CAS and role based security implementation  
  Index .NET Development Common Language Runtime
Author Message
TA123
PostPosted: Common Language Runtime, CAS and role based security implementation Top

Hi all,

I am bit confused in role based security and CAS while implementing the same in .net.

As per my understanding , Demand() function is used by code for demanding the getting the evidence and whether it has permission for certain resource.So it is part of CAS.

Whereas Principal object is a part of Role based security to autheticate and authorise an user based on its identity and role.

now i have a fucntion which has following attribute on its top

[PrincipalPermission(SecurityAction.Demand, Authenticated=true)]
 public class Authors
 {
     // Methods
 }

So can somebody please explain whether this is an role based security implementaion or code access security.

kindly explain a bit more on these two leaving aside the fact that CAS is to check whether an code has permission to access a resource and role based security is users' identity and role check.

regards

.NET Development3  
 
 
Sean Hederman
PostPosted: Common Language Runtime, CAS and role based security implementation Top
Yes, it's part of the CAS infrastructure, but conceptually PrincipalPermission is more like role-based security, so in a sense they're piggy-backing some role based stuff on top of CAS. This is quite cool, because it makes it easy to use.

 
 
 
Index .NET Development Common Language Runtime