Code groups are the building blocks of code access security policy. Each policy level consists of a root code group that may have child code groups and so on forming a tree. Each code group has a membership condition that determines if a given assembly belongs to it or not based on the evidence for that assembly. Only code groups whose membership conditions match a given assembly and their children apply policy.
When resolving policy code groups use their membership condition to test evidence for an assembly. For matching assemblies code groups then propagate policy evaluation to their child code groups according to rules of the specific type of code group.
[Visual Basic] Public Interface ICodeGroup Implements ISecurityEncodable, ISecurityPolicyEncodable [C#] public interface ICodeGroup : ISecurityEncodable, ISecurityPolicyEncodable [C++] public __gc __interface ICodeGroup : public ISecurityEncodable, ISecurityPolicyEncodable
[JScript] In JScript, you can use the interfaces in the NGWS frameworks, but you cannot define your own.
Class | Description |
---|---|
FirstMatchCodeGroup | FirstMatchCodeGroup allows security policy to be defined that works similar to a switch {case 1: ...; case 2: ...; ... default: ...; } conditional structure. |
UnionCodeGroup | Code groups are the building blocks of code access security policy. Each policy level consists of a root code group that may have child code groups and so on forming a tree. Each code group has a membership condition that determines if a given assembly belongs to it or not based on the evidence for that assembly. Only code groups whose membership conditions match a given assembly and their children apply policy.
UnionCodeGroup is the most common type of code group, the policy statement of all matching child code groups (and by extension their children) are unioned together with the permission set of the matching parent code group. Thus, if its membership condition matches this code group will union its policy statement with those of all its children that also match the evidence. |
See UnionCodeGroup and FirstMatchCodeGroup classes for specific code group implementations.
Namespace: System.Security.Policy
Assembly: mscorlib.dll