tailieunhanh - Building Secure ASP.NET Applications phần 5

Cấu hình mức độ bảo mật của ứng dụng vào quá trình và mức độ thành phần. Để bảo mật dựa trên vai trò có ý nghĩa, cho phép truy cập kiểm tra quá trình và mức độ thành phần bằng cách sử dụng sau đây thuộc tính NET. | 202 Building Secure Applications Important Failure to set this attribute results in no access checks being performed. Configure the application s security level at the process and component level. For meaningful role-based security enable access checking at the process and component levels by using the following .NET attribute. assembly ApplicationAccessControl AccessChecksLevel AccessChecksLevelOption. ApplicationComponent This is equivalent to selecting the Perform access checks at the process and component levels check box on the Security page of the application s Properties dialog box within Component Services. Note Always enable access checking at the process and component level for library applications. Enable component level access checks. To enable component-level access checks use the ComponentAccessControl class-level attribute as shown below. ComponentAccessControl true public class MyServicedComponent ServicedComponent This is equivalent to selecting the Enforce Component Level Access Checks check box on the Security page of the component Properties dialog box within Component Services. Note This setting is effective only if you have enabled application-level access checking and have configured process and component level access checks as described previously. Create and Assign Roles Roles can be created and assigned at the application component class interface and method levels. Adding Roles to an Application To add roles to an application use the SecurityRole assembly level attribute as shown below. assembly SecurityRole Employee assembly SecurityRole Manager This is equivalent to adding roles to an application by using the Component Services tool. Chapter 9 Enterprise Services Security 203 Note Using the SecurityRole attribute at the assembly level is equivalent to adding roles to the application but not assigning them to individual components interfaces or methods. The result is that the members of these roles determine the composition of .