DBDataPermission represents the security level access to a database. It’s an abstract class (providers derive their own specific permission class), which allows you to ensure that the current user has required code access security permissions. For example, if you use the Demand( ) method before attempting to open a connection and the current user lacks the required security permissions, your code receives a System.Security.SecurityException to be handled gracefully. If you don’t call Demand( ), System.Security.SecurityException is still raised, but it won’t occur until your code attempts the disallowed action.

Remember that this setting pertains only to code access security. It has to do with authentication. By default, any client running .NET code is allowed to open a connection. However, you can modify code access permissions (for example, denying users permission to use a connection string with a blank password) using the .NET Framework Configuration Tool.

You can also use the Deny( ) to programmatically revoke the client’s ability to access the data source. This will remain in effect until the current method returns (and will apply to any methods further down the call stack).

public abstract class DBDataPermission : System.Security.CodeAccessPermission, System.Security.Permissions

        IUnrestrictedPermission {

// Public Constructors

   public DBDataPermission(System.Security.Permissions.PermissionState state, bool allowBlankPassword);

// Protected Constructors ...

Get ADO.NET in a Nutshell now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.