You can set custom permissions for .NET Web Service components, in the Project painter Security tab.
Most of the permission classes that you can customize are defined in the System.Security.Permissions namespace. For more information on these permission classes, see the Microsoft Web site at http://msdn.microsoft.com/en-us/library/system.security.permissions.aspx.
-
Adding Permissions in the .NET Framework Configuration Tool
The list of permissions that display in the Security tab permissions list box is the same as the list in the "Everything" permission set of the .NET Framework 4.x SDK Configuration tool runtime security policy.
-
EnvironmentPermission (obsolete)
This setting is obsolete, as .NET Windows Forms application is no longer supported since PowerBuilder 2017. An obsolete feature is no longer eligible for technical support and will no longer be enhanced, although it is still available.
-
EventLogPermission (obsolete)
This setting is obsolete, as .NET Windows Forms application is no longer supported since PowerBuilder 2017.
-
FileDialogPermission (obsolete)
This setting is obsolete, as .NET Windows Forms application is no longer supported since PowerBuilder 2017.
-
FileIOPermission (obsolete)
This setting is obsolete, as .NET Windows Forms application is no longer supported since PowerBuilder 2017.
-
PrintingPerission (obsolete)
This setting is obsolete, as .NET Windows Forms application is no longer supported since PowerBuilder 2017.
-
ReflectionPermission
ReflectionPermission settings are required for PowerScript reflection functions and objects in .NET targets.
-
RegistryPermission
RegistryPermission settings are required for system registry functions and MLSync object functions in .NET targets.
-
SecurityPermission (obsolete)
This setting is obsolete, as .NET Windows Forms application is no longer supported since PowerBuilder 2017.
-
SMTPPermission
An SMTPPermission setting is required for the MailSession object log on function in .NET targets.
-
SocketPermission
A SocketPermission setting is required for the Connection object ConnectToServer function in .NET targets.
-
SQLClientPermission
A SocketPermission setting is required for the database connection feature in .NET targets.
-
UIPermission (obsolete)
This setting is obsolete, as .NET Windows Forms application is no longer supported since PowerBuilder 2017.
-
WebPermission (obsolete)
This setting is obsolete, as .NET Windows Forms application is no longer supported since PowerBuilder 2017.
-
Custom Permission Types
Permission types that you can customize on the Security tab page of the Project painter (besides the permissions described elsewhere in this appendix) have no direct impact on PowerScript functions or properties in .NET targets.
The list of permissions that display in the Security tab permissions list box is the same as the list in the "Everything" permission set of the .NET Framework 4.x SDK Configuration tool runtime security policy.
To add permission settings that are not in the custom permissions list:
-
Close PowerBuilder if it is open, and create an XML file with the permission settings you want to add. For example, by default, the SMTPPermission setting is not included in the assigned permissions in the "Everything" permission set. To create this permission, save a file named SMTPPermission.xml with the following content:
<IPermission class= "System.Net.Mail.SmtpPermission, System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" version="1" Unrestricted="true"/>
-
Open the .NET Framework SDK Configuration tool from the Administrative Tools folder in your computer Control Panel.
-
In the left pane of the configuration tool, select My Computer > Runtime Security Policy > Machine > Permission Sets > Everything, then select the Action > Change Permissions menu item.
-
In the Create Permission Set dialog box, click Import to open the Import a Permission dialog box, browse to the SMTPPermission.xml file, and click OK.
-
Click Finish, close the configuration tool, and open a .NET project in PowerBuilder to the Security tab page. The SMTPPermission displays in the list box of the Security tab page. You can scroll the list to see it when you select any radio button option other than Full Trust.
ReflectionPermission settings are required for PowerScript reflection functions and objects in .NET targets.
|
System function or object |
Permission required |
|---|---|
|
FindClassDefinition, FindTypeDefinition |
TypeInformation |
|
ScriptDefinition object |
TypeInformation |
Example 1
This permission setting allows reflection for members of a type that are not visible:
<IPermission class=
"System.Security.Permissions.ReflectionPermission,
mscorlib, Version=4.0.0.0, Culture=neutral,
PublicKeyToken=b77a5c561934e089" version="1"
Flags="TypeInformation" />RegistryPermission settings are required for system registry functions and MLSync object functions in .NET targets.
|
System function |
Permission required |
|---|---|
|
RegistryGet, RegistryKeys, RegistryValues |
Read |
|
RegistrySet |
Write; if registry key does not exist, requires Create |
|
RegistryDelete |
Read and Write |
This table shows the required RegistryPermission settings for MLSync object functions in .NET targets:
|
MLSync function |
Permission required |
|---|---|
|
GetObjectRevisionFromRegistry, GetsSyncRegistryProperties |
Read on HKEY_CURRENT_USER registry key |
|
GetDBMLSyncPath |
Read on the Software\SAP\SQL Anywhere registry keys under HKEY_CURRENT_USER and HKEY_LOCAL_MACHINE |
|
SetsSyncRegistryProperties |
Unrestricted on HKEY_CURRENT_USER registry key |
Example 1
This example grants read permission for the HKEY_CURRENT_USER registry key, which extends to its subkeys:
<IPermission class="System.Security.Permissions.RegistryPermission, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" version="1" Read="HKEY_CURRENT_USER" />
An SMTPPermission setting is required for the MailSession object log on function in .NET targets.
|
MailSession object function |
Permission required |
|---|---|
|
MailLogon |
Connect (if using default port) or ConnectToUnrestrictedPort |
Example 1
This permission setting allows to log onto a mail session and receive mail through a default port:
<IPermission class="System.Net.Mail.SmtpPermission, System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" version="1" Access="Connect"/>
A SocketPermission setting is required for the Connection object ConnectToServer function in .NET targets.
The SocketPermission class belongs to the System.Net namespace described on the Microsoft Web site at http://msdn.microsoft.com/en-us/library/system.net.aspx.
Example 1
This permission setting allows to get or set a network access method:
<IPermission class="System.Net.SocketPermission,
System, Version=4.0.0.0, Culture=neutral,
PublicKeyToken=b77a5c561934e089" version="1">
<ConnectAccess>
<ENDPOINT host="10.42.144.40" transport="Tcp"
port="2000"/>
</ConnectAccess>
</IPermission>A SocketPermission setting is required for the database connection feature in .NET targets.
Example 1
This permission setting allows database connections:
<IPermission class= "System.Data.SqlClient.SqlClientPermission, System.Data, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" version="1" Unrestricted="true" />
Permission types that you can customize on the Security tab page of the Project painter (besides the permissions described elsewhere in this appendix) have no direct impact on PowerScript functions or properties in .NET targets.
However, if you use the language interoperation feature of PowerBuilder, this may also require customized permissions for the following permission types:
-
ASPNETHostingPermission
-
ConfigurationPermission
-
DataProtectionPermission
-
DNSPermission
-
IsolatedStoragePermission
-
KeyContainerPermission
-
OleDBPermission
-
PerformanceCounterPermission
-
StorePermission
