1
我一直在玩弄身份和校长时,我注意到,该方法我加为什么PrincipalPermission拒绝安全操作仍允许访问?
[PrincipalPermission(SecurityAction.Deny, Role = "Admin")]
与
GenericIdentity identity = new GenericIdentity("JC", "Type1");
GenericPrincipal principal = new GenericPrincipal(identity, new string[] { "Admin", "User" });
Thread.CurrentPrincipal = principal;
仍然是一个身份不抛出抛出:SecurityException,因为它会如果它有一个被调用需求安全行动。
事实上,即使我有拼写错误,像这样
[PrincipalPermission(SecurityAction.Deny, Role = "asad")]
它的作用还是会允许我调用的方法没有一个合适
的问题是,为什么扔多少?
我的整个代码:
static void Main(string[] args)
{
GenericIdentity identity = new GenericIdentity("JC", "Type1");
GenericPrincipal principal = new GenericPrincipal(identity, new string[] { "Admin", "User" });
Thread.CurrentPrincipal = principal;
UsePrincipal();
}
static void UsePrincipal()
{
Console.WriteLine(Thread.CurrentPrincipal.Identity);
try
{
DevWork();
}
catch
{
Console.WriteLine("You Bad!");
}
Console.ReadKey();
}
[PrincipalPermission(SecurityAction.Deny, Role = "Admin")]
static void DevWork() // Will be executed no matter what the role is
{
Console.WriteLine("You Good!");
Console.ReadKey();
}
您正在使用哪种版本的.NET? – Evk
.net框架4.5.2 –