Collapse the table of content
Expand the table of content

trustLevel Element for securityPolicy (ASP.NET Settings Schema) 

Adds a mapping between a security policy file and a named security trust level to the collection of security policy mappings. The security policy file can then be applied to an ASP.NET application by specifying the trust level name in the level attribute of the trust element.

   name="trust level name" 
   policyFile="file name" 

The following sections describe attributes, child elements, and parent elements.


Attribute Description


Required String attribute.

Specifies a named security level that is mapped to a policy file.

This attribute can be either a user-defined value or one of the following possible values

Value Description


Specifies that ASP.NET does not restrict security policy with an application domain–specific policy. There is no security policy file associated with Full. By default, this trust level name is mapped to "internal" in the policyFile attribute.


Specifies a high level of security for policy file mapping. By default, this trust level name is mapped to the Web_hightrust.config policy file.


Specifies a medium level of security for policy file mapping. By default, this trust level name is mapped to the Web_mediumtrust.config policy file.


Specifies a low level of security for policy file mapping. By default, this trust level name is mapped to the Web_lowtrust.config policy file.


Specifies a minimal level of security for policy file mapping. By default, this trust level name is mapped to the Web_minimaltrust.config policy file.

User Defined

Specifies the name of a user-defined trust level. For more information, see Administering Security Policy.

For an explanation about what each trust level allows, see AspNetHostingPermissionLevel or trust.


Required String attribute.

Specifies the configuration file that contains security policy settings for the named security level. The configuration file must exist in the same directory as the configuration file that contains the trustLevel definition.

Child Elements


Parent Elements

Element Description


Specifies the required root element in every configuration file that is used by the common language runtime and the .NET Framework applications.


Specifies the root element for the ASP.NET configuration settings in a configuration file and contains configuration elements that configure ASP.NET Web applications and control how the applications behave.


Defines a collection of mappings between security policy files and the associated trust level names.

You can extend the security system by providing your own named <trustLevel> element mapped to a file that is specified by the policyFile attribute. For information about ASP.NET and policy files, see ASP.NET Trust Levels and Policy Files and Administering Security Policy.

Because ASP.NET treats Full trust as a special case, Full trust does not have an associated policy file. If Full is set, the ASP.NET host does not add extra application domain–level policy to the application. The Full trust level is always mapped to an internal handler and the policyFile attribute is ignored.

The following default trustLevel elements are configured in the root Web.config file.

<location allowOverride="true">
      <trustLevel name="Full" policyFile="internal" />
      <trustLevel name="High" policyFile="web_hightrust.config" />
      <trustLevel name="Medium" policyFile="web_mediumtrust.config" />
      <trustLevel name="Low" policyFile="web_lowtrust.config" />
      <trustLevel name="Minimal" policyFile="web_minimaltrust.config"/>

The following code example demonstrates how to specify a custom trust level name and policy file for an ASP.NET application, adding the security policy mapping to the inherited collection.


Configuration section handler


Configuration member




Configurable locations


Root-level Web.config

Application-level Web.config


Microsoft Internet Information Services (IIS) version 5.0, 5.1, or 6.0

The .NET Framework version 1.0, 1.1, or 2.0

Microsoft Visual Studio 2003 or Visual Studio 2005

Community Additions

© 2015 Microsoft