Appendix: Isolated Storage
What Is Isolated Storage?
Isolated storage is a Microsoft
®
.NET feature that is used for lightweight data
persistence. This appendix provides the explanation of isolated storage and then
describes the limitations of isolated storage. Also covered is using isolated
storage to persist user preferences and application state.
Isolated storage is an alternative to persistently storing data in a file or in a
database. When a Web application stores data in a file, the file name and
storage location must be chosen carefully. If the file name and storage location
are not chosen carefully, there is a possibility that the storage location will be
known to another Web application, which can then make the original Web
application vulnerable to attack. Isolated storage manages this problem by
providing a separate database storage mechanism that provides isolation by
defining standardized ways of associating code with saved data. In isolated
storage, data is stored in a logical storage compartment. Each storage
compartment is isolated by some aspects of the code's identity. These
identifying aspects of the code can include the application domain, assembly,
and user. For the developer, the actual location of the storage compartment is
transparent. Only the identity aspects are required to access the compartment.
Microsoft ASP.NET Web applications, by default, cannot use file input/output
(I/O). Isolated storage is useful in ASP.NET Web applications for storing user
preferences and application state.
Isolated storage is not a secure storage medium. Isolated storage is not
protected from highly trusted code, from unmanaged code, or from trusted
users.
Isolated storage should not be used to store configuration settings that an
administrator might want to control. Configuration files are a better location for
configuration settings because they are more easily edited and installed by
administrators.
Isolated storage is a lightweight alternative to database storage when the
number of users is small, when the overhead of a database is too high, or when
a database is not available.
Introduction
Uses in a Web
application
Limitations
2 Appendix: Isolated Storage
Using Isolated Storage
Administrators can limit how much isolated storage should be available to a
Web application or a user for use, based on the appropriate trust level. To create
and access isolated storage, code must be granted the appropriate
IsolatedStorageFilePermission attribute.
The System.IO.IsolatedStorage.IsolatedStorageFile class is used to create
and access isolated storage compartments. This class contains methods that can
be used for creating, opening, and deleting compartments, in addition to
containing methods that can be used for adding folders to storage
compartments.
The System.IO.IsolatedStorage.IsolatedStorageFileStream class is used to
open streams on files within isolated storage. These streams can then be used to
read and write data to isolated storage.
The following code segment uses the IsolatedStorageFile class to create a new
store by using the User, Domain, and Assembly identities. The code segment
then creates a new directory, named Files, within that store. The code then uses
the IsolatedStorageFileStream class to create a new file in the Files directory.
Finally, both the stream and the storage are closed, as shown in the following
code example:
[Visual Basic]
Dim store As IsolatedStorageFile
store = IsolatedStorageFile.GetStore( _
IsolatedStorageScope.User Or _
IsolatedStorageScope.Domain Or _
IsolatedStorageScope.Assembly, Nothing, Nothing)
store.CreateDirectory("Files")
Dim stream As IsolatedStorageFileStream
stream = New IsolatedStorageFileStream("settings.txt", _
FileMode.Create, store)
' Use the Write method to set the file's contents.
stream.Close()
store.Close()
[C#]
IsolatedStorageFile store =
IsolatedStorageFile.GetStore(IsolatedStorageScope.User |
IsolatedStorageScope.Domain |
IsolatedStorageScope.Assembly, null, null);
store.CreateDirectory("Files");
IsolatedStorageFileStream stream =
new IsolatedStorageFileStream("settings.txt",
FileMode.Create, store);
//
// Use the Write method to set the file's contents
stream.Close();
store.Close();
Introduction
Supportin
g types
Appendix: Isolated Storage 3
The isolated storage tool (StoreAdm.exe) is a command-line utility that can be
used to list and delete isolated storage compartments on a computer.
StoreAdm.exe supports the switches that are specified in the following table.
Switch Description
/list Lists the isolated storage for the current user.
/remove Removes all of the existing isolated storage for the current user.
/roaming Selects roaming storage. Assumes that roaming is supported by the
underlying operating system.
/quiet Changes the output to display only error messages and no informational
messages.
After running the preceding code in a console application named IsoStore.exe,
the /list switch will provide the stores that are shown in the following code
example:
Microsoft (R) .NET Framework Store Admin 1.0.3705.0
Copyright (C) Microsoft Corporation 1998-2001. All rights
reserved.
Record #1
[Domain]
<System.Security.Policy.Url version="1">
<Url>file://C:/Demos/IsoStore.exe</Url>
</System.Security.Policy.Url>
[Assembly]
<System.Security.Policy.Url version="1">
<Url>file://C:/Demos/IsoStore.exe</Url>
</System.Security.Policy.Url>
Size : 2048
StoreAdm.exe
THIS PAGE INTENTIONALLY LEFT BLANK