System.Security.Permissions.SiteIdentityPermission Class

Defines the identity permission for the Web site from which the code originates. This class cannot be inherited.

See Also: SiteIdentityPermission Members


public sealed class SiteIdentityPermission : System.Security.CodeAccessPermission, IBuiltInPermission


Using this class, it is possible to ensure that callers are from a specific Web site. Site identity is only defined for code from URLs with the protocols of HTTP, HTTPS, and FTP. A site is the string between the "//" after the protocol of a URL and the following "/", if present, for example, in the URL This excludes port numbers. If a given URL is, the site is, not

Sites can be matched exactly, or by a wildcard ("*") prefix at the dot delimiter. For example, the site name string * matches as well as Without a wildcard, the site name must be a precise match. The site name string * will match any site, but will not match code that has no site evidence.


Starting with the net_v40_long, identity permissions are not used.

In the .NET Framework versions 1.0 and 1.1, demands on the identity permissions are effective, even when the calling assembly is fully trusted. That is, although the calling assembly has full trust, a demand for an identity permission fails if the assembly does not meet the demanded criteria. Starting with the .NET Framework version 2.0, demands for identity permissions are ineffective if the calling assembly has full trust. This assures consistency for all permissions, eliminating the treatment of identity permissions as a special case.


In versions of the .NET Framework before the net_v40_long, you could use the System.Security.CodeAccessPermission.Deny method to prevent inadvertent access to system resources by trusted code. System.Security.CodeAccessPermission.Deny is now obsolete, and access to resources is now determined solely by the granted permission set for an assembly. To limit access to files, you must run partially trusted code in a sandbox and assign it permissions only to resources that the code is allowed to access. For information about running an application in a sandbox, see How To: Run Partially Trusted Code in a Sandbox.


In the .NET Framework versions 1.0 and 1.1, identity permissions cannot have an PermissionState.Unrestricted permission state value. Starting with the .NET Framework version 2.0, identity permissions can have any permission state value. This means that in 2.0 and later versions, identity permissions have the same behavior as permissions that implement the System.Security.Permissions.IUnrestrictedPermission interface.


Namespace: System.Security.Permissions
Assembly: mscorlib (in mscorlib.dll)
Assembly Versions: 1.0.5000.0,,