This month's column continues the discussion around code access security in WCF and partially trusted services.
Juval Lowy
MSDN Magazine July 2008
View Complete Post
Here we discuss code-access security in Windows Communication Foundation (WCF) and present a solution for enabling partially trusted clients for WCF services.
MSDN Magazine April 2008
Unlike role-based security measures, code access security is not based on user identity. Instead, it is based on the identity of the code that is running, including information such as where the code came from. Here Mike Downen discusses the role of code access security (CAS) in .NET and outlines some key new features and changes in CAS for the .NET Framework 2.0.
Mike Downen
MSDN Magazine November 2005
Rich clients employ many of the features and conveniences of the operating system they run on, and the list of these features has been growing since the dawn of the PC. But as apps have migrated to the Web, the trend towards increasing client-side functionality has ground to a virtual halt. There are several reasons for this; chief among them are security and deployment problems. But that's all about to change. With the .NET Framework, you can participate in building the distributable rich client of the future. In this article, the author enumerates the pertinent features of .NET that will allow you to build safe, easily deployable controls. The features discussed include managed code, code access security, versioning control, Windows Forms classes, and isolation.
Jason Clark
MSDN Magazine June 2002
Component-based software is vulnerable to attack. Large numbers of DLLs that are not tightly controlled are at the heart of the problem. Code access security in the Common Language Runtime of the Microsoft .NET Framework addresses this common security hole. In this model, the CLR acts as the traffic cop to assemblies, keeping track of where they came from and what security restraints should be placed on them. Another way the .NET Framework addresses security is by providing preexisting classes which have built-in security. These are the classes that are invoked in .NET when performing risky operations such as reading and writing files, displaying dialog boxes, and so on. Of course, if a component calls unmanaged code, it can bypass code access security measures. This article covers these and other security issues.
Keith Brown
MSDN Magazine February 2001
Okay, i think most of you guys out there use wspbuilder to build the wsp solutions and to deploy it. So here is my problem.
I'm working on a SharePoint solution which makes use of a third party dll (Telerik for Asp.Net Ajax - Telerik.Web.UI.dll) for rich experience. Since Telerik dll is a common assembly i have to deploy it to the bin folder of the webapplication instead of GAC. So here comes the problem.
WSPBuilder automatically deploys the dll to gac if the dll presents in the GAC folder. To deploy the telerik dll in bin i created the folder 80\bin and copied the dll there. I tried to build the wsp again and then went through the manifest.xml created. Great. The deployment target for the dll changed to WebApplication and wspbuilder was smart to create the cas policy itself.
<CodeAccessSecurity> <PolicyItem> <PermissionSet class="NamedPermissionSet Code Access Security Policy Tool (Caspol.exe) - detailed description Hello, I am studying for MCTS - 70-536 , I want more details about caspol utility, its command line options. I have gone through the Link http://msdn.microsoft.com/en-us/library/cb6t8dtz%28VS.80%29.aspx and the MCTS - 70-536 Self Paced Training Kit , 2nd Edition, but I could not find its detailed command line options. Please refer any book or link which can give extensive details about caspol utility. Thank You Regards Anoop
Hello,
I am studying for MCTS - 70-536 , I want more details about caspol utility, its command line options. I have gone through the Link http://msdn.microsoft.com/en-us/library/cb6t8dtz%28VS.80%29.aspx and the MCTS - 70-536 Self Paced Training Kit , 2nd Edition, but I could not find its detailed command line options. Please refer any book or link which can give extensive details about caspol utility.
Thank You
Regards
In this article, the author delves into some commonly used ways of writing data access code and looks at the effect they can have on performance.
Bob Beauchemin
MSDN Magazine August 2009
Michael Howard outlines some of the buffer overrun defenses available in Visual C++ 2005 and beyond.
Michael Howard
MSDN Magazine March 2008
Juval Lowy designs easily configured security settings for applications built on Windows Communication Foundation.
MSDN Magazine August 2007
E nterprise applications can have a wide variety of data update requirements. Sometimes you need to save multiple rows of changes at once within a single transaction. Other times, the user must be allowed to enter multiple rows of data, send them to the database in a batch; and if a row or two fails, only the rows that succeeded should be committed and remain committed.
John Papa
MSDN Magazine October 2005
Last month I explored the foundation of the Enterprise Library Data Access Application Block (DAAB) including how it all fits into an architecture (see Data Points: The Enterprise Library Data Access Application Block, Part 1).
MSDN Magazine August 2005
A solid data access later (DAL) can benefit an application by hiding redundant tasks, helping handle exceptions more gracefully, helping clean up resources more efficiently, and providing a layer of abstraction from the database.
MSDN Magazine July 2005
GINA, the Graphical Identification and Authentication component, is a part of WinLogon that you can customize or replace. Last month I introduced GINA customization; this month, I'm going to drill down to implement each of the GINA entry points.
MSDN Magazine June 2005
Hall of Fame Twitter Terms of Service Privacy Policy Contact Us Archives Tell A Friend