tailieunhanh - Professional ASP.NET 2.0 Security, Membership, and Role Management phần 3
Nếu một hoster được cung cấp chỉ là một tên cơ sở dữ liệu cụ thể (hoặc tên), bạn thậm chí có thể đi một bước xa hơn và xác định trong các tập tin chính sách tùy chỉnh để hạn chế truy cập một tên được xác định trước:. Nếu bạn nhớ trở lại Chương 3 về mức độ tin tưởng, và thảo luận về các thuộc tính | A Matter of Trust If you run the sample code shown earlier that connects to SQL Server a security exception is thrown. However if instead you attempt to connect to an MDB database as the following example shows everything works Using a Sql connection string at this point will result in a SecurityException OleDbConnection oc new OleDbConnection Provider data source D Inetpub wwwroot OleDbCommand ocmd new OleDbCommand select from aspnet_Applications oc OleDbDataReader or If a hoster provisioned only a specific database name or names you could even go one step further and define the lPermission in the custom policy file to restrict access to a predefined name IPermission class OleDbPermission version 1 add ConnectionString Provider data source AppDir KeyRestrictions user id password KeyRestrictionBehavior AllowOnly IPermission Notice how the Connectionstring attribute in the add element now also includes the data source definition. Furthermore KeyRestrictions no longer allows you to specify a custom value for data source. Because performs a string search-and-replace for all tokens in a trust policy file you can use the replacement token AppDir inside of the Connectionstring attribute. The previous definition has the net effect of restricting an application to using only an Access database called ASPNetdb located in the root of the application s physical directory structure. Attempting to use any other Access MDB will result in a SecurityException. Customizing OdbcPermission Another data access technology that many folks use in is ODBC. Even though it probably seems a bit old-fashioned to still be using ODBC as I like to half-joke every few years Microsoft needs to release an entirely new data access technology due to our predilection for reorgs it is still widely used due to the prevalence of ODBC drivers that .
đang nạp các trang xem trước