NGWS SDK Documentation  

This is preliminary documentation and subject to change.
To comment on this topic, please send us email at ngwssdk@microsoft.com. Thanks!

Resource protection: demand

The most common use of permissions is for protection of resources. Classes that expose the resource must demand the callers for the appropriate permission before doing the requested protected operation.

Library classes that expose basic resources such as files etc. must demand the permission of callers for the corresponding (e.g. FileIOPermission) permission. For typical application and component developers the permission demand is in effect an “automatic” function of the file classes; as long as the application code has the necessary permission granted no explicit security coding is required.

Similarly, to ensure security it is essential that all code that accesses a resource protected by a custom (application-defined) permission must implement demands for the permission wherever the resource is exposed. The security requirement is exactly the same as the library class case, however the resource is not a standard one but rather is custom.