Declarative Code Access Security

<i><b>Originally posted by : Kerry (Whelan_kerry@hotmail.com)</b></i><br />Hi,<br /> I am attempting to use declarative code access security to protect<br />my C# web application. I am using<br /><br />[UrlCodeIdentityPermissionAttribute(SecurityAction. Demand, Url =<br />"http://www.microsoft.com")]<br /><br />outside of the main class in my dll. <br />I understand that this means that if a website other than Microsoft<br />calls my dll code they should be refused access to the protected class<br />- an exception should be thrown. When I call my dll code from another<br />program, access is always granted.<br /> Is my understanding of declarative code access security incorrect?<br />What am I doing wrong? Any help would be greatly received. I am new to<br />this area and am finding it difficult to find code examples of such<br />code. Examples of imperative security would also be useful<br /><br />Thankyou,<br /><br />Kerry<br /><br />