deserialized by the CodeGroup.ParseXml method.

Notes to inheritors: If you implement this method, you must implement the CodeGroup.ParseXml method as well.

Return to top

Inherited
See base class member description: System.Security.Policy.CodeGroup.Equals

Summary

Determines whether the specified code group is equivalent to the current code group.

C# Syntax:

public override bool Equals(    object o );

o

The code group to compare with the current code group.

Return Value:

true if the specified code group is equivalent to the current code group; otherwise, false.

Two code groups are equivalent if they have the same CodeGroup.Name, CodeGroup.Description, and CodeGroup.MembershipCondition.

This method tests the top-level code group only, not its child code groups.

Return to top

Inherited
See base class member description: System.Security.Policy.CodeGroup.Equals

Summary

Determines whether the specified code group is equivalent to the current code group, checking the child code groups as well, if specified.

C# Syntax:

public bool Equals(    CodeGroup cg,    bool compareChildren );

cg

The code group to compare with the current code group.

compareChildren

true to compare child code groups, as well; otherwise, false.

Return Value:

true if the specified code group is equivalent to the current code group; otherwise, false.

Two code groups are equivalent if they have the same CodeGroup.Name, CodeGroup.Description, and CodeGroup.MembershipCondition.

If the compareChildren parameter is true, this method will only return true if the current code group and all its child code groups are equivalent to the specified code group and all its child code groups.

Return to top

Inherited
See base class member description: System.Object.Finalize

C# Syntax:

~NetCodeGroup();

For more information on members inherited from System.Object click on the link above.

Return to top

Inherited
See base class member description: System.Security.Policy.CodeGroup.FromXml

Summary

Reconstructs a security object with a given state from an XML encoding.

C# Syntax:

public void FromXml(    SecurityElement e );

e

The XML encoding to use to reconstruct the security object.

Exceptions

Exception Type	Condition
ArgumentNullException	The e parameter is null.

Notes to inheritors: CodeGroup.FromXml and CodeGroup.ToXml cannot be overridden. If you need to change the way in which your code group implementation handles XML, override the CodeGroup.ParseXml and CodeGroup.CreateXml methods.

Return to top

Inherited
See base class member description: System.Security.Policy.CodeGroup.FromXml

Summary

Reconstructs a security object with a given state and policy level from an XML encoding.

C# Syntax:

public void FromXml(    SecurityElement e,    PolicyLevel level );

e

The XML encoding to use to reconstruct the security object.

level

The policy level within which the code group exists.

Exceptions

Exception Type	Condition
ArgumentNullException	The e parameter is null.

The policy level context is provided for resolution of named permission sets.

Notes to inheritors: CodeGroup.FromXml and CodeGroup.ToXml cannot be overridden. If you need to change the way in which your code group implementation handles XML, override the CodeGroup.ParseXml and CodeGroup.CreateXml methods.

Return to top

Inherited
See base class member description: System.Security.Policy.CodeGroup.GetHashCode

Summary

Gets the hash code of the current code group.

C# Syntax:

public override int GetHashCode();

Return Value:

The hash code of the current code group.

Return to top

Inherited
See base class member description: System.Object.GetType

C# Syntax:

public Type GetType();

For more information on members inherited from System.Object click on the link above.

Return to top

Inherited
See base class member description: System.Object.MemberwiseClone

C# Syntax:

protected object MemberwiseClone();

For more information on members inherited from System.Object click on the link above.

Return to top

Inherited
See base class member description: System.Security.Policy.CodeGroup.ParseXml

Summary

When overridden in a derived class, reconstructs properties and internal state specific to a derived code group from the specified SecurityElement.

C# Syntax:

protected virtual void ParseXml(    SecurityElement e,    PolicyLevel level );

e

The XML encoding to use to reconstruct the security object.

level

The policy level within which the code group exists.

CodeGroup.FromXml cannot be overridden. If you need to deserialize members specific to a particular implementation of CodeGroup, you must override CodeGroup.ParseXml and deserialize your members there. When the code group is deserialized, CodeGroup.FromXml calls CodeGroup.ParseXml and reconstructs your members from the SecurityElement.

This method deserializes XML created using CodeGroup.CreateXml.

Notes to inheritors: If you implement this method, you must implement the CodeGroup.CreateXml method as well.

Return to top

Inherited
See base class member description: System.Security.Policy.CodeGroup.RemoveChild

Summary

Removes the specified child code group.

C# Syntax:

public void RemoveChild(    CodeGroup group );

group

The code group to be removed as a child.

Exceptions

Exception Type	Condition
ArgumentException	The group parameter is not an immediate child code group of the current code group.

Only immediate child code groups can be removed with this method.

Return to top

Summary

Resolves policy for the code group and its descendants for a set of evidence.

C# Syntax:

public override PolicyStatement Resolve(    Evidence evidence );

evidence

The Evidence for the assembly.

Return Value:

A PolicyStatement consisting of the permissions granted by the code group with optional attributes, or null if the code group does not apply (the membership condition does not match the specified evidence).

Exceptions

Exception Type	Condition
ArgumentNullException	The evidence parameter is null.
PolicyException	More than one code group (including the parent code group and any child code groups) is marked PolicyStatementAttribute.Exclusive.

Given evidence for an assembly to be loaded, this method evaluates the code group by first checking the membership condition against the specified evidence. If there is a match, this method returns a policy statement for the code group, including evaluation of child code groups.

The operation of this method is as follows:

If the membership condition does not match the specified evidence, return null; otherwise, set the permission set to be returned (P) equal to the code group's policy statement and continue. For each child code group, resolve the code group with the same evidence; if the result is not null, return that policy statement. If no child code group matched, return P (the parent's policy statement).

Return to top

Summary

Resolves matching code groups.

C# Syntax:

public override CodeGroup ResolveMatchingCodeGroups(    Evidence evidence );

evidence

The Evidence for the assembly.

Return Value:

A CodeGroup.

Exceptions

Exception Type	Condition
ArgumentNullException	The evidence parameter is null.

Given evidence for an assembly to be loaded, this method evaluates the code group by first checking the membership condition against the specified evidence. If there is a match, this method returns a root code group. The code group that is returned contains child code groups, which in turn can have child code groups as necessary to reflect the complete set of code groups that were matched by the evidence provided.

Return to top

Inherited
See base class member description: System.Object.ToString

C# Syntax:

public virtual string ToString();

For more information on members inherited from System.Object click on the link above.

Return to top

Inherited
See base class member description: System.Security.Policy.CodeGroup.ToXml

Summary

Creates an XML encoding of the security object and its current state.

C# Syntax:

public SecurityElement ToXml();

Return Value:

An XML encoding of the security object, including any state information.

Notes to inheritors: CodeGroup.FromXml and CodeGroup.ToXml cannot be overridden. If you need to change the way in which your code group implementation handles XML, override the CodeGroup.ParseXml and CodeGroup.CreateXml methods.

Return to top

Inherited
See base class member description: System.Security.Policy.CodeGroup.ToXml

Summary

Creates an XML encoding of the security object, its current state, and the policy level within which the code exists.

C# Syntax:

public SecurityElement ToXml(    PolicyLevel level );

level

The policy level within which the code group exists.

Return Value:

An XML encoding of the security object, including any state information.

The policy level context is provided for resolution of named permission sets.

Notes to inheritors: CodeGroup.FromXml and CodeGroup.ToXml cannot be overridden. If you need to change the way in which your code group implementation handles XML, override the CodeGroup.ParseXml and CodeGroup.CreateXml methods.

Return to top

Top of page