Code-Access Support in .NET 3.5
In .NET 3.5, WCF allows only a limited set of scenarios to execute in partial trust. It
allows only the BasicHttpBinding
, the WSHttpBinding
, and the WebHttpBinding
(with the notable exclusion of the WSDualHttpBinding
) to be called under partial trust, and only with either no
transfer security at all or Transport security. Furthermore, in the case of the WSHttpBinding
, aspects such as Message security, reliable
messaging, and transactions are disallowed. All partial-trust-enabled bindings must use text
encoding. A WCF service (or client) running under partial trust cannot use additional WCF
facilities, such as diagnostics and performance counters. To enable usage in a partially
trusted environment, the System.ServiceModel
assembly
allows for partial trust callers by including the AllowPartiallyTrustedCallers
attribute as part of the assembly
definition:
[assembly: AllowPartiallyTrustedCallers]
In the first release of WCF, omitting this attribute precluded all partial trust use. In .NET 3.5, enforcing the limited set of supported features is now the responsibility of the bindings. Each non-HTTP binding actively demands full trust of its caller, be it the client proxy or the service host. The allowed HTTP bindings themselves do not demand full trust, but instead demand permissions according to the context of use. On the client side, the allowed HTTP bindings demand permission to execute (security permission with execution flag) and permission to connect ...
Get Programming WCF Services, 2nd Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.