|
Define imperative and declarative security.- Security checks can be applied imperatively or declaratively.
- Declarative and imperative are the different syntax schemes used to implement security declarations in .NET Framework.
Imperative security:
- It is implemented by calling methods of 'Permission' objects in code at run time.
- Imperative security is applied by calling the appropriate methods of a 'Permission' object that represents the principal (for role-based security) or system resource (for code access security).
- In imperative implementation, the attribute syntax is not used.
- It is implemented by writing the regular code to provide restrictions.
Declarative security:
- It is configured by attaching attributes representing permissions to classes and methods.
- Additionally, you can request assembly-wide permissions using the assembly directive with declarative security.
- In declarative security, attribute syntax is used.
- The security constraints are stored in the assembly at compile time.
- The disadvantage of declarative security is that there are tools which extract security requirements from the metadata in the assembly.
|
