An OraclePermission object enables ODP.NET to enforce imperative security and helps ensure that a user has a security level adequate for accessing data.
System.Object
System.Security.CodeAccessPermission
System.Data.Common.DBDataPermission
Oracle.DataAccess.Client.OraclePermission
// ADO.NET 2.0: C# public class OraclePermission: DBDataPermission
All public static methods are thread-safe, although instance methods do not guarantee thread safety.
Namespace: Oracle.DataAccess.Client
Assembly: Oracle.DataAccess
ODP.NET Version: ODP.NET for .NET Framework 2.0 or ODP.NET for .NET Framework 4
See Also:
OraclePermission members are listed in the following tables.
The OraclePermission constructor is listed in Table 5-87.
Table 5-87 OraclePermission Constructor
| Constructor | Description |
|---|---|
|
Instantiates a new instance of the |
OraclePermission Static Methods
The OraclePermission static methods are listed in Table 5-88.
Table 5-88 OraclePermission Static Methods
| Static Method | Description |
|---|---|
|
|
Inherited from |
|
|
Inherited from |
|
|
Inherited from |
|
|
Inherited from |
|
|
Inherited from |
|
|
Inherited from |
OraclePermission Public Properties
The OraclePermission public methods are listed in Table 5-92.
Table 5-89 OraclePermission Public Properties
| Public Properties | Description |
|---|---|
|
|
Inherited from
|
OraclePermission Public Methods
The OraclePermission public methods are listed in Table 5-90.
Table 5-90 OraclePermission Public Methods
| Public Method | Description |
|---|---|
|
Adds a new connection string fragment and a list of restricted keywords to the |
|
|
|
Inherited from |
|
Returns a copy of the current permission object |
|
|
|
Inherited from |
|
|
Inherited from |
|
|
Inherited from |
|
|
Inherited from |
|
|
Inherited from |
|
|
Inherited from |
|
|
Inherited from |
|
Returns a boolean value that indicates whether or not the current permission is a subset of the target permission |
|
|
|
Inherited from |
|
|
Inherited from |
|
|
Inherited from |
|
|
Inherited from |
|
|
Inherited from |
The OraclePermission constructor instantiates a new instance of the OraclePermission class.
// C#
public OraclePermission (PermissionState state);
state
The state parameter takes one of the following two values: PermissionState.None or PermissionState.Unrestricted.
ArgumentException - The PermissionState value is invalid.
The OraclePermission static methods are listed in Table 5-91.
Table 5-91 OraclePermission Static Methods
| Static Method | Description |
|---|---|
|
|
Inherited from |
|
|
Inherited from |
|
|
Inherited from |
|
|
Inherited from |
|
|
Inherited from |
|
|
Inherited from |
The OraclePermission public methods are listed in Table 5-92.
The OraclePermission public methods are listed in Table 5-93.
Table 5-93 OraclePermission Public Methods
| Public Method | Description |
|---|---|
|
Adds a new connection string fragment and a list of restricted keywords to the |
|
|
|
Inherited from |
|
Returns a copy of the current permission object |
|
|
|
Inherited from |
|
|
Inherited from |
|
|
Inherited from |
|
|
Inherited from |
|
|
Inherited from |
|
|
Inherited from |
|
|
Inherited from |
|
Returns a boolean value that indicates whether or not the current permission is a subset of the target permission |
|
|
|
Inherited from |
|
|
Inherited from |
|
|
Inherited from |
|
|
Inherited from |
|
|
Inherited from |
This method adds a new connection string fragment and a list of restricted keywords to the OraclePermission object.
// C# public void Add(string connStr, string keyRestrict, KeyRestrictionBehavior behavior);
connStr
The connection string fragment.
keyRestrict
The key restrictions.
behavior
One of the following KeyRestrictionBehavior enumerations:
AllowOnly
PreventUsage
ArgumentException - The KeyRestrictionBehavior value or the format of the connStr or keyRestict string is invalid.
The Add method configures the connection strings allowed or disallowed by the permission object.
Opening an OracleConnection is allowed or denied based upon the connection string fragment, key restrictions combination, and the key restriction behavior.
In the following example, KeyRestrictionBehavior.AllowOnly allows connection strings that use orcl as the Data Source with any User Id and Password combination but no other connection string keywords. Connection string keywords other than User Id and Password cause security exceptions.
orclPermission.Add("Data Source=orcl;","User Id=;Password=;",
KeyRestrictionBehavior.AllowOnly);
In the next example, KeyRestrictionBehavior.PreventUsage restricts connection strings that use the keyword Pooling. Use of the Pooling keyword causes an exception.
orclPermission.Add("Data Source=orcl;","Pooling=;",
KeyRestrictionBehavior.PreventUsage)
As a general rule, in an unrestricted environment, any connection string that is not allowed is restricted and throws a security exception.
If a connection string fragment contains key-value pairs for the password and proxy password attributes, then values for these attributes are ignored. However, the presence of the attributes themselves is still checked. This means that the connection is allowed only if the password and proxy attributes keywords are allowed in the connection string.
This method returns a copy of the current permission object.
// C# public override IPermission Copy();
A copy of the OraclePermission object.
This method returns a boolean value that indicates whether or not the current permission is a subset of the target permission.
// C#
public override bool IsSubsetOf(IPermission target);
target
A permission that must be of type OraclePermission.
A bool value that indicates whether or not the current permission is a subset of the target permission.
ArgumentException - The permission is not of the OraclePermission type.
The AllowBlankPassword property is ignored when evaluating whether or not the current permission is a subset of the target permission.