|
security
newsgroups
|
|||||||||||||||||||||||
|
|||||||||||||||||||||||
HELP Security in .Net frameworkDoes anyone can point me out to good articles or documents which clearly
explain the security under .Net framework I try to follow something but I am really getting lost indeed, a lot confuse with the code security and security of the operating system also how they are interact together. How to define a role ? if you user the PrincipalPermission object does the user name is the name of a valid users in the Operating system or AD. All those question makes me not understand at all this security stuf in code, as well as as when security should be requested and so on... thnaks for helping me clarifying a lot this stuff. I need it to be reaaly prepared on my netxt exam 70-306 and others thnaks for your help serge "serge calderara" <sergecalder***@discussions.microsoft.com> wrote in There's a fairly decent introductory overview at message news:8101486F-0615-4C5E-B474-1D4A74E48C26@microsoft.com... > > Does anyone can point me out to good articles or documents which clearly > explain the security under .Net framework http://msdn.microsoft.com/security/securecode/dotnet/default.aspx?pull=/library/en-us/dnnetsec/html/netframesecover.asp. A list of other relevant articles can be found at http://msdn.microsoft.com/security/securecode/dotnet/default.aspx. > I try to follow something but I am really getting lost indeed, a lot They don't interact. For any given operation to succeed, the user must have > confuse > with the code security and security of the operating system also how they > are > interact together. adequate Windows permissions and the code must have adequate CAS permissions. One set of permissions has no effect on the evaluation of the other set. > How to define a role ? if you user the PrincipalPermission object does the PrincipalPermission evaluates against the thread principal, which is an > user name is the name of a valid users in the Operating system or AD. implementation of the IPrincipal interface. If the principal used for the thread is a WindowsPrincipal, then role criteria would be evaluated against the user's Windows/AD roles. If a custom IPrincipal implementation is used instead of WindowsPrincipal, then any role system could be used (including AD if that's what's desired). Show quoteHide quote > > All those question makes me not understand at all this security stuf in > code, as well as as when security should be requested and so on... > > thnaks for helping me clarifying a lot this stuff. I need it to be reaaly > prepared on my netxt exam 70-306 and others > > thnaks for your help > serge > 
Other interesting topics
ClientCertificates and IIS5 with https://localhost
Windows Authentication question Finding out if user has privileges to a diectory. RE: Designtime licenses, I just don't get it X.509 certificates and httpwebrequest Problem with RSACryptoServiceProvider ( incorrect usage of public-private keys ? ) Custom principles and DnsPermission.Demand() Anyone out there using AzMan with WinForms solution? Using Weak keys in DES and TripleDES Newbie Question: Trust an Assembly Wizard |
|||||||||||||||||||||||
