Was this page helpful?
Your feedback about this content is important. Let us know what you think.
Additional feedback?
1500 characters remaining
Export (0) Print
Expand All

SecurityState Class

Provides a base class for requesting the security status of an action from the AppDomainManager object.

Namespace:  System.Security
Assembly:  mscorlib (in mscorlib.dll)

[PermissionSetAttribute(SecurityAction.InheritanceDemand, Unrestricted = true)]
public abstract class SecurityState

The SecurityState type exposes the following members.

Protected methodSecurityStateInitializes a new instance of the SecurityState class.

Public methodEnsureStateWhen overridden in a derived class, ensures that the state that is represented by SecurityState is available on the host.
Public methodEquals(Object)Determines whether the specified object is equal to the current object. (Inherited from Object.)
Protected methodFinalizeAllows an object to try to free resources and perform other cleanup operations before it is reclaimed by garbage collection. (Inherited from Object.)
Public methodGetHashCodeServes as the default hash function. (Inherited from Object.)
Public methodGetTypeGets the Type of the current instance. (Inherited from Object.)
Public methodIsStateAvailableGets a value that indicates whether the state for this implementation of the SecurityState class is available on the current host.
Protected methodMemberwiseCloneCreates a shallow copy of the current Object. (Inherited from Object.)
Public methodToStringReturns a string that represents the current object. (Inherited from Object.)

You must inherit from this class to provide a class that includes a property that specifies the security-sensitive action to be performed. The SecurityState object that is instantiated from the derived class is passed to the AppDomainManager.CheckSecuritySettings method to determine whether the host allows that action to be performed. The default implementation of the CheckSecuritySettings method always returns false. The method must be overridden to detect the actions that are allowed.

For example, if you want to access a Web camera in your library code, you would create a WebcamSecurityState object and call the EnsureState method to determine whether the host allows Web camera access, as shown in the following example. (You can find the code for WebcamSecurityState in the "Example" section.)

WebcamSecurityState securityState = new WebcamSecurityState("Safe access to Webcam", WebcamSecurityOptions.SafeAccess);
   // Allocate memory.
catch (ApplicationException e)
    // Handle any exception that is thrown.

To process the call the AppDomainManager must be made aware of WebcamSecurityState through an override of the AppDomainManager.CheckSecuritySettings method, as shown in the following example.

public override bool CheckSecuritySettings(System.Security.SecurityState securityState)
   switch (securityState.ToString())
      case "WebcamSecurityState":
          if ((securityState as WebcamSecurityState).Options == WebcamSecurityOptions.SafeAccess)
              return PromptUser((securityState as WebcamSecurityState).Description);
           return false;
      return false;
private bool PromptUser(string text)
   // Replace the OpenFileDialog with a custom user prompt.
   OpenFileDialog o = new OpenFileDialog();
   o.Title = text;
   if (o.ShowDialog() == DialogResult.OK)
      return true;
      return false;

The following example shows how to override the SecurityState class.

public enum WebcamSecurityOptions
public class WebcamSecurityState : SecurityState
    public WebcamSecurityState(string description, WebcamSecurityOptions options)
        Options = options;
        Description = description;
    public WebcamSecurityOptions Options { get; set; }
    public string Description { get; set; }
    public override void EnsureState()
       if (!IsStateAvailable())
           throw new ApplicationException("WebcamSecurityState not available");

.NET Framework

Supported in: 4.6, 4.5, 4, 3.5 SP1, 3.0 SP2, 2.0 SP2

.NET Framework Client Profile

Supported in: 4, 3.5 SP1

Supported in: Windows Phone 8.1

Supported in: Windows Phone Silverlight 8.1

Supported in: Windows Phone Silverlight 8

  • SecurityCriticalAttribute 

    requires full trust for the immediate caller. This class cannot be used by partially trusted or transparent code.

  • InheritanceDemand 

    for full trust for inheritors. This class cannot be inherited by partially trusted code.

Any public static (Shared in Visual Basic) members of this type are thread safe. Any instance members are not guaranteed to be thread safe.
© 2015 Microsoft