View Single Post
  #1 (permalink)  
Old April 10th, 2008, 08:52 AM
robzyc robzyc is offline
Friend of Wrox
Join Date: Mar 2007
Location: Hampshire, United Kingdom.
Posts: 432
Thanks: 0
Thanked 1 Time in 1 Post
Default Code Access Security & Role Based Security

Hi Guys,

I feel like I am sooo close to being ready to sit this exam (70-316), this is an area that Ijust can't seem to get stuck into my thick skull. I have

looked at many different sites and text's but I have found they all just seem to say the same thing.

I know there are several really smart guys here, so I was hoping you guys would be kind enough to just post your own answers to the following questions,

I'd really appreciate it.

1. Define/Describe "Code Access Security".
2. Define/Describe "Role-Based Security".
3. Can you give an example of when you have used both/either of them in your projects (a brief summary of how and why would be fine!)

So you know I am not just looking to freeload the question, here is my understanding so far (which I am of course writing from memory, so there is bound

to be mistakes!) plus any points I am struggling with:

1. Code-Access security is about ensuring code has the appropriate access level to run. This is defined by Permission objects, of which there are

many specialised classes that represent different resources (such as FileIO & DialogBoxes). This can either be Declarative (declared at compile

time in the code) or Imperative requested at runtime.

How does this [roughly] work? How do Permission Sets and Intersectioning work?

2. Role-Based security ensures that the specified user is authorised to perform an action. This revolves a lot around the Principle class,

which represents a user. RB security enables you to check that the current user is authenticated within Windows and part of a group within a domain.

Kinda the same question here really? Any better, more complete descriptions around?

3. Never :)

Very many thanks guys, I know these questions are kind of wooly, but I am looking more for chit-chat than code! :)

The Developing Developer
Currently Working Towards: MCAD C#
My Blog: