Recipe 17.18. Obtaining the Full Reason a SecurityException Was Thrown Problem You need more information as to why a SecurityException was thrown. Solution Use the new properties available on the SecurityException object, shown in Table 17-2. Table 17-2. SecurityException PropertiesProperty | Description |
---|
Action | This property returns a SecurityAction enumeration value indicating the cause of the security check failure. Possible values can be any of the following: | | Assert | | Demand | | DemandChoice | | Deny | | InheritanceDemand | | InheritanceDemandChoice | | LinkDemand | | LinkDemandChoice | | PermitOnly | | RequestMinimum | | RequestOptional | | RequestRefuseusing | Data | An IDictionary of user-defined key-value pairs. | Demanded | Returns the permission(s) that caused the Demandto fail. The returned object needs to be cast to a Permission, PermissionSet, or PermissionSetCollection type in order to access its information. You can use the is keyword to determine which one of these types this property returned. | DenySetInstance | Returns the denied permission(s) that caused the Demand to fail. This property contains a value whenever a Deny higher up in the stack causes a Demand to fail. The returned object needs to be cast to a Permission, PermissionSet, or PermissionSetCollection type in order to access its information. You can use the is keyword to determine which one of these types this property returned. | FailedAssemblyInfo | Returns an AssemblyName object for the assembly where this exception occurred (i.e., the assembly where the Demand that failed was called). | FirstPermissionThatFailed | Returns an IPermission object of the first permission that failed. This is useful when several permissions in a permission set were demanded at one time. This property identifies which permission caused the exception to occur. | Method | Returns a MethodInfo object for the method where this exception originated. If the cause of the exception was due to a Deny or PermitOnly, the method containing the Deny or PermitOnly will be returned by this property. From this object you can also obtain information on the type and assembly that contain this method. | PermitOnlySetInstance | Returns the permission(s) that were set by a PermitOnly at the point where the security exception was thrown. The returned object needs to be cast to a Permission, PermissionSet, or PermissionSetCollection type in order to access its information. You can use the is keyword to determine which one of these types this property returned. | URL | Returns a string representing the URL of the assembly where this exception originated. | Zone | Returns a SecurityZone enumeration value indicating the zone of the assembly where this exception originated. Possible values can be any of the following: | | Internet | | Intranet | | MyComputer | | NoZone | | trusted | | UnTRusted |
Discussion These new properties on the SecurityException class provide much more insight into what caused the exception to be thrown. For example, if you think a Demand has failed, you can examine the Action property to determine that it was in fact the Demand. Next you can use the Demanded property to find out exactly what permission(s) the Demand attempted to demand. You can compare this to the GrantedSet property, which contains the permission(s) that were granted to the assembly. Now that you know what caused the Demand to fail, you can use the Method, FailedAssemblyInfo, and URL properties to determine where the failure occurred. The Data property can be a very useful property to a developer. This property contains key-value pairs that the developer creates and fills with information concerning why this exception occurred. In this property, you can place variable names and the data they contained at the time of the exception. This can give you even more clues as to why this exception was thrown. See Recipe 7.18 for more information on the Exception.Data property. See Also See the "SecurityException" topic in the MSDN documentation. |