Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
The PrincipalPermissionAttribute constructor is obsolete and produces compile-time error SYSLIB0002, starting in .NET 5. You cannot instantiate this attribute or apply it to a method.
Unlike other obsoletion warnings, you can't suppress the error.
Workarounds
If you're applying the attribute to an ASP.NET MVC action method:
Consider using ASP.NET's built-in authorization infrastructure. The following code demonstrates how to annotate a controller with an AuthorizeAttribute attribute. The ASP.NET runtime will authorize the user before performing the action.
using Microsoft.AspNetCore.Authorization; namespace MySampleApp { [Authorize(Roles = "Administrator")] public class AdministrationController : Controller { public ActionResult MyAction() { // This code won't run unless the current user // is in the 'Administrator' role. } } }For more information, see Role-based authorization in ASP.NET Core and Introduction to authorization in ASP.NET Core.
If you're applying the attribute to library code outside the context of a web app:
Perform the checks manually at the beginning of your method by calling the IPrincipal.IsInRole(String) method.
using System.Threading; void DoSomething() { if (Thread.CurrentPrincipal == null || !Thread.CurrentPrincipal.IsInRole("Administrators")) { throw new Exception("User is anonymous or isn't an admin."); } // Code that should run only when user is an administrator. }
See also
Collaborate with us on GitHub
The source for this content can be found on GitHub, where you can also create and review issues and pull requests. For more information, see our contributor guide.
