This documentation is archived and is not being maintained.

AllowPartiallyTrustedCallersAttribute Class

Allows an assembly to be called by partially trusted code. Without this declaration, only fully trusted callers are able to use the assembly. This class cannot be inherited.


Namespace:  System.Security
Assembly:  mscorlib (in mscorlib.dll)

[AttributeUsageAttribute(AttributeTargets.Assembly, AllowMultiple = false, 
	Inherited = false)]
public sealed class AllowPartiallyTrustedCallersAttribute : Attribute

The AllowPartiallyTrustedCallersAttribute type exposes the following members.

Public methodAllowPartiallyTrustedCallersAttributeInitializes a new instance of the AllowPartiallyTrustedCallersAttribute class.

Public propertyPartialTrustVisibilityLevelGets or sets the default partial trust visibility for code that is marked with the AllowPartiallyTrustedCallersAttribute (APTCA) attribute.
Public propertyTypeIdWhen implemented in a derived class, gets a unique identifier for this Attribute. (Inherited from Attribute.)

Public methodEqualsInfrastructure. Returns a value that indicates whether this instance is equal to a specified object. (Inherited from Attribute.)
Protected methodFinalizeAllows an object to try to free resources and perform other cleanup operations before it is reclaimed by garbage collection. (Inherited from Object.)
Public methodGetHashCodeReturns the hash code for this instance. (Inherited from Attribute.)
Public methodGetTypeGets the Type of the current instance. (Inherited from Object.)
Public methodIsDefaultAttributeWhen overridden in a derived class, indicates whether the value of this instance is the default value for the derived class. (Inherited from Attribute.)
Public methodMatchWhen overridden in a derived class, returns a value that indicates whether this instance equals a specified object. (Inherited from Attribute.)
Protected methodMemberwiseCloneCreates a shallow copy of the current Object. (Inherited from Object.)
Public methodToStringReturns a string that represents the current object. (Inherited from Object.)

Explicit interface implemetationPrivate method_Attribute.GetIDsOfNamesMaps a set of names to a corresponding set of dispatch identifiers. (Inherited from Attribute.)
Explicit interface implemetationPrivate method_Attribute.GetTypeInfoRetrieves the type information for an object, which can be used to get the type information for an interface. (Inherited from Attribute.)
Explicit interface implemetationPrivate method_Attribute.GetTypeInfoCountRetrieves the number of type information interfaces that an object provides (either 0 or 1). (Inherited from Attribute.)
Explicit interface implemetationPrivate method_Attribute.InvokeProvides access to properties and methods exposed by an object. (Inherited from Attribute.)


The .NET Framework version 4 introduces new security rules that affect the behavior of the AllowPartiallyTrustedCallersAttribute attribute (see Security-Transparent Code, Level 2). In the .NET Framework 4, all code defaults to security-transparent, that is, partially trusted. However, you can annotate individual types and members to assign them other transparency attributes. For this and other security changes, see Security Changes in the .NET Framework 4.

.NET Framework version 2.0 (level 1 transparent) assemblies must be strong-named to effectively use the AllowPartiallyTrustedCallersAttribute (APTCA) attribute. .NET Framework 4 (level 2) assemblies do not have to be strong-named for the APTCA attribute to be effective, and they can contain transparent, security-critical and security-safe-critical code. For more information about applying attributes at the assembly level, see Applying Attributes.

By default, if a strong-named, level 1 transparent assembly does not explicitly apply this attribute at the assembly level, it can be called only by other assemblies that are granted full trust. This restriction is enforced by placing a LinkDemand for FullTrust on every public or protected method on every publicly accessible class in the assembly. Assemblies that are intended to be called by partially trusted code can declare their intent through the use of AllowPartiallyTrustedCallersAttribute. An example of the declaration in C# is [assembly:AllowPartiallyTrustedCallers]; an example in Visual Basic is <assembly:AllowPartiallyTrustedCallers>.

Caution noteCaution

The presence of this assembly-level attribute prevents the default behavior of placing FullTrust LinkDemand security checks, and makes the assembly callable from any other (partially or fully trusted) assembly.

When the APTCA attribute is present, all other security checks function as intended, including any class-level or method-level declarative security attributes that are present. This attribute blocks only the implicit, fully trusted caller demand.

This is not a declarative security attribute, but a regular attribute (it derives from System.Attribute, not from System.Security.Permissions.SecurityAttribute).

For more information, see Using Libraries from Partially Trusted Code.

The following example shows how to use the AllowPartiallyTrustedCallersAttribute class.

// The following HTML code can be used to call the user control in this sample.
//	<BODY>
//		<OBJECT id="usercontrol" classid="usercontrol.dll#UserControl.UserControl1" width="800"
//		height="300" style="font-size:12;">
//		</OBJECT>
//		<p>
//	</BODY>

// To run this test control you must create a strong name key, snkey.snk, and 
// a code group that gives full trust to assemblies signed with snkey.snk.

// The user control displays an OpenFileDialog box, then displays a text box containing the name of 
// the file selected and a list box that displays the contents of the file.  The selected file must 
// contain text in order for the control to display the data properly.

// Caution  This sample demonstrates the use of the Assert method.  Calling Assert removes the 
// requirement that all code in the call chain must be granted permission to access the specified 
// resource, it can open up security vulnerabilities if used incorrectly or inappropriately. Therefore, 
// it should be used with great caution.  Assert should always be followed with a RevertAssert 
// command to restore the security settings.

using System;
using System.Collections;
using System.ComponentModel;
using System.Drawing;
using System.Data;
using System.Windows.Forms;
using System.IO;
using System.Security;
using System.Security.Permissions;
using System.Reflection;
using System.Runtime.CompilerServices;

// This strong name key is used to create a code group that gives permissions to this assembly.
[assembly: AssemblyKeyFile("snKey.snk")]
[assembly: AssemblyVersion("")]

// The AllowPartiallyTrustedCallersAttribute requires the assembly to be signed with a strong name key.
// This attribute is necessary since the control is called by either an intranet or Internet
// Web page that should be running under restricted permissions.
namespace UserControl
	// The userControl1 displays an OpenFileDialog box, then displays a text box containing the name of 
	// the file selected and a list box that displays the contents of the file.  The selected file must 
	// contain text in order for the control to display the data properly.
	public class UserControl1 : System.Windows.Forms.UserControl
		private System.Windows.Forms.TextBox textBox1;
		private System.Windows.Forms.ListBox listBox1;
		// Required designer variable.
		private System.ComponentModel.Container components = null;

              // Demand the zone requirement for the calling application.
              [ZoneIdentityPermission(SecurityAction.Demand, Zone = SecurityZone.Intranet)]
		public UserControl1()
			// This call is required by the Windows.Forms Form Designer.

			// The OpenFileDialog box should not require any special permissions.
			OpenFileDialog fileDialog = new OpenFileDialog();
			if(fileDialog.ShowDialog() == DialogResult.OK)
				// Reading the name of the selected file from the OpenFileDialog box
				// and reading the file requires FileIOPermission.  The user control should 
				// have this permission granted through its code group; the Web page that calls the 
				// control should not have this permission.  The Assert command prevents a stack walk 
				// that would fail because the caller does not have the required FileIOPermission.  
				// The use of Assert can open up security vulnerabilities if used incorrectly or 
				// inappropriately. Therefore, it should be used with great caution.
				// The Assert command should be followed by a RevertAssert as soon as the file operation 
				// is completed.
				new FileIOPermission(PermissionState.Unrestricted).Assert();
				textBox1.Text = fileDialog.FileName;
				// Display the contents of the file in the text box.
				FileStream fsIn = new FileStream(textBox1.Text, FileMode.Open, FileAccess.Read, 
				StreamReader sr = new StreamReader(fsIn);
				// Process every line in the file
				for (String Line = sr.ReadLine(); Line != null; Line = sr.ReadLine()) 
				// It is very important to call RevertAssert to restore the stack walk for
				// file operations.


		// Clean up any resources being used.
		protected override void Dispose( bool disposing )
			if( disposing )
				if( components != null )
			base.Dispose( disposing );

		#region Component Designer generated code
		/// <summary>
		/// Required method for Designer support - do not modify 
		/// the contents of this method with the code editor.
		/// </summary>
		private void InitializeComponent()
			this.textBox1 = new System.Windows.Forms.TextBox();
			this.listBox1 = new System.Windows.Forms.ListBox();
			// textBox1
			this.textBox1.Location = new System.Drawing.Point(208, 112);
			this.textBox1.Name = "textBox1";
			this.textBox1.Size = new System.Drawing.Size(320, 20);
			this.textBox1.TabIndex = 0;
			this.textBox1.Text = "textBox1";
			this.textBox1.TextChanged += new System.EventHandler(this.textBox1_TextChanged);
			// listBox1
			this.listBox1.Location = new System.Drawing.Point(200, 184);
			this.listBox1.Name = "listBox1";
			this.listBox1.Size = new System.Drawing.Size(336, 108);
			this.listBox1.TabIndex = 1;
			// UserControl1
			this.Name = "UserControl1";
			this.Size = new System.Drawing.Size(592, 400);
			this.Load += new System.EventHandler(this.UserControl1_Load);


		private void UserControl1_Load(object sender, System.EventArgs e)

		private void textBox1_TextChanged(object sender, System.EventArgs e)


.NET Framework

Supported in: 4, 3.5, 3.0, 2.0, 1.1, 1.0

.NET Framework Client Profile

Supported in: 4, 3.5 SP1

Windows 7, Windows Vista SP1 or later, Windows XP SP3, Windows XP SP2 x64 Edition, Windows Server 2008 (Server Core not supported), Windows Server 2008 R2 (Server Core supported with SP1 or later), Windows Server 2003 SP2

The .NET Framework does not support all versions of every platform. For a list of the supported versions, see .NET Framework System Requirements.

Any public static (Shared in Visual Basic) members of this type are thread safe. Any instance members are not guaranteed to be thread safe.