O'Reilly logo

Beginning ASP.NET Security by Barry Dorrans

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Chapter 13. Understanding Code Access Security

The .NET framework has two major security mechanisms: role-based security and code access security (CAS). Both of these features are threaded throughout the .NET framework. CAS ensures that code does not perform actions or access resources it should not be able to, and provides an extra layer of safety on top of the operating system security functions. The environment in which your application runs can be configured to only allow a subset of the full .NET framework functionality. It is important that you know how to properly request permissions at run-time, rather than assuming your application has access to everything a machine can do.

In this chapter you will learn about the following

  • What CAS is

  • How to ask for permissions in your code

  • How CAS and the ASP.NET trust levels fit together

  • How the Global Assembly Cache (GAC) affects trust levels

Note

This chapter covers the basics of CAS. This is a wide-ranging subject that touches on ClickOnce, plug-in architecture, isolation of third-party components, and other things that you may end up requiring as your applications become more advanced. If you want to know more, MSDN has an entire section on CAS at http://msdn.microsoft.com/en-us/library/930b76w0.aspx.

UNDERSTANDING CODE ACCESS SECURITY

Traditionally, software runs using the operating system-level identity, roles, and permissions of the user who executes the program. But, in today's world of mobile code, where software can come from the Internet ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required