Export (0) Print
Expand All
This topic has not yet been rated - Rate this topic

IApplicationTrustManager Interface

Determines whether an application should be executed and which set of permissions should be granted to it.

Namespace:  System.Security.Policy
Assembly:  mscorlib (in mscorlib.dll)
public interface IApplicationTrustManager : ISecurityEncodable

The IApplicationTrustManager type exposes the following members.

Public methodDetermineApplicationTrustDetermines whether an application should be executed and which set of permissions should be granted to it.
Public methodFromXmlReconstructs a security object with a specified state from an XML encoding. (Inherited from ISecurityEncodable.)
Public methodToXmlCreates an XML encoding of the security object and its current state. (Inherited from ISecurityEncodable.)

Trust managers must implement the IApplicationTrustManager interface. The host calls the IApplicationTrustManager.DetermineApplicationTrust method to determine whether an application should be executed and which permissions should be granted to the application.

In the .NET Framework 4 and later, there is only one trust manager, which can be a custom implementation of the IApplicationTrustManager interface. The default trust manager implementation prompts the user for permission to install the application and to elevate the permissions granted to the application. Other trust manager implementations might provide different user experiences. For example, an implementation might check an enterprise list for trusted applications instead of prompting the user for that information.

The following example shows a simple implementation of IApplicationTrustManager.

// To use the custom trust manager MyTrustManager, compile it into CustomTrustManager.dll,  
// place that assembly in the GAC, and  put the following elements in 
// an ApplicationTrust.config file in the config folder in the Microsoft .NET framework 
// installation folder. 

//<?xml version="1.0" encoding="utf-8" ?>
//    <mscorlib> 
//        <security> 
//            <policy> 
//                <ApplicationSecurityManager> 
//                    <ApplicationEntries /> 
//                    <IApplicationTrustManager class="MyNamespace.MyTrustManager, CustomTrustManager, Version=, Culture=neutral, PublicKeyToken=5659fc598c2a503e"/>
//                </ApplicationSecurityManager> 
//            </policy> 
//        </security> 
//    </mscorlib> 

using System;
using System.Security;
using System.Security.Policy;
using System.Windows.Forms;
namespace MyNamespace
	public class MyTrustManager : IApplicationTrustManager
		public ApplicationTrust DetermineApplicationTrust(ActivationContext appContext, TrustManagerContext context)
			ApplicationTrust trust = new ApplicationTrust(appContext.Identity);
			trust.IsApplicationTrustedToRun = false;

			ApplicationSecurityInfo asi = new ApplicationSecurityInfo(appContext);
			trust.DefaultGrantSet = new PolicyStatement(asi.DefaultRequestSet, PolicyStatementAttribute.Nothing);
			if (context.UIContext == TrustManagerUIContext.Run)
				string message = "Do you want to run " + asi.ApplicationId.Name + " ?";
				string caption = "MyTrustManager";
				MessageBoxButtons buttons = MessageBoxButtons.YesNo;
				DialogResult result;

				// Displays the MessageBox.

				result = MessageBox.Show(message, caption, buttons);

				if (result == DialogResult.Yes)
					trust.IsApplicationTrustedToRun = true;
					if (context != null)
						trust.Persist = context.Persist;
						trust.Persist = false;

			return trust;

		public SecurityElement ToXml()
			SecurityElement se = new SecurityElement("IApplicationTrustManager");
			se.AddAttribute("class", typeof(MyTrustManager).AssemblyQualifiedName);
			return se;

		public void FromXml(SecurityElement se)
			if (se.Tag != "IApplicationTrustManager" || (string)se.Attributes["class"] != typeof(MyTrustManager).AssemblyQualifiedName)
				throw new ArgumentException("Invalid tag");

.NET Framework

Supported in: 4.5.1, 4.5, 4, 3.5, 3.0, 2.0

.NET Framework Client Profile

Supported in: 4, 3.5 SP1

Windows Phone 8.1, Windows Phone 8, Windows 8.1, Windows Server 2012 R2, Windows 8, Windows Server 2012, Windows 7, Windows Vista SP2, Windows Server 2008 (Server Core Role not supported), Windows Server 2008 R2 (Server Core Role supported with SP1 or later; Itanium not supported)

The .NET Framework does not support all versions of every platform. For a list of the supported versions, see .NET Framework System Requirements.

Did you find this helpful?
(1500 characters remaining)
Thank you for your feedback
© 2014 Microsoft. All rights reserved.