开发者

Purpose of requirePermission attribute (web.config)

开发者 https://www.devze.com 2022-12-10 16:00 出处:网络
What does the requirePermission attribute in the <section> element do? For example: <configuration>

What does the requirePermission attribute in the <section> element do?

For example:

<configuration> 
  <configSections> 
    <section name="urlrewritingnet"   
             restartOnExternalChanges="true" 
             requirePermission ="false"  
             type="UrlRewritingNet.Configuration.UrlRewriteSection, 
                   UrlRewritingNet.UrlRewriter" /> 
  </configSections>开发者_开发问答 
</configuration>

There is no mention of this attribute in the official documention. But, seems to be used in a lot of places.


The behaviour resulting from this setting is documented at http://msdn.microsoft.com/en-us/library/system.configuration.sectioninformation.requirepermission.aspx.


I'm actually going to quote the documentation just in case that page disappears as part of MSDN cleanup.

When RequirePermission is set to true, the GetSection methods are restricted by the trust level setting of the application. This means that methods or properties that allow access to configuration section handlers are restricted by the trust level set for the Web application. NoteNote

NOTE: Because high and full trust are the only levels that allow access to files outside the current application domain, an application can use configuration section handlers only at these trust levels.

When RequirePermission is set to false, the access to the configuration data is not restricted by the application's trust level settings. NoteNote

NOTE: The appropriate file ACL (Access Control List) permissions are still required, regardless of the RequirePermission setting. ACL permissions determine who can access the configuration file.

0

精彩评论

暂无评论...
验证码 换一张
取 消