Full Trust and Partial Trust

Previous page
Table of content
Next page

By default, Web applications run with full trust. Full-trust applications are granted unrestricted code access permissions by code access security policy. These permissions include built-in system and custom permissions. This means that code access security will not prevent your application from accessing any of the secured resource types that Figure 9.1 shows. The success or failure of the resource access attempt is determined purely by operating system-level security. Web applications that run with full trust include all ASP.NET applications built using .NET Framework version 1.0. By default, .NET Framework version 1.1 applications run with full trust, but the trust level can be configured using the <trust> element, which is described later in this chapter.

If an application is configured with a trust level other than "Full," it is referred to as a partial-trust application. Partial-trust applications have restricted permissions, which limit their ability to access secured resources.

Important  

Web applications built on .NET Framework version 1.0 always run with full trust because the types in System.Web demand full-trust callers .



Previous page
Table of content
Next page
Improving Web Application Security. Threats and Countermeasures
Improving Web Application Security: Threats and Countermeasures
ISBN: 0735618429
EAN: 2147483647
Year: 2003
Pages: 613
Authors: Microsoft Corporation
BUY ON AMAZON
Introducing Microsoft Office InfoPath 2003 (Bpg-Other)
WebLogic: The Definitive Guide
Cisco IP Telephony (CIPT) (Authorized Self-Study) (2nd Edition)
Junos Cookbook (Cookbooks (OReilly))
Visual Studio Tools for Office(c) Using C# with Excel, Word, Outlook, and InfoPath
Special Edition Using FileMaker 8
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy