Use principal demands on classes and methods

From Guidance Share

Jump to: navigation, search

- J.D. Meier, Alex Mackman, Michael Dunner, Srinath Vasireddy, Ray Escamilla and Anandha Murukan

Principal permission demands allow you to make authorization decisions based on the identity and role membership of the caller. The caller's identity and role membership is maintained by the principal object that is associated with the current Web request (accessed through HttpContext.User). Use declarative security attributes to provide access controls on classes and methods, as follows:

// Declarative syntax
[PrincipalPermission(SecurityAction.Demand, 
         Role=@"DomainName\WindowsGroup")]
public void SomeRestrictedMethod()
{
}

References

Personal tools