1. ASSEMBLIES AND THE GAC
CHAPTER 1, LESSONS 4-7 & LAB

2. Contains types and resources that app requires
.NET ASSEMBLIES
Contains types and resources that app requires
Fundamental unit for app development and deployment
. Net assembly
type
Resources
Strings
Images (PNG, GIF,JPEG,BMP,TIFF)
Icons
Audio
Files
Other
resources
CertSIG

3. Global Assembly Cache (GAC)
Shared Assemblies
Application
Application
Global Assembly Cache (GAC)
(machine-wide)
Assembly
CertSIG

4. Inside an Assembly MSIL Code Type Metadata Assembly Manifest
Must be present before assembly can run
contains
Assembly
Metadata
CLR uses metadata to run code
CLR
Runs
code
Version
Security Identity
Resources required
Scope
CertSIG

5. Assembly Manifest Version Information
Defines version of an app
Smallest unit of a version of an app
Establishes version of types within assembly
Multiple versions of an assembly can execute
Side by side execution
Avoids “DLL Hell” of COM Applications
CertSIG

6. Assemblies - Permissions
Assembly is smallest unit granted permission by Framework
Provide security boundaries
You specify permission required when building assembly
When assembly is loaded:
Assembly sends request to runtime to grant permission
Runtime checks the security policy files
Files are on system running app
Sys admin configures these files using tools described in Lesson 7.
CertSIG

7. What are the boundaries of a type?
Assemblies provide boundaries for types
Type identity = type name + name of assembly in which it resides
Assemby 1
Type “A”
Assemby 2
Type “A”
Assembly
Namespace 1
Type “A”
Namespace 2 OK
OK, also
CertSIG

8. .Net Framework Class Library Namespaces
Library is made up of reusable classes
Classes organized into hierarchical namespaces
Logically and functionally related classes
Divides assembly into logical grouping of types
Ex:
System
System.Data – DB apps
System.I/O – all I/O operations
A given namespace may appear in multiple assemblies
CertSIG

9. Static and Dynamic Assemblies
Requires a type from an existing assembly
.net language
compiler
Your App
( at runtime)
produces
static assembly
(.exe or .dll)
Creates
hard
disk
Reflection
APIs
Portable
Execution
file
hard
disk
CertSIG

10. Single File vs Multiple File Assemblies
SINGLE FILE ASSEMBLY
CertSIG

11. Multiple File Assembly
Can be used when different modules are written in different languages.
More efficient downloading: store seldom-used together, download only when necessary
Use Assembly Linker (AL.EXE) to link multiple modules into single assembly (Lesson 7).
CertSIG

12. Private vs Shared Assemblies
Stored in installation directory of app
Accessible to app only
Shared:
Accessed by multiple apps
Has strong name
Assembly name
Version
Culture information
Digital signature
Public key information
Stored in GAC
CertSIG

13. Assembly Identity Established by info in the Assembly Manifest
Contents
String
<ver maj>.<ver min>.<revision>.<build>
Culture, Language supported
Public Key info
Identifies files that contain type declaration & implementation
Assembly name, assembly metadata, public key (if SN)
CertSIG

14. Establishing Assembly Identity
Apply attributes in AssemblyInfo file
CertSIG

15. XCopy Deployment Use XCopy to deploy (Above) Private Assemblies
Make sure all files in assembly are in same application directory
Framework searches for referenced assemblies in application folder
Assemblies in one app folder are not accessible by another app in another directory
(Above) Private Assemblies
CertSIG

16. Shared Assemblies Installed in GAC
Assign strong name to assembly (required)
Assembly indentity, public key, digital signature
SN.EXE – verification, key pair/signature
 sn –k MyKey.dat  key pair in MyKey.DAT
Use this file name in attribute to assign the assembly a strong name
Imports System.Reflection <Assembly: AssemblyKeyFile("MyKey.dat")>
Use GACUTIL.exe to install in GAC
gacutil /u <assembly>
GAC in %WINDOWS%\assembly folder
CertSIG

17. Configuration and Security
Lesson 5

18. Configuration and Security Policy Files
Configuration files
Security Policy files
Computer
Application
Modify
settings
uses
.NET Framework
control behavior
.NET
Tools
CertSIG

19. Application Configuration
.NET
Framework
controls
What resources can this code access?
Application Code
Depends on:
Origin of code
Who is running the code
To control execution
You must configure one or more Configuration files
CertSIG

20. Configuration File Configuration file is an XML document
It contains predefined elements
shows location of assembly
element
Note Start and End Tags
CertSIG

21. Configuration Files Machine configuration (machine.config)
Application configuration files
Security Configuration Files
Note: configuration file code is case-sensitive!
CertSIG

22. Machine.config file Located in %runtime installation path%\config
%runtime installation path% is an ENVIRONMENT VARIABLE
to set up an environment variable:
My Computer | Properties | Advanced | Environment variables
enter the name and value under System Variables
Note “appSettings” section (can be modified by you)
When you run an app, framework checks for changes in:
Machine.config
Application configuration file
CertSIG

23. Application Configuration files
(above) Using an app.config file to save connection strings
Could be used to take a server offline without recompiling:
change the value of the element and restart the app
app can use the config file to read the value of the ServerButton.Text key
CertSIG

24. Where are app.config files located
Depends on run-time host:
Executable-hosted apps: <appname>.exe.config file created in same directory as executable.
ASP.NET-hosted apps: Named Web.config
Located in web application folder
Given URL:
App1 config file in
App2 config file in
App2 is affected by both config files
CertSIG

25. Security Configuration Files
Contain security permissions for hierarchies of code groups.
Code groups: logical groups of code
enterprise – permissions granted affect code on all machines in organization
machine – affect code on a particular computer
user levels – affect code when a particular user executes an application
An executing app only gets permissions granted at intersection of enterprise, machine, and user levels
Security config files located at (entprs,mach)%runtime install path%\Config\Security.config
(user)C:\Documents and Settings\Tom Perkins\Application Data\Microsoft\CLR Security Config
Framework Tools to configure security files:
.NET Configuration Tool (MSCORCFG.MSC)
Core Access Security Policy Tool (CASPOL.EXE)  Lesson 7
CertSIG

26. App Domains and Run-Time Hosts
Lesson 6

27. App Domains .NET Framework Failing Application Application
Application domains provide
a secure,
isolated, and
fault-tolerant
execution environment.
.NET Framework
Application
Failing
Application!
Application
CertSIG

28. Processes
A process is the execution boundary within which an application runs.
When process starts, run-time assigns an address space to it.
Memory addresses within the process are assigned relative to process
Address space useless to other processes
Other apps cannot address this app’s data
App is isolated; if it fails it leaves other apps unaffected
process
CertSIG

29. JIT Compilation JIT compiler makes sure code references valid objects
portable
executable
JIT compiler makes sure code references valid objects
Makes sure only valid operations are performed on objects
“Type-safe” validation
Validated code loaded into application domain
JIT
compiler
process
CertSIG

30. Application Domains
Application domain: boundary in which an application operates
Process can contain several application domains
Can’t access another app domain’s code directly
Proxy enables inter-domain communication
Failure in one app doesn’t affect execution of app in another app domain
You can start and stop an app in an app domain without affecting others in process
process
Application
Domain
proxy
Application
Domain
CertSIG

31. Class lib
assembly
Multi-Assembly Apps
assembly
MyApp.exe
MyUtil.dll
App may need functionality from more than one assembly
Both assemblies must be loaded into app domain before execution can start
Shared assemblies can share code between two app domains
Data is not shared between domains using a shared assembly
Assembly shared between app domains said to be domain neutral
Domain neutral assemblies may be more efficient, but also slower
You can control whether assembly is loaded as domain neutral
App
domain
App
domain
CertSIG

32. Run-Time Hosts CLR App.exe
When app is invoked, run-time (CLR) is not running in a process
Run-time host loads CLR into process
Run-time hosts for:
ASP.NET
Shell executables
Internet Explorer components
Run-time loads and initializes the CLR inside the process
During load process, you can set whether or not runtime will host domain-neutral assemblies
Process
CertSIG

33. .NET Framework Tools
Lesson 7

34. .NET FRAMEWORK TOOLS ASSEMBLY LINKER IL ASSEMBLER IL DISASSEMBLER
CODE ACCESS SECURITY POLICY TOOL
.NET FRAMEWORK CONFIGURATION TOOL
CertSIG

35. ASSEMBLY LINKER output from C# compiler output from VB compiler
C# msil
.net module
VB msil
.net module
dll
resource
file
input modules may not have an assembly manifest; output does
AL.EXE
al [sources] [options]
Assembly
with
manifest
al /t:exe /out:MyApp.exe /main:MyClass.Main MyModule.netmodule MyUtil.dll
CertSIG

36. ILASM -- MSIL ASSEMBLER
output from C# compiler
output from VB compiler
C# msil
.net module
VB msil
.net module
dll
resource
file
ILASM.EXE
Output in native code
Executable
(PE) File
CertSIG

37. ILDASM – MISL Disassembler
Portable executable
File containing
MSIL code
May not contain
metadata
ILDASM
Use default GUI to view; use File|Dump option to save text file
MSIL (text)
ILASM
CertSIG

38. CASPOL – Code Access Security Policy Tool
Allows users and administrators to grant and modify permissions for code groups at the user, machine, and enterprise policy levels
CertSIG

39. MSCORCFG - .NET FRAMEWORK CONFIGURATION TOOL
Manage and configure assemblies located in the GAC
Manage code access security and remoting services
To access this tool: Start|Control Panel | Administrative Tools | .Net Framework Configuration
CertSIG