Authorization determines whether an identity should be granted access to a specific resource. ASP.NET maps users and roles to URLs in ASP.NET applications. With URL authorization, you explicitly allow or deny access to a particular directory by user name or
role. When your application URL authorization requirements are satisfied by user name or role, you can use the ASP.NET authorization module.
ASP.NET also supports file authorization. File authorization checks the access control list (ACL) of the .aspx or .asmx handler file to determine whether a user should have access to the file. For more information, see
The Composite Web Application Block includes two services that you can use to implement rule-based authorization for URLs:
- IAuthorizationRulesService. This manages a mapping of rules to URLs.
- IAuthorizarionService. This implements the authorization check for a rule.
illustrates the rule-based authorization HttpModule
Rule-based authorization module.
class implements the IAuthorizationRules
service with a collection of URLs (strings) with each URL associated with a collection of rule identifiers (strings).
illustrates the AuthorizationRulesService service.
The Composite Web Application Block also includes an implementation of a service that uses the
Enterprise Library Security Application Block
. You can configure the Security Application Block to use Authorization Manager, a rule-based provider, or a custom authorization provider.
illustrates the EnterpriseLibraryAuthorizationService