XmlSecureResolver Costruttori

public:
 XmlSecureResolver(System::Xml::XmlResolver ^ resolver, System::Security::PermissionSet ^ permissionSet);

public XmlSecureResolver(System.Xml.XmlResolver resolver, System.Security.PermissionSet permissionSet);

new System.Xml.XmlSecureResolver : System.Xml.XmlResolver * System.Security.PermissionSet -> System.Xml.XmlSecureResolver

Public Sub New (resolver As XmlResolver, permissionSet As PermissionSet)

Parametri

Esempio

Nell'esempio seguente viene creato un XmlSecureResolver oggetto utilizzando un set di autorizzazioni personalizzato.

public static Object GetFile (String fileURL, XmlResolver resolver) {

  // Generate the default PermissionSet using the file URL.
  Evidence evidence = XmlSecureResolver.CreateEvidenceForUrl(fileURL);
  PermissionSet myPermissions = SecurityManager.ResolvePolicy(evidence);

  // Modify the PermissionSet to only allow access to http://www.contoso.com.
  // Create a WebPermission which only allows access to http://www.contoso.com.
  WebPermission myWebPermission = new WebPermission(NetworkAccess.Connect, "http://www.contoso.com");
  // Replace the existing WebPermission in myPermissions with the updated WebPermission.
  myPermissions.SetPermission(myWebPermission);

  // Use the modified PermissionSet to construct the XmlSecureResolver.
  XmlSecureResolver sResolver = new XmlSecureResolver(resolver, myPermissions);

  // Get the object.
  Uri fullUri = sResolver.ResolveUri(null, fileURL);
  return sResolver.GetEntity(fullUri, null, null);
}

public shared function GetFile (fileURL as String , resolver as XmlResolver) as Object
 
  '  Generate the default PermissionSet using the file URL.
  Dim evidence as Evidence = XmlSecureResolver.CreateEvidenceForUrl(fileURL)
  Dim myPermissions as PermissionSet = SecurityManager.ResolvePolicy(evidence)

  '  Modify the PermissionSet to only allow access to http://www.contoso.com.
  '  Create a WebPermission that only allows access to http://www.contoso.com.
  Dim myWebPermission as WebPermission = new WebPermission(NetworkAccess.Connect, "http://www.contoso.com")
  '  Replace the existing WebPermission in myPermissions with the updated WebPermission.
  myPermissions.SetPermission(myWebPermission)

  '  Use the modified PermissionSet to construct the XmlSecureResolver.
  Dim sResolver as XmlSecureResolver = new XmlSecureResolver(resolver, myPermissions)

  '  Get the object.
  Dim fullUri as Uri = sResolver.ResolveUri(nothing, fileURL)
  return sResolver.GetEntity(fullUri, nothing, nothing)
end function

Vedi anche

• CreateEvidenceForUrl(String)
• Evidence
• WebPermission
• SecurityManager

public:
 XmlSecureResolver(System::Xml::XmlResolver ^ resolver, System::Security::Policy::Evidence ^ evidence);

public XmlSecureResolver(System.Xml.XmlResolver resolver, System.Security.Policy.Evidence evidence);

new System.Xml.XmlSecureResolver : System.Xml.XmlResolver * System.Security.Policy.Evidence -> System.Xml.XmlSecureResolver

Public Sub New (resolver As XmlResolver, evidence As Evidence)

Parametri

Commenti

Ecco alcuni scenari possibili e il tipo di evidenza da fornire per ogni scenario:

• Se si lavora in un ambiente completamente attendibile, utilizzare l'assembly per creare le prove:

  Evidence myEvidence = this.GetType().Assembly.Evidence;
  XmlSecureResolver myResolver;
  myResolver = new XmlSecureResolver(new XmlUrlResolver(), myEvidence);
  

  Dim myEvidence As Evidence = Me.GetType().Assembly.Evidence
  Dim myResolver As XmlSecureResolver
  myResolver = New XmlSecureResolver(New XmlUrlResolver(), myEvidence)
  

• Se si lavora in un ambiente semi-attendibile, si dispone di codice o dati provenienti da un'origine esterna e si conosce l'origine dell'origine esterna e si dispone di un URI verificabile, usare l'URI per creare l'evidenza:

  
  Evidence myEvidence = XmlSecureResolver.CreateEvidenceForUrl(sourceURI);
  XmlSecureResolver myResolver = new XmlSecureResolver(new XmlUrlResolver(), myEvidence);
  

  Dim myEvidence As Evidence = XmlSecureResolver.CreateEvidenceForUrl(sourceURI)
  Dim myResolver As New XmlSecureResolver(New XmlUrlResolver(), myEvidence)
  

• Se si lavora in un ambiente semi-attendibile e si dispone di codice o dati provenienti da un'origine esterna, ma non si conosce l'origine della fonte esterna, sia:

  Impostare il parametro evidence su null. In questo modo non è consentito l'accesso alle risorse.

  oppure

  Se l'applicazione richiede l'accesso alle risorse, richiedere l'evidenza dal chiamante.

Origine:

XmlSecureResolver.cs

Origine:

XmlSecureResolver.cs

Origine:

XmlSecureResolver.cs

Origine:

XmlSecureResolver.cs

Origine:

XmlSecureResolver.cs

public:
 XmlSecureResolver(System::Xml::XmlResolver ^ resolver, System::String ^ securityUrl);

public XmlSecureResolver(System.Xml.XmlResolver resolver, string? securityUrl);

public XmlSecureResolver(System.Xml.XmlResolver resolver, string securityUrl);

new System.Xml.XmlSecureResolver : System.Xml.XmlResolver * string -> System.Xml.XmlSecureResolver

Public Sub New (resolver As XmlResolver, securityUrl As String)

Parametri

Esempio

In questo esempio viene usato il XmlSecureResolver(XmlResolver, String) costruttore per creare un XmlSecureResolver oggetto autorizzato ad accedere solo al sito Intranet locale.

XmlSecureResolver myResolver = new XmlSecureResolver(new XmlUrlResolver(), "http://myLocalSite/");

Dim myResolver As New XmlSecureResolver(New XmlUrlResolver(), "http://myLocalSite/")

Commenti