Authorization

Authorization determines whether an identity should be granted access to a specific resource. ASP.NET maps users and roles to URLs in ASP.NET applications. With URL authorization, you explicitly allow or deny access to a particular directory by user name or role. When your application URL authorization requirements are satisfied by user name or role, you can use the ASP.NET authorization module.

Note:
ASP.NET also supports file authorization. File authorization checks the access control list (ACL) of the .aspx or .asmx handler file to determine whether a user should have access to the file. For more information, see ASP.NET Authorization on MSDN.

The Composite Web Application Block includes two services that you can use to implement rule-based authorization for URLs:
  • IAuthorizationRulesService. This manages a mapping of rules to URLs.
  • IAuthorizarionService. This implements the authorization check for a rule.
Figure 1 illustrates the rule-based authorization HttpModule.
Rule-BasedAuthorizationModule.png
Figure 1
Rule-based authorization module.

The AuthorizationRules class implements the IAuthorizationRules service with a collection of URLs (strings) with each URL associated with a collection of rule identifiers (strings). Figure 2 illustrates the AuthorizationRulesService service.
AuthorizationRulesServiceService.png
Figure 2
AuthorizationRulesService service.

The Composite Web Application Block also includes an implementation of a service that uses the Enterprise Library Security Application Block. You can configure the Security Application Block to use Authorization Manager, a rule-based provider, or a custom authorization provider. Figure 3 illustrates the EnterpriseLibraryAuthorizationService.
EnterpriseLibraryAuthorizationService.png
Figure 3
EnterpriseLibraryAuthorizationService.

Last edited Nov 20, 2007 at 1:24 PM by ejadib, version 2

Comments

No comments yet.