Multiple Roles to a Rule or vice versa

Topics: Web Client Software Factory
Jul 24, 2008 at 10:47 PM
We have a rather large Authorization / Rules matrix and I am wondering how I can pare down the number of lines in the RuleProvider.

Is there a way to create an expression for Rule provider that would associate multiple roles to a rule?
Developer
Jul 25, 2008 at 2:57 PM

Hi

 

The Authorization Rule Provider included in the Security Application Block allows you to define your rules in the Web.config in the following way. There you can define the expression for all your rules.

 

<securityConfiguration defaultAuthorizationInstance="RuleProvider" defaultSecurityCacheInstance="">

  <authorizationProviders>

    <add type="Microsoft.Practices.EnterpriseLibrary.Security.AuthorizationRuleProvider, Microsoft.Practices.EnterpriseLibrary.Security, Version=3.1.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a"

         name="RuleProvider">

      <rules>

        <add expression="((R:HumanResources OR R:GeneralManagers) AND (NOT R:HRSpecialist))"

             name="AllowAccessTransfers" />

      </rules>

    </add>

  </authorizationProviders>

</securityConfiguration>

 

For more information you can check the Lab 06 - Authorization of the Hands-on Labs for WCSF June 2007 or the Enterprise Library forums.

 

Please, let me know if it helps.

 

Mariano Converti

http://blogs.southworks.net/mconverti