Hi all,
Ok, I maybe a bit confused when it comes to CAS but, here is what I
want achieved: I am trying to secure a web-service class so that only calls
made from the local machine go through(only my site). So using declarative
syntax i added the following attribute to the class:
<ZoneIdentityPermissionAttribute(SecurityAction.Demand, Zone :=
SecurityZone.MyComputer)>
Now, i began thinking and I dont think this will do it. What kind of
credentials does the CLR look for to determine that the caller is in
MyComputer? Since it is a asmx, the request will come in over http, thus
executing under ASPNET, hence wouldnt it always evaluate to MyComputer?
a bit confused here.
thanks,
Param