dynamic tools for .net developers™  LaMarvin Home
home » constable » faq » windows roles

How to use CAZE with Windows integrated authentication

If you'd like to use the integrated Windows authentication for authorization checks, you'll have to do two things:

First, use an instance of the System.Security.Principal.WindowsPrincipal class as the Policy's current principal, for example:
[Visual Basic]
Dim policy As New AuthorizationPolicy
policy.CurrentPrincipal = _ 
  New WindowsPrincipal(WindowsIdentity.GetCurrent())
AuthorizationPolicy policy = new AuthorizationPolicy(); 
policy.CurrentPrincipal = 
  new WindowsPrincipal(WindowsIdentity.GetCurrent());
Second, populate the authorization policy with WindowsRole instances that map the role IDs to windows group names, for example:
[Visual Basic]
policy.Roles.Add( _
  New WindowsRole("Admin", "BUILTIN\Administrators"))

  new WindowsRole("Admin", @"BUILTIN\Administrators"));
Now, every time the policy has to resolve role membership, members of the local Administrators windows group will be made members of the Admin CAZE role.

Please, see the document approval tutorial for more details.

© 2002-2007 LaMarvin. All Rights Reserved.     [Terms of use]     [Privacy] This site doesn't open new browser windows.