securityPolicy Element (ASP.NET Settings Schema) 

  • Article

Defines a collection of mappings between security policy files and the trust level names for the security policy files.

<securityPolicy>
   <trustLevel />
</securityPolicy>

Attributes and Elements

The following sections describe attributes, child elements, and parent elements.

Attributes

None, except for the attributes that are inherited by all section elements.

Child Elements

Element Description

trustLevel

Optional element.

Adds a mapping between a security level name and the associated policy file to the collection of security policy mappings.

The security policy file can then be applied to an ASP.NET application by specifying the trust level name in the level attribute of the trust element.

Parent Elements

Element Description

configuration

Specifies the required root element in every configuration file that is used by the common language runtime and the .NET Framework applications.

system.web

Specifies the root element for the ASP.NET configuration settings in a configuration file and contains configuration elements that configure ASP.NET Web applications and control how the applications behave.

Remarks

The securityPolicy element defines a collection of mappings between security policy files and the trust level names for the security policy files. You can extend the security system by providing your own named trustLevel element mapped to a file that is specified by the policyFile attribute.

For information about ASP.NET and policy files, see ASP.NET Trust Levels and Policy Files and Administering Security Policy.

Example

The following code example shows how to specify the policy files that handle different trust levels.

<securityPolicy>
    <trustLevel name="Full"   policyFile="internal"/>
    <trustLevel name="High"   policyFile="web_hightrust.config"/>
    <trustLevel name="Medium" policyFile="web_mediumtrust.config"/>      
    <trustLevel name="Low"    policyFile="web_lowtrust.config"/>
    <trustLevel name="Minimal" policyFile="web_minimaltrust.config"/>
    <trustLevel 
        name="CustomTrustLevel" 
        policyFile="customtrust.config"/>
</securityPolicy>

Element Information

Configuration section handler

SecurityPolicySection

Configuration member

SecurityPolicy

Configurable locations

Machine.config

Root-level Web.config

Application-level Web.config

Requirements

Microsoft Internet Information Services (IIS) version 5.0, 5.1, or 6.0

The .NET Framework version 1.0, 1.1, or 2.0

Microsoft Visual Studio 2003 or Visual Studio 2005

See Also

Tasks

How to: Configure Specific Directories Using Location Settings
How to: Lock ASP.NET Configuration Settings

Reference

system.web Element (ASP.NET Settings Schema)
trustLevel Element for securityPolicy (ASP.NET Settings Schema)
configuration Element (General Settings Schema)
trust Element (ASP.NET Settings Schema)
System.Configuration
System.Web.Configuration
System.Web.Configuration.SecurityPolicySection
System.Web.Configuration.TrustLevel

Concepts

ASP.NET Trust Levels and Policy Files
Administering Security Policy
Securing ASP.NET Configuration
ASP.NET Configuration Scenarios

Other Resources

ASP.NET Web Application Security
General Configuration Settings (ASP.NET)
ASP.NET Configuration Settings
Configuring ASP.NET Applications
ASP.NET Configuration Files
ASP.NET Configuration API