This documentation is archived and is not being maintained.

HostSecurityManager.DetermineApplicationTrust Method

Determines whether an application should be executed.

Namespace:  System.Security
Assembly:  mscorlib (in mscorlib.dll)

[SecurityPermissionAttribute(SecurityAction.Assert, Unrestricted = true)]
public virtual ApplicationTrust DetermineApplicationTrust(
	Evidence applicationEvidence,
	Evidence activatorEvidence,
	TrustManagerContext context


Type: System.Security.Policy.Evidence

The Evidence for the application to be activated.

Type: System.Security.Policy.Evidence

Optionally, the Evidence for the activating application domain.

Type: System.Security.Policy.TrustManagerContext

A TrustManagerContext that specifies the trust context.

Return Value

Type: System.Security.Policy.ApplicationTrust
An ApplicationTrust object that contains trust information about the application.


applicationEvidence is null.


An ActivationArguments object could not be found in the application evidence.


The ActivationContext property in the activation arguments is null.


The ApplicationTrust grant set does not contain the minimum request set specified by the ActivationContext.

This method can be overridden by a derived class. The base implementation calls the application security manager to determine if the application should be executed.

The base implementation does not use the activator evidence. However, an overridden implementation could use the activator evidence to determine the security evidence for the application domain attempting to activate the application.

The following code example shows an override of the DetermineApplicationTrust method for a custom host security manager. This example is part of a larger example provided for the HostSecurityManager class.

        [SecurityPermissionAttribute(SecurityAction.Demand, Execution = true)]
		[SecurityPermissionAttribute(SecurityAction.Assert, Unrestricted = true)]
		public override ApplicationTrust DetermineApplicationTrust(Evidence applicationEvidence, Evidence activatorEvidence, TrustManagerContext context)
			if (applicationEvidence == null)
				throw new ArgumentNullException("applicationEvidence");

			// Get the activation context from the application evidence. 
			// This HostSecurityManager does not examine the activator evidence 
			// nor is it concerned with the TrustManagerContext; 
			// it simply grants the requested grant in the application manifest.

			IEnumerator enumerator = applicationEvidence.GetHostEnumerator();
			ActivationArguments activationArgs = null;
			while (enumerator.MoveNext())
				activationArgs = enumerator.Current as ActivationArguments;
				if (activationArgs != null)

			if (activationArgs == null)
				return null;

			ActivationContext activationContext = activationArgs.ActivationContext;
			if (activationContext == null)
				return null;

			ApplicationTrust trust = new ApplicationTrust(activationContext.Identity);
			ApplicationSecurityInfo asi = new ApplicationSecurityInfo(activationContext);
			trust.DefaultGrantSet = new PolicyStatement(asi.DefaultRequestSet, PolicyStatementAttribute.Nothing);
			trust.IsApplicationTrustedToRun = true;
			return trust;

Windows 7, Windows Vista, Windows XP SP2, Windows XP Media Center Edition, Windows XP Professional x64 Edition, Windows XP Starter Edition, Windows Server 2008 R2, Windows Server 2008, Windows Server 2003, Windows Server 2000 SP4, Windows Millennium Edition, Windows 98

The .NET Framework and .NET Compact Framework do not support all versions of every platform. For a list of the supported versions, see .NET Framework System Requirements.

.NET Framework

Supported in: 3.5, 3.0, 2.0