TrustLevel Class
Configures a trust level for Web applications on a Web server.
Syntax
class TrustLevel : CollectionElement
Methods
This class contains no methods.
Properties
The following table lists the properties exposed by the TrustLevel
class.
Name | Description |
---|---|
Name |
A required read-only string value that specifies a named security level that is mapped to a policy file. The possible values are listed later in the Remarks section. The key property. |
PolicyFile |
A required read/write string value that specifies a configuration file that contains security policy settings for the security level specified in the Name property. The default is "internal".The policy file must be located in the same directory as the computer-level Web.config file. By default this directory is %windir%\Microsoft.NET\Framework\{version}\Config. You can apply the security policy file to an ASP.NET application by specifying the trust level name in the Level property of the TrustSection class. |
Subclasses
This class contains no subclasses.
Remarks
Instances of this class are contained in the SecurityPolicy
property of the SecurityPolicySection class.
You can establish the security policy for all Web applications on the server by setting the trust level. Because trust levels can be defined only at the computer level, configuration files must set the levels in the computer-level configuration directory. By default, this directory is %windir%\Microsoft.NET\Framework\{version}\Config.
You can create a custom policy by mapping a named <trustLevel>
element in the computer-level Web.config file to a custom policy configuration file. The custom policy configuration file must also reside in the computer-level configuration directory.
The following table lists the possible values for the Name
property. The default is "Full
". For an explanation of what each trust level allows, see the TrustSection class.
Value | Description |
---|---|
"Full " |
Specifies that ASP.NET does not restrict security policy with an application domain–specific policy. There is no security policy file associated with Full . By default, this trust-level value is mapped to "internal" in the PolicyFile property. Note: Because ASP.NET treats Full trust as a special case, Full trust does not have an associated policy file. If Full is set, the ASP.NET host does not add extra domain–level policy to the application. The Full trust level is always mapped to an internal handler, and the PolicyFile property is ignored. |
"High " |
Specifies a high level of security for policy file mapping. By default, this trust-level value is mapped to the Web_hightrust.config policy file. |
"Medium " |
Specifies a medium level of security for policy file mapping. By default, this trust-level value is mapped to the Web_mediumtrust.config policy file. |
"Low " |
Specifies a low level of security for policy file mapping. By default, this trust-level value is mapped to the Web_lowtrust.config policy file. |
"Minimal " |
Specifies a minimal level of security for policy file mapping. By default, this trust-level value is mapped to the Web_minimaltrust.config policy file. |
"User Defined " |
Specifies the name of a user-defined trust level. For more information, see Administering Security Policy. |
Example
The following example displays the trust-level names and corresponding security policy configuration files that are specified in the computer-level Web.config file.
' Connect to the WMI WebAdministration namespace.
Set oWebAdmin = GetObject("winmgmts:root\WebAdministration")
' Get the security policy section.
Set oSite = oWebAdmin.Get("Site.Name='Default Web Site'")
oSite.GetSection "SecurityPolicySection", oSection
' Display the path and location.
WScript.Echo "Path: " & oSection.Path
WScript.Echo "Location: " & oSection.Location
WScript.Echo
' Display the security level names and their policy files.
For Each oTrustLevel In oSection.SecurityPolicy
WScript.Echo "Security level: " & oTrustLevel.Name
WScript.Echo " Policy file: " & oTrustLevel.PolicyFile
WScript.Echo
Next
Inheritance Hierarchy
TrustLevel
Requirements
Type | Description |
---|---|
Client | - IIS 7.0 on Windows Vista - IIS 7.5 on Windows 7 - IIS 8.0 on Windows 8 - IIS 10.0 on Windows 10 |
Server | - IIS 7.0 on Windows Server 2008 - IIS 7.5 on Windows Server 2008 R2 - IIS 8.0 on Windows Server 2012 - IIS 8.5 on Windows Server 2012 R2 - IIS 10.0 on Windows Server 2016 |
Product | - IIS 7.0, IIS 7.5, IIS 8.0, IIS 8.5, IIS 10.0 |
MOF file | WebAdministration.mof |
See Also
System.Web.Configuration.TrustLevel
Administering Security Policy
ASP.NET Trust Levels and Policy Files
CollectionElement Class
SecurityPolicySection Class
trustLevel Element for securityPolicy (ASP.NET Settings Schema)