你如何抑制对托管方法的直接调用？

I want to know if this is inherently possible:

我想知道这本身是否可行：

Think of a cloud scenario. I allow users to upload their .net code onto my server. However to manage things on my server I can't allow users to write code which make direct calls to methods such as HttpWebRequest.Create().

想想云场景。我允许用户将他们的.net代码上传到我的服务器上。但是，为了管理我的服务器上的东西，我不能允许用户编写直接调用HttpWebRequest.Create（）等方法的代码。

If the user has written such a code it would mean he/she is trying to contact another web service (for e.g.). My objective is to have these services served via another server, but still have the main server work on other incoming requests.

如果用户编写了这样的代码，则意味着他/她正试图联系另一个Web服务（例如）。我的目标是通过另一台服务器提供这些服务，但仍然让主服务器处理其他传入请求。

I want to block calls to HttpWebRequest.Create(). Instead I will provide some interface for the user to make such calls. What kind of solution can I think of for this problem?

我想阻止对HttpWebRequest.Create（）的调用。相反，我会为用户提供一些界面来进行此类调用。我能为这个问题想到什么样的解决方案？

PS: I am more of .net 2.0 oriented. Please be specific if you answer deals with a higher version

PS：我更倾向于以.net 2.0为导向。如果您回答更高版本的交易，请具体说明

1 个解决方案

#1

Have a look at Code Access Security (http://msdn.microsoft.com/en-us/library/930b76w0(VS.71).aspx or http://www.codeproject.com/KB/security/UB_CAS_NET.aspx)

查看代码访问安全性（http://msdn.microsoft.com/en-us/library/930b76w0(VS.71).aspx或http://www.codeproject.com/KB/security/UB_CAS_NET.aspx ）

You could create a new restricted AppDomain where your customers code is executed.

您可以创建一个新的受限AppDomain来执行客户代码。

EDIT: If you want to provide a kind of API which implements methods that need HttpWebRequest then I would suggest to create a Service (which has all rights) and your API calls that Service. In that service you could implement any restrictions you want.

编辑：如果你想提供一种实现需要HttpWebRequest的方法的API，那么我建议创建一个服务（拥有所有权利），你的API调用该服务。在该服务中，您可以实现您想要的任何限制。

#1