dynamic tools for .net developers™  LaMarvin Home
home » constable » faq » windows roles
separator
« back (constable)
separator
overview
separator
what's new
separator
features
separator
tutorial
separator
faq
separator
  » custom roles
separator
  » context
separator
  » object types
separator
  » com+ roles
separator
  » windows roles
separator
  » determinism
separator
  » resources
separator
  » role resolution
separator
  » state machine
separator
  » history
separator
requirements
separator
downloads
separator
buy
separator

CAZE product box

How to use CAZE with Windows integrated authentication

If you'd like to use the integrated Windows authentication for authorization checks, you'll have to do two things:

First, use an instance of the System.Security.Principal.WindowsPrincipal class as the Policy's current principal, for example: 
[Visual Basic]
Dim policy As New AuthorizationPolicy
...
policy.CurrentPrincipal = _ 
  New WindowsPrincipal(WindowsIdentity.GetCurrent())
  
[C#]
AuthorizationPolicy policy = new AuthorizationPolicy(); 
...
policy.CurrentPrincipal = 
  new WindowsPrincipal(WindowsIdentity.GetCurrent());
Second, populate the authorization policy with WindowsRole instances that map the role IDs to windows group names, for example: 
[Visual Basic]
policy.Roles.Add( _
  New WindowsRole("Admin", "BUILTIN\Administrators"))

[C#]
policy.Roles.Add(
  new WindowsRole("Admin", @"BUILTIN\Administrators"));
Now, every time the policy has to resolve role membership, members of the local Administrators windows group will be made members of the Admin CAZE role.

Please, see the document approval tutorial for more details.



© 2002-2007 LaMarvin. All Rights Reserved.     [Terms of use]     [Privacy] This site doesn't open new browser windows.