dotnet · gewarren · May 29, 2026 · May 29, 2026
@@ -52,7 +52,7 @@
 > [!NOTE]
 > This type is only supported on Windows.
 
- The <xref:System.Security.AccessControl.EventWaitHandleAccessRule> class is one of a set of classes that the .NET Framework provides for managing Windows access control security on named system events. For an overview of these classes, and their relationship to the underlying Windows access control structures, see <xref:System.Security.AccessControl.EventWaitHandleSecurity>.
+ The <xref:System.Security.AccessControl.EventWaitHandleAccessRule> class is one of a set of classes that .NET provides for managing Windows access control security on named system events. For an overview of these classes, and their relationship to the underlying Windows access control structures, see <xref:System.Security.AccessControl.EventWaitHandleSecurity>.
 
 > [!NOTE]
 >  Windows access control security is meaningful only for named system events. If an <xref:System.Threading.EventWaitHandle> object represents a local event, access control is irrelevant.

@@ -48,7 +48,7 @@
 > [!NOTE]
 > This type is only supported on Windows.
 
- The <xref:System.Security.AccessControl.EventWaitHandleAuditRule> class is one of a set of classes that the .NET Framework provides for managing Windows access control security on named system events. For an overview of these classes and their relationship to the underlying Windows access control structures, see <xref:System.Security.AccessControl.EventWaitHandleSecurity>.
+ The <xref:System.Security.AccessControl.EventWaitHandleAuditRule> class is one of a set of classes that .NET provides for managing Windows access control security on named system events. For an overview of these classes and their relationship to the underlying Windows access control structures, see <xref:System.Security.AccessControl.EventWaitHandleSecurity>.
 
 > [!NOTE]
 >  Windows access control security is meaningful only for named system events. If an <xref:System.Threading.EventWaitHandle> object represents a local event, access control is irrelevant.

@@ -50,12 +50,10 @@ The <xref:System.Security.AccessControl.FileSecurity> class hides many of the de
 
 Use the <xref:System.Security.AccessControl.FileSecurity> class to retrieve, add, or change the access rules that represent the DACL and SACL of a file.
 
-Use the following .NET implementation-dependent methods to add or retrieve the access or audit rules from a file:
+Use the following methods to add or retrieve the access or audit rules from a file:
 
-| .NET implementation | Add rules | Retrieve rules  |
-|---------------------|-----------|-----------------|
-| .NET                | <xref:System.IO.FileSystemAclExtensions.SetAccessControl(System.IO.FileInfo,System.Security.AccessControl.FileSecurity)?displayProperty=nameWithType> | <xref:System.IO.FileSystemAclExtensions.GetAccessControl(System.IO.FileInfo)?displayProperty=nameWithType> |
-| .NET Framework      | <xref:System.IO.FileInfo.SetAccessControl(System.Security.AccessControl.FileSecurity)?displayProperty=nameWithType> | <xref:System.IO.FileInfo.GetAccessControl?displayProperty=nameWithType> |
+- <xref:System.IO.FileSystemAclExtensions.SetAccessControl(System.IO.FileInfo,System.Security.AccessControl.FileSecurity)?displayProperty=nameWithType>
+- <xref:System.IO.FileSystemAclExtensions.GetAccessControl(System.IO.FileInfo)?displayProperty=nameWithType>
 
 ## Examples
 
@@ -180,18 +178,18 @@ You can add access or audit rules to the <xref:System.Security.AccessControl.Fil
         <exception cref="T:System.IO.PathTooLongException">The specified path, file name, or both exceed the system-defined maximum length.</exception>
         <exception cref="T:System.Security.AccessControl.PrivilegeNotHeldException">The current system account does not have administrative privileges.</exception>
         <exception cref="T:System.SystemException">The file could not be found.</exception>
-        <exception cref="T:System.UnauthorizedAccessException">The <paramref name="fileName" /> parameter specified a file that is read-only.  
-  
- -or-  
-  
- This operation is not supported on the current platform.  
-  
- -or-  
-  
- The <paramref name="fileName" /> parameter specified a directory.  
-  
- -or-  
-  
+        <exception cref="T:System.UnauthorizedAccessException">The <paramref name="fileName" /> parameter specified a file that is read-only.
+
+ -or-
+
+ This operation is not supported on the current platform.
+
+ -or-
+
+ The <paramref name="fileName" /> parameter specified a directory.
+
+ -or-
+
  The caller does not have the required permission.</exception>
       </Docs>
     </Member>

@@ -52,7 +52,7 @@
 > [!NOTE]
 > This type is only supported on Windows.
 
- The <xref:System.Security.AccessControl.MutexAccessRule> class is one of a set of classes that the .NET Framework provides for managing Windows access control security on named system mutexes. For an overview of these classes, and their relationship to the underlying Windows access control structures, see <xref:System.Security.AccessControl.MutexSecurity>.
+ The <xref:System.Security.AccessControl.MutexAccessRule> class is one of a set of classes that .NET provides for managing Windows access control security on named system mutexes. For an overview of these classes, and their relationship to the underlying Windows access control structures, see <xref:System.Security.AccessControl.MutexSecurity>.
 
 > [!NOTE]
 >  Windows access control security is meaningful only for named system mutexes. If a <xref:System.Threading.Mutex> object represents a local mutex, access control is irrelevant.

@@ -48,7 +48,7 @@
 > [!NOTE]
 > This type is only supported on Windows.
 
- The <xref:System.Security.AccessControl.MutexAuditRule> class is one of a set of classes that the .NET Framework provides for managing Windows access control security on named system mutexes. For an overview of these classes and their relationship to the underlying Windows access control structures, see <xref:System.Security.AccessControl.MutexSecurity>.
+ The <xref:System.Security.AccessControl.MutexAuditRule> class is one of a set of classes that .NET provides for managing Windows access control security on named system mutexes. For an overview of these classes and their relationship to the underlying Windows access control structures, see <xref:System.Security.AccessControl.MutexSecurity>.
 
 > [!NOTE]
 >  Windows access control security is meaningful only for named system mutexes. If a <xref:System.Threading.Mutex> object represents a local mutex, access control is irrelevant.

@@ -62,7 +62,7 @@
       <format type="text/markdown"><![CDATA[
 
 ## Remarks
- The <xref:System.Security.AccessControl.RegistryAccessRule> class is one of a set of classes that the .NET Framework provides for managing Windows access control security on registry keys. For an overview of these classes, and their relationship to the underlying Windows access control structures, see <xref:System.Security.AccessControl.RegistrySecurity>.
+ The <xref:System.Security.AccessControl.RegistryAccessRule> class is one of a set of classes that .NET provides for managing Windows access control security on registry keys. For an overview of these classes, and their relationship to the underlying Windows access control structures, see <xref:System.Security.AccessControl.RegistrySecurity>.
 
 > [!NOTE]
 >  Windows access control security can only be applied to registry keys. It cannot be applied to individual key/value pairs stored in a key.
@@ -155,16 +155,16 @@
  ]]></format>
         </remarks>
         <exception cref="T:System.ArgumentOutOfRangeException">
-          <paramref name="registryRights" /> specifies an invalid value.  
-  
- -or-  
-  
+          <paramref name="registryRights" /> specifies an invalid value.
+
+ -or-
+
  <paramref name="type" /> specifies an invalid value.</exception>
         <exception cref="T:System.ArgumentNullException">
-          <paramref name="identity" /> is <see langword="null" />.  
-  
- -or-  
-  
+          <paramref name="identity" /> is <see langword="null" />.
+
+ -or-
+
  <paramref name="eventRights" /> is zero.</exception>
         <exception cref="T:System.ArgumentException">
           <paramref name="identity" /> is neither of type <see cref="T:System.Security.Principal.SecurityIdentifier" /> nor of a type such as <see cref="T:System.Security.Principal.NTAccount" /> that can be converted to type <see cref="T:System.Security.Principal.SecurityIdentifier" />.</exception>
@@ -229,22 +229,22 @@
  ]]></format>
         </remarks>
         <exception cref="T:System.ArgumentOutOfRangeException">
-          <paramref name="registryRights" /> specifies an invalid value.  
-  
- -or-  
-  
+          <paramref name="registryRights" /> specifies an invalid value.
+
+ -or-
+
  <paramref name="type" /> specifies an invalid value.</exception>
         <exception cref="T:System.ArgumentNullException">
           <paramref name="registryRights" /> is zero.</exception>
         <exception cref="T:System.ArgumentException">
-          <paramref name="identity" /> is <see langword="null" />.  
-  
- -or-  
-  
- <paramref name="identity" /> is a zero-length string.  
-  
- -or-  
-  
+          <paramref name="identity" /> is <see langword="null" />.
+
+ -or-
+
+ <paramref name="identity" /> is a zero-length string.
+
+ -or-
+
  <paramref name="identity" /> is longer than 512 characters.</exception>
       </Docs>
     </Member>
@@ -315,24 +315,24 @@
  ]]></format>
         </remarks>
         <exception cref="T:System.ArgumentOutOfRangeException">
-          <paramref name="registryRights" /> specifies an invalid value.  
-  
- -or-  
-  
- <paramref name="type" /> specifies an invalid value.  
-  
- -or-  
-  
- <paramref name="inheritanceFlags" /> specifies an invalid value.  
-  
- -or-  
-  
+          <paramref name="registryRights" /> specifies an invalid value.
+
+ -or-
+
+ <paramref name="type" /> specifies an invalid value.
+
+ -or-
+
+ <paramref name="inheritanceFlags" /> specifies an invalid value.
+
+ -or-
+
  <paramref name="propagationFlags" /> specifies an invalid value.</exception>
         <exception cref="T:System.ArgumentNullException">
-          <paramref name="identity" /> is <see langword="null" />.  
-  
- -or-  
-  
+          <paramref name="identity" /> is <see langword="null" />.
+
+ -or-
+
  <paramref name="registryRights" /> is zero.</exception>
         <exception cref="T:System.ArgumentException">
           <paramref name="identity" /> is neither of type <see cref="T:System.Security.Principal.SecurityIdentifier" />, nor of a type such as <see cref="T:System.Security.Principal.NTAccount" /> that can be converted to type <see cref="T:System.Security.Principal.SecurityIdentifier" />.</exception>
@@ -417,30 +417,30 @@
  ]]></format>
         </remarks>
         <exception cref="T:System.ArgumentOutOfRangeException">
-          <paramref name="registryRights" /> specifies an invalid value.  
-  
- -or-  
-  
- <paramref name="type" /> specifies an invalid value.  
-  
- -or-  
-  
- <paramref name="inheritanceFlags" /> specifies an invalid value.  
-  
- -or-  
-  
+          <paramref name="registryRights" /> specifies an invalid value.
+
+ -or-
+
+ <paramref name="type" /> specifies an invalid value.
+
+ -or-
+
+ <paramref name="inheritanceFlags" /> specifies an invalid value.
+
+ -or-
+
  <paramref name="propagationFlags" /> specifies an invalid value.</exception>
         <exception cref="T:System.ArgumentNullException">
           <paramref name="eventRights" /> is zero.</exception>
         <exception cref="T:System.ArgumentException">
-          <paramref name="identity" /> is <see langword="null" />.  
-  
- -or-  
-  
- <paramref name="identity" /> is a zero-length string.  
-  
- -or-  
-  
+          <paramref name="identity" /> is <see langword="null" />.
+
+ -or-
+
+ <paramref name="identity" /> is a zero-length string.
+
+ -or-
+
  <paramref name="identity" /> is longer than 512 characters.</exception>
       </Docs>
     </Member>

@@ -62,7 +62,7 @@
       <format type="text/markdown"><![CDATA[
 
 ## Remarks
- The <xref:System.Security.AccessControl.RegistryAuditRule> class is one of a set of classes that the .NET Framework provides for managing Windows access control security on registry keys. For an overview of these classes and their relationship to the underlying Windows access control structures, see <xref:System.Security.AccessControl.RegistrySecurity>.
+ The <xref:System.Security.AccessControl.RegistryAuditRule> class is one of a set of classes that .NET provides for managing Windows access control security on registry keys. For an overview of these classes and their relationship to the underlying Windows access control structures, see <xref:System.Security.AccessControl.RegistrySecurity>.
 
 > [!NOTE]
 >  Windows access control security can only be applied to registry keys. It cannot be applied to individual key/value pairs stored in a key.
@@ -161,24 +161,24 @@
  ]]></format>
         </remarks>
         <exception cref="T:System.ArgumentOutOfRangeException">
-          <paramref name="eventRights" /> specifies an invalid value.  
-  
- -or-  
-  
- <paramref name="flags" /> specifies an invalid value.  
-  
- -or-  
-  
- <paramref name="inheritanceFlags" /> specifies an invalid value.  
-  
- -or-  
-  
+          <paramref name="eventRights" /> specifies an invalid value.
+
+ -or-
+
+ <paramref name="flags" /> specifies an invalid value.
+
+ -or-
+
+ <paramref name="inheritanceFlags" /> specifies an invalid value.
+
+ -or-
+
  <paramref name="propagationFlags" /> specifies an invalid value.</exception>
         <exception cref="T:System.ArgumentNullException">
-          <paramref name="identity" /> is <see langword="null" />.  
-  
- -or-  
-  
+          <paramref name="identity" /> is <see langword="null" />.
+
+ -or-
+
  <paramref name="registryRights" /> is zero.</exception>
         <exception cref="T:System.ArgumentException">
           <paramref name="identity" /> is neither of type <see cref="T:System.Security.Principal.SecurityIdentifier" /> nor of a type such as <see cref="T:System.Security.Principal.NTAccount" /> that can be converted to type <see cref="T:System.Security.Principal.SecurityIdentifier" />.</exception>
@@ -253,30 +253,30 @@
  ]]></format>
         </remarks>
         <exception cref="T:System.ArgumentOutOfRangeException">
-          <paramref name="eventRights" /> specifies an invalid value.  
-  
- -or-  
-  
- <paramref name="flags" /> specifies an invalid value.  
-  
- -or-  
-  
- <paramref name="inheritanceFlags" /> specifies an invalid value.  
-  
- -or-  
-  
+          <paramref name="eventRights" /> specifies an invalid value.
+
+ -or-
+
+ <paramref name="flags" /> specifies an invalid value.
+
+ -or-
+
+ <paramref name="inheritanceFlags" /> specifies an invalid value.
+
+ -or-
+
  <paramref name="propagationFlags" /> specifies an invalid value.</exception>
         <exception cref="T:System.ArgumentNullException">
           <paramref name="registryRights" /> is zero.</exception>
         <exception cref="T:System.ArgumentException">
-          <paramref name="identity" /> is <see langword="null" />.  
-  
- -or-  
-  
- <paramref name="identity" /> is a zero-length string.  
-  
- -or-  
-  
+          <paramref name="identity" /> is <see langword="null" />.
+
+ -or-
+
+ <paramref name="identity" /> is a zero-length string.
+
+ -or-
+
  <paramref name="identity" /> is longer than 512 characters.</exception>
       </Docs>
     </Member>

@@ -52,7 +52,7 @@
 > [!NOTE]
 > This type is only supported on Windows.
 
- The <xref:System.Security.AccessControl.SemaphoreAccessRule> class is one of a set of classes that the .NET Framework provides for managing Windows access control security on named system semaphores. For an overview of these classes, and their relationship to the underlying Windows access control structures, see <xref:System.Security.AccessControl.SemaphoreSecurity>.
+ The <xref:System.Security.AccessControl.SemaphoreAccessRule> class is one of a set of classes that .NET provides for managing Windows access control security on named system semaphores. For an overview of these classes, and their relationship to the underlying Windows access control structures, see <xref:System.Security.AccessControl.SemaphoreSecurity>.
 
 > [!NOTE]
 >  Windows access control security is meaningful only for named system semaphores. If a <xref:System.Threading.Semaphore> object represents a local semaphore, access control is irrelevant.

@@ -48,7 +48,7 @@
 > [!NOTE]
 > This type is only supported on Windows.
 
- The <xref:System.Security.AccessControl.SemaphoreAuditRule> class is one of a set of classes that the .NET Framework provides for managing Windows access control security on named system semaphores. For an overview of these classes and their relationship to the underlying Windows access control structures, see <xref:System.Security.AccessControl.SemaphoreSecurity>.
+ The <xref:System.Security.AccessControl.SemaphoreAuditRule> class is one of a set of classes that .NET provides for managing Windows access control security on named system semaphores. For an overview of these classes and their relationship to the underlying Windows access control structures, see <xref:System.Security.AccessControl.SemaphoreSecurity>.
 
 > [!NOTE]
 >  Windows access control security is meaningful only for named system semaphores. If a <xref:System.Threading.Semaphore> object represents a local semaphore, access control is irrelevant.

@@ -57,7 +57,7 @@
 ## Remarks
  A claim is a statement about a subject by an issuer. Claims represent attributes of the subject that are useful in the context of authentication and authorization operations. Subjects and issuers are both entities that are part of an identity scenario. Some typical examples of a subject are: a user, an application or service, a device, or a computer. Some typical examples of an issuer are: the operating system, an application, a service, a role provider, an identity provider, or a federation provider. An issuer delivers claims by issuing security tokens, typically through a Security Token Service (STS). On occasion, the collection of claims received from an issuer can be extended by subject attributes stored directly at the resource. A claim can be evaluated to determine access rights to data and other secured resources during the process of authorization and can also be used to make or express authentication decisions about a subject.
 
- Beginning with .NET Framework 4.5, the Windows Identity Foundation (WIF) classes, which implement claims-based identity, have been fully integrated into .NET Framework. The claims concept is implemented by the <xref:System.Security.Claims.Claim> class.
+The Windows Identity Foundation (WIF) classes, which implement claims-based identity, have been fully integrated into .NET. The claims concept is implemented by the <xref:System.Security.Claims.Claim> class.
 
  The following describes important properties of the <xref:System.Security.Claims.Claim> class:
 
@@ -73,8 +73,6 @@
 
 - The <xref:System.Security.Claims.Claim.OriginalIssuer> property contains the name of the entity that originally issued the claim. This property is designed to facilitate scenarios where a claim may pass through multiple issuers before it is presented by the client to the RP application; such as federation scenarios. You can examine the <xref:System.Security.Claims.Claim.OriginalIssuer> property to determine the entity that originally issued the claim. The name is taken from the list of well-known issuers maintained by the issuer name registry, as in the case of the <xref:System.Security.Claims.Claim.Issuer> property.
 
-
-
 ## Examples
  The following example extracts the claims associated to the authenticated user performing an HTTP request and writes them in the HTTP response. The current user is read from the <xref:System.Web.HttpContext> as a <xref:System.Security.Claims.ClaimsPrincipal> and the claims are read from it. The claims are then written to the <xref:System.Web.HttpResponse> object.