ASSEMBLIES AND THE GAC CHAPTER 1, LESSONS 4-7 & LAB

Contains types and resources that app requires .NET ASSEMBLIES Contains types and resources that app requires Fundamental unit for app development and deployment . Net assembly type Resources Strings Images (PNG, GIF,JPEG,BMP,TIFF) Icons Audio Files Other resources CertSIG

Global Assembly Cache (GAC) Shared Assemblies Application Application Global Assembly Cache (GAC) (machine-wide) Assembly CertSIG

Inside an Assembly MSIL Code Type Metadata Assembly Manifest Must be present before assembly can run contains Assembly Metadata CLR uses metadata to run code CLR Runs code Version Security Identity Resources required Scope CertSIG

Assembly Manifest Version Information Defines version of an app Smallest unit of a version of an app Establishes version of types within assembly Multiple versions of an assembly can execute Side by side execution Avoids “DLL Hell” of COM Applications CertSIG

Assemblies - Permissions Assembly is smallest unit granted permission by Framework Provide security boundaries You specify permission required when building assembly When assembly is loaded: Assembly sends request to runtime to grant permission Runtime checks the security policy files Files are on system running app Sys admin configures these files using tools described in Lesson 7. CertSIG

What are the boundaries of a type? Assemblies provide boundaries for types Type identity = type name + name of assembly in which it resides Assemby 1 Type “A” Assemby 2 Type “A” Assembly Namespace 1 Type “A” Namespace 2 OK OK, also CertSIG

.Net Framework Class Library Namespaces Library is made up of reusable classes Classes organized into hierarchical namespaces Logically and functionally related classes Divides assembly into logical grouping of types Ex: System System.Data – DB apps System.I/O – all I/O operations A given namespace may appear in multiple assemblies CertSIG

Static and Dynamic Assemblies Requires a type from an existing assembly .net language compiler Your App ( at runtime) produces static assembly (.exe or .dll) Creates hard disk Reflection APIs Portable Execution file hard disk CertSIG

Single File vs Multiple File Assemblies SINGLE FILE ASSEMBLY CertSIG

Multiple File Assembly Can be used when different modules are written in different languages. More efficient downloading: store seldom-used together, download only when necessary Use Assembly Linker (AL.EXE) to link multiple modules into single assembly (Lesson 7). CertSIG

Private vs Shared Assemblies Stored in installation directory of app Accessible to app only Shared: Accessed by multiple apps Has strong name Assembly name Version Culture information Digital signature Public key information Stored in GAC CertSIG

Assembly Identity Established by info in the Assembly Manifest Contents String <ver maj>.<ver min>.<revision>.<build> Culture, Language supported Public Key info Identifies files that contain type declaration & implementation Assembly name, assembly metadata, public key (if SN) CertSIG

Establishing Assembly Identity Apply attributes in AssemblyInfo file CertSIG

XCopy Deployment Use XCopy to deploy (Above) Private Assemblies Make sure all files in assembly are in same application directory Framework searches for referenced assemblies in application folder Assemblies in one app folder are not accessible by another app in another directory (Above) Private Assemblies CertSIG

Shared Assemblies Installed in GAC Assign strong name to assembly (required) Assembly indentity, public key, digital signature SN.EXE – verification, key pair/signature  sn –k MyKey.dat  key pair in MyKey.DAT Use this file name in attribute to assign the assembly a strong name Imports System.Reflection <Assembly: AssemblyKeyFile("MyKey.dat")> Use GACUTIL.exe to install in GAC gacutil /u <assembly> GAC in %WINDOWS%\assembly folder CertSIG

Configuration and Security Lesson 5

Configuration and Security Policy Files Configuration files Security Policy files Computer Application Modify settings uses .NET Framework control behavior .NET Tools CertSIG

Application Configuration .NET Framework controls What resources can this code access? Application Code Depends on: Origin of code Who is running the code To control execution You must configure one or more Configuration files CertSIG

Configuration File Configuration file is an XML document It contains predefined elements shows location of assembly element Note Start and End Tags CertSIG

Configuration Files Machine configuration (machine.config) Application configuration files Security Configuration Files Note: configuration file code is case-sensitive! CertSIG

Machine.config file Located in %runtime installation path%\config %runtime installation path% is an ENVIRONMENT VARIABLE to set up an environment variable: My Computer | Properties | Advanced | Environment variables enter the name and value under System Variables Note “appSettings” section (can be modified by you) When you run an app, framework checks for changes in: Machine.config Application configuration file CertSIG

Application Configuration files (above) Using an app.config file to save connection strings Could be used to take a server offline without recompiling: change the value of the element and restart the app app can use the config file to read the value of the ServerButton.Text key CertSIG

Where are app.config files located Depends on run-time host: Executable-hosted apps: <appname>.exe.config file created in same directory as executable. ASP.NET-hosted apps: Named Web.config Located in web application folder Given URL: www.microsoft.com/app1/app2 App1 config file in www.microsoft.com/app1 App2 config file in www.microsoft.com/app2 App2 is affected by both config files CertSIG

Security Configuration Files Contain security permissions for hierarchies of code groups. Code groups: logical groups of code enterprise – permissions granted affect code on all machines in organization machine – affect code on a particular computer user levels – affect code when a particular user executes an application An executing app only gets permissions granted at intersection of enterprise, machine, and user levels Security config files located at (entprs,mach)%runtime install path%\Config\Security.config (user)C:\Documents and Settings\Tom Perkins\Application Data\Microsoft\CLR Security Config Framework Tools to configure security files: .NET Configuration Tool (MSCORCFG.MSC) Core Access Security Policy Tool (CASPOL.EXE)  Lesson 7 CertSIG

App Domains and Run-Time Hosts Lesson 6

App Domains .NET Framework Failing Application Application Application domains provide a secure, isolated, and fault-tolerant execution environment. .NET Framework Application Failing Application! Application CertSIG

Processes A process is the execution boundary within which an application runs. When process starts, run-time assigns an address space to it. Memory addresses within the process are assigned relative to process Address space useless to other processes Other apps cannot address this app’s data App is isolated; if it fails it leaves other apps unaffected process CertSIG

JIT Compilation JIT compiler makes sure code references valid objects portable executable JIT compiler makes sure code references valid objects Makes sure only valid operations are performed on objects “Type-safe” validation Validated code loaded into application domain JIT compiler process CertSIG

Application Domains Application domain: boundary in which an application operates Process can contain several application domains Can’t access another app domain’s code directly Proxy enables inter-domain communication Failure in one app doesn’t affect execution of app in another app domain You can start and stop an app in an app domain without affecting others in process process Application Domain proxy Application Domain CertSIG

Class lib assembly Multi-Assembly Apps assembly MyApp.exe MyUtil.dll App may need functionality from more than one assembly Both assemblies must be loaded into app domain before execution can start Shared assemblies can share code between two app domains Data is not shared between domains using a shared assembly Assembly shared between app domains said to be domain neutral Domain neutral assemblies may be more efficient, but also slower You can control whether assembly is loaded as domain neutral App domain App domain CertSIG

Run-Time Hosts CLR App.exe When app is invoked, run-time (CLR) is not running in a process Run-time host loads CLR into process Run-time hosts for: ASP.NET Shell executables Internet Explorer components Run-time loads and initializes the CLR inside the process During load process, you can set whether or not runtime will host domain-neutral assemblies Process CertSIG

.NET Framework Tools Lesson 7

.NET FRAMEWORK TOOLS ASSEMBLY LINKER IL ASSEMBLER IL DISASSEMBLER CODE ACCESS SECURITY POLICY TOOL .NET FRAMEWORK CONFIGURATION TOOL CertSIG

ASSEMBLY LINKER output from C# compiler output from VB compiler C# msil .net module VB msil .net module dll resource file input modules may not have an assembly manifest; output does AL.EXE al [sources] [options] Assembly with manifest al /t:exe /out:MyApp.exe /main:MyClass.Main MyModule.netmodule MyUtil.dll CertSIG

ILASM -- MSIL ASSEMBLER output from C# compiler output from VB compiler C# msil .net module VB msil .net module dll resource file ILASM.EXE Output in native code Executable (PE) File CertSIG

ILDASM – MISL Disassembler Portable executable File containing MSIL code May not contain metadata ILDASM Use default GUI to view; use File|Dump option to save text file MSIL (text) ILASM CertSIG

CASPOL – Code Access Security Policy Tool Allows users and administrators to grant and modify permissions for code groups at the user, machine, and enterprise policy levels CertSIG

MSCORCFG - .NET FRAMEWORK CONFIGURATION TOOL Manage and configure assemblies located in the GAC Manage code access security and remoting services To access this tool: Start|Control Panel | Administrative Tools | .Net Framework Configuration CertSIG