Experts,
I'm learning about custom serialization but one aspect isn't explained, and I can't seem to find it anywhere, so here goes.
The following code is the mandatory GetObjectData method call in a class, my text has it preceeded by a line that appears to be establishing security parameters:
[
SecurityPermissionAttribute(SecurityAction.Demand, SerializationFormatter=true)] public virtual void GetObjectData(SerializationInfo info, StreamingContext context){
info.AddValue(
"Product ID", productId);info.AddValue(
"Price", price);info.AddValue(
"Quantity", quantity);}
Does anyone know where I can get some information on what the purpose of "SecurityPermissionAttribute", "SecurityAction.Demand," & "SerializationFormatter=true" are specifically what purpose is being served by the line as a whole in the whole scheme of custom serialization.
Any explanation or a point in the right direction would be greatly appreciated. Cheers! :)
~ Chris McQuade
Purpose of SecurityPermissionAttribute when implementing ISerializable
singam
SecurityPermissionAttribute class allows you to apply SecurityPermissions declaratively. To understand more, read about SecurityPermissions Class.
SecurityAction.Demand is specifying the security actions that can be performed. It can have many other possible values apart from 'Demand'.
SerializationFormatter is staright forward. It gets or sets a value indicating whether code can use a serialization formatter to serialize or deserialize an object.
you can find more about security action here: http://msdn2.microsoft.com/en-us/library/system.security.permissions.securityaction.aspx
Explore more about SecurityPermissionAttribute class at http://msdn2.microsoft.com/en-us/library/system.security.permissions.securitypermissionattribute.aspx
hope that helps...
-SKumar