Re: Mapping AZMAN to our existing security Design, Scenario?
- From: "Nicole Calinoiu" <calinoiu REMOVETHIS AT gmail DOT com>
- Date: Wed, 14 Jun 2006 11:49:20 -0400
AzMan verifications take place only at the operation level. One could
certainly write custom code to perform task-level verifications, which would
usually represent a verification of all operations in the task and any
subtasks (recursively). In your case, however, it might be that a menu
should be displayed/enabled if the user has rights to any operation under
the menu-level task. The code for this would be similar, verifying whether
any operation is allowed rather than whether all operations are allowed.
"Vijay Varma" <dotnetvarma@xxxxxxxxxxxx(donotspam)> wrote in message
Our applications are running under visual basic 6 and SQL Server.Security
for these applications like user,roles,groups and object permissions are
stored in sqlserver and checked through the application.We have our
menu which is been stored in SQL Server and displayed dynamically based on
our roles and groups.
The above design was so cluttered and confusing if we need to create a new
application and design a menu or access control for the application it is
becoming complex.When my manager spoke to microsoft team,they have
AZMAN for this...
I have started converting our existing security design into new role based
authorization using AZMAN....I have created all the parent menus as tasks
submenus as operations in AZMAN as XML store.I have defined groups,roles
assigned users also.
When i access the store,get the client security context and then trying to
check whether the user role has access to particulat task or not.but i
not able to check,bcos it allows only role checking at operation
Is there any way to check the task before checking the access level for
operations...If so could some body let me know,how to do that....