public sealed class PrincipalPermission : System.Security.IPermission, System.Security.ISecurityEncodable, IUnrestrictedPermission, IBuiltInPermission { // Public Constructors public PrincipalPermission(PermissionState state); public PrincipalPermission(string name, string role); public PrincipalPermission(string name, string role, bool isAuthenticated); // Public Instance Methods public IPermission Copy( ); // implements System.Security.IPermission public void Demand( ); // implements System.Security.IPermission public void FromXml(System.Security.SecurityElement elem); // implements System.Security.ISecurityEncodable public IPermission Intersect(System.Security.IPermission target); // implements System.Security.IPermission public bool IsSubsetOf(System.Security.IPermission target); // implements System.Security.IPermission public bool IsUnrestricted( ); // implements IUnrestrictedPermission public override string ToString( ); // overrides object public SecurityElement ToXml( ); // implements System.Security.ISecurityEncodable public IPermission Union(System.Security.IPermission other); // implements System.Security.IPermission }
The PrincipalPermission class is the only role-based permission provided in the .NET Framework class library. PrincipalPermission allows code to make imperative security demands to ensure that the current thread's System.Security.Principal.IPrincipal object represents a specific identity or contains specified role names. Unlike the code-access and identity permission classes, PrincipalPermission does not inherit from System.Security.CodeAccessPermission. In addition, though PrincipalPermission implements System.Security.IPermission, it does not implement System.Security.IStackWalk, which means that security demands against PrincipalPermission objects do not result in stack walks.
A PrincipalPermission object must be configured during construction, as no properties are provided to manage its state. The constructor name argument specifies the identity name, and the role argument specifies the name of a single role of which the identity must be a member. The isAuthneticated argument specifies whether the principal must have been authenticated.