NGWS SDK Documentation  

This is preliminary documentation and subject to change.
To comment on this topic, please send us email at ngwssdk@microsoft.com. Thanks!

IPermission Interface

Defines the basic functionality of any permission object. Permissions in the NGWS runtime are objects that describe a set of operations the can be secured for a given resource. A permission object describes operations or access subject to security control; it does not represent a right to do such operations or access in and of itself. Permissions are used by both application code and the runtime security system as the building blocks of the NGWS runtime security system in the following ways:

IPermission

[Visual Basic]
Public Interface IPermission
   Implements ISecurityEncodable
[C#]
public interface IPermission : ISecurityEncodable
[C++]
public __gc __interface IPermission : public ISecurityEncodable

[JScript] In JScript, you can use the interfaces in the NGWS frameworks, but you cannot define your own.

Classes that Implement IPermission

Class Description
CodeAccessPermission CodeAccessPermission is an abstract base class that provides functionality required by all code access permissions. Some of its methods are abstract and must be implemented by non-abstract subclasses of CodeAccessPermission. Some of the implemented methods cannot be overridden.
PrincipalPermission Allows checks against the Active principal (see IPrincipal object) using the language constructs defined for both declarative and imperative security actions. By passing identity information (user name and role) to the constructor, the PrincipalPermission object can be used to demand that the identity of the active principal matches this information.

To match the active Principal object, and associated Identity object, both the specified identity and role must match. A NULL identity string is interpreted as a request to match any identity. A NULL role string will match any role. By implication, PrincipalPermission(NULL, NULL) will match the identity and roles in any Principal object. It is also possible to construct a PrincipalPermission that only checks for whether the Identity represents and authenticated or unauthenticated entity. In this case, the name and roles are ignored.

Remarks

If you write a new permission you must implement this interface in your class.

Requirements

Namespace: System.Security

Assembly: mscorlib.dll

See Also

IPermission Members | System.Security Namespace