13.7. Using the Provider in Partial Trust
All the examples shown so far for Active Directory and for ADLDS have been running in full trust. However, if you attempt to use the provider directly in a partial trust environment it will fail. Within the provider's Initialize method, an explicit check is made for Low trust. The provider itself is attributed with a link demand for System.DirectoryServices.DirectoryServicesPermission. Also, each of its public methods is attributed with a full demand for the same permission.
C#
[DirectoryServicesPermission(SecurityAction.LinkDemand, Unrestricted=true)]
[DirectoryServicesPermission(SecurityAction.InheritanceDemand, Unrestricted=true)]
public class ActiveDirectoryMembershipProvider : MembershipProvider
{
...
[DirectoryServicesPermission(SecurityAction.Assert, Unrestricted=true)]
[DirectoryServicesPermission(SecurityAction.Demand, Unrestricted=true)]
[DirectoryServicesPermission(SecurityAction.InheritanceDemand, Unrestricted=true)]
public override string ResetPassword(string username, string passwordAnswer)
...
}
VB.NET
<DirectoryServicesPermission( _
SecurityAction.LinkDemand, _
Unrestricted:=True), _
DirectoryServicesPermission( _
SecurityAction.InheritanceDemand, _
Unrestricted:=True)> _
Public Class ActiveDirectoryMembershipProvider
Inherits MembershipProvider
...
<DirectoryServicesPermission( _
SecurityAction.InheritanceDemand, _
Unrestricted:=True), _
DirectoryServicesPermission( _
SecurityAction.Assert, _
Unrestricted:=True), _ DirectoryServicesPermission( ...Get Professional ASP.NET 3.5 Security, Membership, and Role Management with C# and VB now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
