This documentation is archived and is not being maintained.

PrincipalPermissionAttribute Class

Allows security actions for PrincipalPermission to be applied to code using declarative security. This class cannot be inherited.

For a list of all members of this type, see PrincipalPermissionAttribute Members.


[Visual Basic]
<AttributeUsage(AttributeTargets.Class Or AttributeTargets.Method)>
NotInheritable Public Class PrincipalPermissionAttribute
   Inherits CodeAccessSecurityAttribute
[AttributeUsage(AttributeTargets.Class | AttributeTargets.Method)]
public sealed class PrincipalPermissionAttribute :
[AttributeUsage(AttributeTargets::Class |
public __gc __sealed class PrincipalPermissionAttribute : public
   AttributeUsage(AttributeTargets.Class | AttributeTargets.Method)
class PrincipalPermissionAttribute extends

Thread Safety

Any public static (Shared in Visual Basic) members of this type are thread safe. Any instance members are not guaranteed to be thread safe.


PrincipalPermissionAttribute can be used to declaratively demand that users running your code belong to a specified role or have been authenticated. Use of Unrestricted creates a PrincipalPermission with Authenticated set to true and Name and Role set to a null reference (Nothing in Visual Basic).

The scope of the declaration that is allowed depends on the SecurityAction that is used. PrincipalPermissionAttribute cannot be applied at the assembly level.

The security information declared by a security attribute is stored in the metadata of the attribute target and is accessed by the system at run time. Security attributes are used only for declarative security. For imperative security, use the corresponding permission class.


[Visual Basic, C#, C++] The following example demonstrates how PrincipalPermission can be used declaratively to demand that the current user is Bob and belongs to the Supervisor role.

[Visual Basic] 
<PrincipalPermissionAttribute(SecurityAction.Demand, _
 Name := "Bob", Role := "Supervisor")> Public Class SampleClass

[PrincipalPermissionAttribute(SecurityAction.Demand, Name="Bob",

[PrincipalPermissionAttribute(SecurityAction::Demand, Name=S"Bob",

[Visual Basic, C#, C++] The following example demonstrates how to demand that the current user's identity is Bob, regardless of role membership.

[Visual Basic] 
<PrincipalPermissionAttribute(SecurityAction.Demand, _
 Name := "Bob")> Public Class SampleClass

[PrincipalPermissionAttribute(SecurityAction.Demand, Name="Bob")]

[PrincipalPermissionAttribute(SecurityAction::Demand, Name=S"Bob")]

[Visual Basic, C#, C++] The following example demonstrates how to demand only that the user is authenticated.

[Visual Basic] 
<PrincipalPermissionAttribute(SecurityAction.Demand, _
 Authenticated := True)> Public Class SampleClass

[PrincipalPermissionAttribute(SecurityAction.Demand, Authenticated=true)]

[PrincipalPermissionAttribute(SecurityAction::Demand, Authenticated=true)]

[JScript] No example is available for JScript. To view a Visual Basic, C#, or C++ example, click the Language Filter button Language Filter in the upper-left corner of the page.


Namespace: System.Security.Permissions

Platforms: Windows 98, Windows NT 4.0, Windows Millennium Edition, Windows 2000, Windows XP Home Edition, Windows XP Professional, Windows Server 2003 family

Assembly: Mscorlib (in Mscorlib.dll)

See Also

PrincipalPermissionAttribute Members | System.Security.Permissions Namespace | Extending Metadata Using Attributes | Principal | PrincipalPermission