Weitere ähnliche Inhalte
Ähnlich wie Vb.net session 14
Ähnlich wie Vb.net session 14 (20)
Kürzlich hochgeladen (20)
Vb.net session 14
- 1. Configuring and Securing Windows Based
Applications
Pre-Assessment Questions
1. Consider the following two statements:
Statement A: An assembly can have an extension of .exe
Statement B: An assembly can have an extension of .dll
Which of the following is true about the above two statements:
a. Both A and B are true
b. A is true, B is false
c. A is false, B is true
d. Both A and B are false
©NIIT Enhancing and Distributing Applications Lesson 2B / Slide 1 of 29
- 2. Configuring and Securing Windows Based
Applications
Pre-Assessment Questions (Contd.)
• Which of the following is not true about Global Assembly Cache?
a. Contains assemblies that can be shared.
b. Contains assemblies that are unique.
c. Contains assemblies that have a strong name.
d. Can contain only a single version of an assembly.
©NIIT Enhancing and Distributing Applications Lesson 2B / Slide 2 of 29
- 3. Configuring and Securing Windows Based
Applications
Pre-Assessment Questions (Contd.)
• Which of the following is not a part of the version number of an assembly?
a. Major Version Number
b. Minor Version Number
c. Revision Number
d. Release Number
©NIIT Enhancing and Distributing Applications Lesson 2B / Slide 3 of 29
- 4. Configuring and Securing Windows Based
Applications
Pre-Assessment Questions (Contd.)
• Which of the following can be used to view the version information in an
assembly?
a. ILDisassembler
b. GACUtil
c. .NET Framework Configuration Tool
d. AsmView
©NIIT Enhancing and Distributing Applications Lesson 2B / Slide 4 of 29
- 5. Configuring and Securing Windows Based
Applications
Pre-Assessment Questions (Contd.)
• Which of the following Setup and Deployment Projects templates can be used
to package components that can be downloaded from a Web server to a
Web browser
• Setup Project
• Web Setup Project
• Merge Module Project
• Cab Project
©NIIT Enhancing and Distributing Applications Lesson 2B / Slide 5 of 29
- 6. Configuring and Securing Windows Based
Applications
Solutions to Pre-Assessment
Questions
1. a.
2. d.
3. d.
4. a.
5. d.
©NIIT Enhancing and Distributing Applications Lesson 2B / Slide 6 of 29
- 7. Configuring and Securing Windows Based
Applications
Objectives
In this lesson, you will learn to:
• Configure Windows applications
• Secure Windows-based applications
©NIIT Enhancing and Distributing Applications Lesson 2B / Slide 7 of 29
- 8. Configuring and Securing Windows Based
Applications
Configuring Windows Applications
• Configuration files:
• are XML files
• contain configuration settings for applications
• are used to change application settings without recompiling them
• can be used to set machine policies that affect how applications run on a
computer
• can be modified whenever required
• contain a hierarchy of elements that specify configuration information
©NIIT Enhancing and Distributing Applications Lesson 2B / Slide 8 of 29
- 9. Configuring and Securing Windows Based
Applications
Configuring Windows Applications
(Contd.)
<configuration>
<runtime>
<assemblyBinding xmlns="urn:schemas-microsoft-com:asm.v1">
<probing privatePath="Stringer"/>
<publisherPolicy apply="no"/>
<dependentAssembly>
<assemblyIdentity name="Reverser"
publicKeyToken="0038acc8beadf1e5" culture=""/>
<publisherPolicy apply="no"/>
</dependentAssembly>
</assemblyBinding>
</runtime>
</configuration>
©NIIT Enhancing and Distributing Applications Lesson 2B / Slide 9 of 29
- 10. Configuring and Securing Windows Based
Applications
Configuring Windows Applications
(Contd.)
• There are three types of configuration files:
• Application Configuration File
• Machine Configuration File
• Security Configuration File
• Application configuration files contain configuration settings specific to
applications.
• Machine configuration files include settings that apply to an entire computer.
• Security configuration files contain information about permission sets and code
group hierarchy.
©NIIT Enhancing and Distributing Applications Lesson 2B / Slide 10 of 29
- 11. Configuring and Securing Windows Based
Applications
Configuring Applications
• You can control the way applications run by changing the application settings
in the application configuration file.
©NIIT Enhancing and Distributing Applications Lesson 2B / Slide 11 of 29
- 12. Configuring and Securing Windows Based
Applications
Configuring Applications (Contd.)
• Description of elements in a configuration file:
Element Description
<configuration> Root level element in a configuration file. Indicates
that the information included in this tag is used to
configure the application.
<runtime> Contains information about assembly binding and
garbage collection.
<supportedRuntime> Specifies the version of the common language
runtime that an application supports.
<gcConcurrent> Specifies whether the common language runtime
runs garbage collection on a separate thread.
<assemblyBinding> Contains information about assembly version
redirection and the locations of assemblies.
<dependentAssembly> Includes binding policy information such as name,
version and location of an assembly.
©NIIT Enhancing and Distributing Applications Lesson 2B / Slide 12 of 29
- 13. Configuring and Securing Windows Based
Applications
Configuring Applications (Contd.)
• Description of elements in a configuration file:
Element Description
<assemblyIdentity> Includes information used to identify an assembly.
<bindingRedirect> Redirects one assembly version to another.
<codeBase> Specifies where the runtime can find a strong
named assembly
<probing> Specifies the application’s base directory
subdirectories of the application’s base directory
that the runtime should search when locating an
assembly.
<publisherPolicy> Specifies whether the runtime applies publisher
policy to your application.
©NIIT Enhancing and Distributing Applications Lesson 2B / Slide 13 of 29
- 14. Configuring and Securing Windows Based
Applications
Configuring Applications (Contd.)
• Some areas where application configuration files can be useful are given
below:
• Specifying the runtime version
• Specifying concurrent garbage collection
• Specifying the location of an assembly
• Redirecting assembly versions
• Creating a publisher policy
©NIIT Enhancing and Distributing Applications Lesson 2B / Slide 14 of 29
- 15. Configuring and Securing Windows Based
Applications
Configuring Applications (Contd.)
• Specifying the runtime version
<configuration>
<startup>
<supportedRuntime version="v1.1.3522"/>
<supportedRuntime version="v1.0.3805"/>
</startup>
</configuration>
• Specifying concurrent garbage collection
<configuration>
<runtime>
<gcConcurrent enabled="true"/>
</runtime>
</configuration>
©NIIT Enhancing and Distributing Applications Lesson 2B / Slide 15 of 29
- 16. Configuring and Securing Windows Based
Applications
Configuring Applications (Contd.)
• Redirecting Assembly Versions
<configuration>
<runtime>
<assemblyBinding xmlns="urn:schemas-microsoft-com:asm.v1">
<dependentAssembly>
<assemblyIdentity name="myAssembly"
publicKeyToken="32ab4ba45e0a69a1"
culture="neutral" />
<bindingRedirect oldVersion="1.0.0.0"
newVersion="2.0.0.0"/>
</dependentAssembly>
</assemblyBinding>
</runtime>
</configuration>
©NIIT Enhancing and Distributing Applications Lesson 2B / Slide 16 of 29
- 17. Configuring and Securing Windows Based
Applications
Configuring Applications (Contd.)
• Using a Publisher Policy
<configuration>
<runtime>
<assemblyBinding xmlns="urn:schemas-microsoft-com:asm.v1">
<publisherPolicy apply="yes"/>
</assemblyBinding>
</runtime>
</configuration>
©NIIT Enhancing and Distributing Applications Lesson 2B / Slide 17 of 29
- 18. Configuring and Securing Windows Based
Applications
Configuration Sections
• A configuration file can contain information that the application reads at run
time. You can specify this information in configuration files by using
configuration sections.
• The .NET Framework provides several predefined configuration sections (e.g.
<appSettings>) and developers can also create custom configuration
sections.
• Configuration sections have two parts:
• Configuration section declaration
• Configuration settings
• Settings specified in configuration sections are read by section handlers at
runtime.
©NIIT Enhancing and Distributing Applications Lesson 2B / Slide 18 of 29
- 19. Configuring and Securing Windows Based
Applications
Configuration Sections (Contd.)
• The .NET Framework uses the following section handlers:
• NameValueSectionHandler
• IgnoreSectionHandler
• DictionarySectionHandler
• SingleTagSectionHandler
• A new configuration section is created by declaring it in a <section> element
inside the <configSections> element. The <section> element has two
properties:
• name: name of the element that contains the information the section
handler reads.
• type: name of the section handler that reads the information.
©NIIT Enhancing and Distributing Applications Lesson 2B / Slide 19 of 29
- 20. Configuring and Securing Windows Based
Applications
Securing Windows Applications
• The .NET Framework provides several mechanisms for protecting resources
and code from unauthorized code and users. This includes:
• Code Access Security (CAS): Code Access Security controls the
resources that your code can access.
• Role-Based Security: Role-based security allows developers to limit
which users can run certain parts of an application.
©NIIT Enhancing and Distributing Applications Lesson 2B / Slide 20 of 29
- 21. Configuring and Securing Windows Based
Applications
Securing Windows Applications
(Contd.)
• The CAS consists of elements such as
• Evidence
• Permissions
• Permission sets
• Code groups
• Policy
©NIIT Enhancing and Distributing Applications Lesson 2B / Slide 21 of 29
- 22. Configuring and Securing Windows Based
Applications
Securing Windows Applications
(Contd.)
• Evidence is the information that the common language runtime uses to make
decisions based on security policy. Evidence consists of information about an
assembly that includes:
• URL
• Zone
• Strong Name
• Publisher
• Hash
• Application directory
• Site
©NIIT Enhancing and Distributing Applications Lesson 2B / Slide 22 of 29
- 23. Configuring and Securing Windows Based
Applications
Securing Windows Applications
(Contd.)
• Code access permissions represent rights for code to access resources.
• A permission set consists of multiple permissions.
• A code group consists of a membership condition and a set of permissions
that an assembly might be granted if it meets that membership condition.
• Security policy is the configurable set of rules that the common language
runtime follows when it decides what it will allow code to do.
©NIIT Enhancing and Distributing Applications Lesson 2B / Slide 23 of 29
- 24. Configuring and Securing Windows Based
Applications
Securing Windows Applications
(Contd.)
• Role Based Security consists of:
• Authentication
• Authorization
• Authentication is the procedure of validating the identity of a user by
examining the user’s information by verifying it against some authentication
authority.
• Authorization is the procedure of finding whether a user has rights to
perform a specific action or not.
©NIIT Enhancing and Distributing Applications Lesson 2B / Slide 24 of 29
- 25. Configuring and Securing Windows Based
Applications
Securing Windows Applications
(Contd.)
• Role based security uses two concepts:
• Identity
• Principal
©NIIT Enhancing and Distributing Applications Lesson 2B / Slide 25 of 29
- 26. Configuring and Securing Windows Based
Applications
Configuring Security
• Code Access Security can be configured by using the .NET Framework
Configuration Tool.
• Role based security uses the Principal and Identity objects to access
information about the user.
• The Identity object encapsulates information about the user or entity being
validated, e.g. user name and authentication type.
• The Principal object represents the security context under which code is
running.
• Applications that implement role-based security grant rights based on the
role associated with a Principal object.
©NIIT Enhancing and Distributing Applications Lesson 2B / Slide 26 of 29
- 27. Configuring and Securing Windows Based
Applications
Configuring Security(Contd.)
• Role based security in the .NET Framework supports the following types of
principals:
• Windows Principal
• Generic Principal
• Windows Principal represents Windows users and their roles.
• Generic Principal represents users and roles that are independent of
Windows users and their roles. It helps in application authentication and
authorization.
• Windows Principal is implemented by WindowsPrincipal class.
• Generic Principal is implemented by GenericPrincipal class.
©NIIT Enhancing and Distributing Applications Lesson 2B / Slide 27 of 29
- 28. Configuring and Securing Windows Based
Applications
Summary
In this lesson, you learned that:
• Configuration files are XML files that are used to change application settings
without recompiling the applications.
• There are three types of configuration files:
• Application Configuration File
• Machine Configuration File
• Security Configuration File.
• The various security mechanisms for protecting resources and code from
unauthorized code and users are:
• Code Access Security
• Role Based Security
©NIIT Enhancing and Distributing Applications Lesson 2B / Slide 28 of 29
- 29. Configuring and Securing Windows Based
Applications
Summary (Contd.)
In this lesson, you learned that:
• The CAS consists of elements such as evidence, permissions, permission
sets, code groups, and policy.
• Role Based Security consists of:
• Authentication
• Authorization
• Role based security uses two concepts:
• Identity
• Principal
©NIIT Enhancing and Distributing Applications Lesson 2B / Slide 29 of 29