从 .NET 3.5 升级某些 ASP.NET 代码时,我收到以下编译错误警告:
“System.Security.Permissions.SecurityAction.RequestMinimum”已过时。
该属性已应用于程序集级别:
[assembly: System.Security.Permissions.SecurityPermission(System.Security.Permissions.SecurityAction.RequestMinimum, Execution=true)]
此外,代码还使用 P&P Web 客户端软件工厂,特别是 ObjectBuilder.WCSFExtensions 库。
此外,代码还提供了一些角色提供程序的实现。
请记住,此代码在其他项目中用作框架代码,因此很难确定可能存在哪些安全需求。
因此,最重要的问题是:
“System.Security.Permissions.SecurityAction”枚举需要使用什么值?
或者是否有更好的方法来应用此安全属性?
I received the following compilation warning as a error while upgrading some ASP.NET code from .NET 3.5:
'System.Security.Permissions.SecurityAction.RequestMinimum' is obsolete.
The attribute has bee applied on the assebly level:
[assembly: System.Security.Permissions.SecurityPermission(System.Security.Permissions.SecurityAction.RequestMinimum, Execution=true)]
Also the code makes use of the P&P Web Client Software Factory, specificly the ObjectBuilder.WCSFExtensions library.
Also it the code is providing some role provider implementations.
Keep in mind this code is used as Framework code in other projects, so it is hard to determine what security demands there might be.
So the milion dolar question is:
What value needs to be used for the "System.Security.Permissions.SecurityAction" enum?
Alternatively is there a better approach to applying the this security attribute?
发布评论
评论(2)
您是否阅读了完整的编译器警告或访问了其中包含的链接? “裸”CLR 不再限制 .NET 4.0 下的 CAS 权限,除非您打开“传统模式”开关,因此无法替代您的 RequestMinimum 使用。应删除程序集级别的 SecurityPermissionAttribute,而不是修改它。
有关 4.0 CAS 更改的比 MSDN 上显示的更完整的说明,请参阅 http://blogs.msdn.com/b/shawnfa/archive/2009/05/21/security-policy-in-the-v4-clr.aspx 和 http://blogs.msdn.com/b/shawnfa/archive/2010/02/24/so-is-cas-dead-in-net-4-or-what.aspx。
Did you read the full compiler warning or visit the link it includes? The "naked" CLR no longer restricts CAS permissions under .NET 4.0 unless you flip a "legacy mode" switch, so there is no replacement for your RequestMinimum use. The assembly-level SecurityPermissionAttribute should be removed, not modified.
For a more complete explanation of the 4.0 CAS changes than appears on MSDN, see http://blogs.msdn.com/b/shawnfa/archive/2009/05/21/security-policy-in-the-v4-clr.aspx and http://blogs.msdn.com/b/shawnfa/archive/2010/02/24/so-is-cas-dead-in-net-4-or-what.aspx.
http://msdn.microsoft.com/en-us/library/ee471421.aspx
问题似乎在于,程序集级别的声明性安全性总体上已被标记为过时。也许您可以在方法级别应用它?
http://msdn.microsoft.com/en-us/library/ee471421.aspx
It seems the problem is that assembly level declarative security on the whole has been marked obsolete. Perhaps you can apply this at a method-level instead?