Upgrade your Internet Experience
Microsoft.com
Welcome Sign in
.NET Framework Developer Center
Click to Rate and Give Feedback
Collapse All/Expand All Collapse All
This page is specific to
Microsoft Visual Studio 2008/.NET Framework 3.5

Other versions are also available for the following:
.NET Framework General Reference
securityPolicy Element (ASP.NET Settings Schema)

Defines a collection of mappings between security policy files and the trust level names for the security policy files.

configuration Element (General Settings Schema)
  system.web Element (ASP.NET Settings Schema)
    securityPolicy Element (ASP.NET Settings Schema)
<securityPolicy>
   <trustLevel />
</securityPolicy>
 Attributes and Elements

The following sections describe attributes, child elements, and parent elements.

Attributes

None, except for the attributes that are inherited by all section elements.

Child Elements

Element

Description

trustLevel

Optional element.

Adds a mapping between a security level name and the associated policy file to the collection of security policy mappings.

The security policy file can then be applied to an ASP.NET application by specifying the trust level name in the level attribute of the trust element.

Parent Elements

Element

Description

configuration

Specifies the required root element in every configuration file that is used by the common language runtime and the .NET Framework applications.

system.web

Specifies the root element for the ASP.NET configuration settings in a configuration file and contains configuration elements that configure ASP.NET Web applications and control how the applications behave.
 Remarks

The securityPolicy element defines a collection of mappings between security policy files and the trust level names for the security policy files. You can extend the security system by providing your own named trustLevel element mapped to a file that is specified by the policyFile attribute.

For information about ASP.NET and policy files, see ASP.NET Trust Levels and Policy Files and Administering Security Policy.
 Example

The following code example shows how to specify the policy files that handle different trust levels.

<securityPolicy>
    <trustLevel name="Full"   policyFile="internal"/>
    <trustLevel name="High"   policyFile="web_hightrust.config"/>
    <trustLevel name="Medium" policyFile="web_mediumtrust.config"/>      
    <trustLevel name="Low"    policyFile="web_lowtrust.config"/>
    <trustLevel name="Minimal" policyFile="web_minimaltrust.config"/>
    <trustLevel 
        name="CustomTrustLevel" 
        policyFile="customtrust.config"/>
</securityPolicy>
 Element Information

Configuration section handler

SecurityPolicySection

Configuration member

SecurityPolicy

Configurable locations

Machine.config

Root-level Web.config

Application-level Web.config

Requirements

Microsoft Internet Information Services (IIS) version 5.0, 5.1, or 6.0

The .NET Framework version 1.0, 1.1, or 2.0

Microsoft Visual Studio 2003 or Visual Studio 2005
 See Also

Tasks

How to: Configure Specific Directories Using Location Settings
How to: Lock ASP.NET Configuration Settings

Concepts

ASP.NET Trust Levels and Policy Files
Administering Security Policy
Securing ASP.NET Configuration
ASP.NET Configuration Scenarios

Reference

system.web Element (ASP.NET Settings Schema)
trustLevel Element for securityPolicy (ASP.NET Settings Schema)
configuration Element (General Settings Schema)
trust Element (ASP.NET Settings Schema)
System.Configuration
System.Web.Configuration
System.Web.Configuration..::.SecurityPolicySection
System.Web.Configuration..::.TrustLevel

Other Resources

ASP.NET Web Application Security
General Configuration Settings (ASP.NET)
ASP.NET Configuration Settings
Administering ASP.NET Web Sites
ASP.NET Configuration Files
ASP.NET Configuration API
Tags What's this?: Add a tag
Community Content   What is Community Content?
Add new content RSS  Annotations
© 2010 Microsoft Corporation. All rights reserved. Terms of Use | Trademarks | Privacy Statement
Page view tracker