SocketPermissionAttribute Class

Represents a declarative permission to access socket resources. This attribute is used to control network access for code that performs socket operations.

Namespace: System.Net.Sockets
Assembly: System.Net.Primitives

Inheritance

System.Object → System.Attribute → System.Net.SocketPermissionAttribute

Syntax

[AttributeUsageAttribute(..., Inherited = false)]
public sealed class SocketPermissionAttribute : CodeAccessSecurityAttribute

Remarks

The SocketPermissionAttribute class allows developers to specify the network access permissions required for a method or class. When the .NET runtime encounters code marked with this attribute, it verifies that the calling code has the necessary permissions before allowing the operation to proceed.

This attribute can be applied to methods, properties, events, classes, and assemblies to grant or deny specific socket access rights. The permissions specified are a combination of network access (e.g., connect, accept, listen) and host/port information.

Constructors

SocketPermissionAttribute(SecurityAction action, string permissionState)
Initializes a new instance of the SocketPermissionAttribute class with the specified security action and permission state.
SocketPermissionAttribute(SecurityAction action, string name, int port, string permissionType)
Initializes a new instance of the SocketPermissionAttribute class with the specified network access parameters.
SocketPermissionAttribute(SecurityAction action, string name, int port, string permissionType, string transport)
Initializes a new instance of the SocketPermissionAttribute class with the specified network access parameters, including the transport protocol.

Properties

Host: string
Gets or sets the host name or IP address to connect to.
Port: int
Gets or sets the port number to connect to.
PermissionType: string
Gets or sets the type of permission (e.g., "Connect", "Accept", "Listen").
Transport: string
Gets or sets the transport protocol (e.g., "Tcp", "Udp").

Methods

CreatePermission(): System.Security.IPermission
When implemented in a derived class, creates a security object that is then used by the security system to perform permission checks.

Example: Allowing TCP Connection to a Specific Host and Port

using System;
using System.Net;
using System.Net.Sockets;
using System.Security;
using System.Security.Permissions;

// Apply the attribute to a method
public class NetworkManager
{
    [SocketPermissionAttribute(SecurityAction.Demand, Host = "www.example.com", Port = 80, PermissionType = "Connect", Transport = "Tcp")]
    public void ConnectToExampleServer()
    {
        Console.WriteLine("Permission to connect to www.example.com:80 (TCP) is granted.");
        // Your socket connection logic here
        try
        {
            using (var client = new TcpClient("www.example.com", 80))
            {
                // Connection successful
                Console.WriteLine("Successfully connected!");
            }
        }
        catch (SocketException socketEx)
        {
            Console.WriteLine($"Socket error: {socketEx.Message}");
        }
        catch (SecurityException secEx)
        {
            Console.WriteLine($"Security error: {secEx.Message}");
        }
        catch (Exception ex)
        {
            Console.WriteLine($"An unexpected error occurred: {ex.Message}");
        }
    }

    [SocketPermissionAttribute(SecurityAction.PermitOnly, Host = "192.168.1.100", Port = 12345, PermissionType = "Accept", Transport = "Tcp")]
    public void AcceptIncomingConnections()
    {
        Console.WriteLine("This method is permitted to accept TCP connections on 192.168.1.100:12345.");
        // Listen for incoming connections logic
    }
}

.NET Documentation