如何抑制对托管方法的直接调用?
我想知道这本质上是否可行:
想象一下云场景。我允许用户将他们的 .net 代码上传到我的服务器上。但是,为了管理服务器上的内容,我不能允许用户编写直接调用 HttpWebRequest.Create() 等方法的代码。
如果用户编写了这样的代码,则意味着他/她正在尝试联系另一个网络服务(例如)。我的目标是通过另一台服务器提供这些服务,但仍然让主服务器处理其他传入请求。
我想阻止对 HttpWebRequest.Create() 的调用。相反,我将为用户提供一些接口来进行此类调用。对于这个问题我能想到什么样的解决方案呢?
PS:我更倾向于.net 2.0。如果您回答的是更高版本的交易,请具体说明
I want to know if this is inherently possible:
Think of a cloud scenario. I allow users to upload their .net code onto my server. However to manage things on my server I can't allow users to write code which make direct calls to methods such as HttpWebRequest.Create().
If the user has written such a code it would mean he/she is trying to contact another web service (for e.g.). My objective is to have these services served via another server, but still have the main server work on other incoming requests.
I want to block calls to HttpWebRequest.Create(). Instead I will provide some interface for the user to make such calls. What kind of solution can I think of for this problem?
PS: I am more of .net 2.0 oriented. Please be specific if you answer deals with a higher version
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
查看代码访问安全 (http://msdn .microsoft.com/en-us/library/930b76w0(VS.71).aspx 或 http://www.codeproject.com/KB/security/UB_CAS_NET.aspx)
您可以创建一个新的受限制的 AppDomain,在其中执行您的客户代码。
编辑:如果您想提供一种 API 来实现需要 HttpWebRequest 的方法,那么我建议创建一个服务(拥有所有权限),然后您的 API 调用该服务。在该服务中,您可以实施任何您想要的限制。
Have a look at Code Access Security (http://msdn.microsoft.com/en-us/library/930b76w0(VS.71).aspx or http://www.codeproject.com/KB/security/UB_CAS_NET.aspx)
You could create a new restricted AppDomain where your customers code is executed.
EDIT: If you want to provide a kind of API which implements methods that need HttpWebRequest then I would suggest to create a Service (which has all rights) and your API calls that Service. In that service you could implement any restrictions you want.