I'm doing a authorization check from a WinForms application with the help of the AzMan authorization provider from Enterprise Library and I'm receiving the the following error: Unable to update the password. The value provided as the current password is incorrect. (Exception from HRESULT: 0x8007052B) (Microsoft.Practices.EnterpriseLi...
Is it possible to specify a relative connection string for an AzMan XML store? My current connection string is connectionString="msxml://c:/azman.xml" but I really need to make that relative so other developers and automated builds can get the latest authorization store. MS documentation seems to suggest that connectionString="msxml://...
Hi all I have a web service running in IIS 6.0 on Windows 2003. It's authentication mode is Integrated Windows security (anonymous disabled), and authorization is done with Authorization Manager and an XML authorization store. My test user is a domain user (admin, actually) with membership in an authorized role. I am testing this (for ...
I am using authorization Manager in one of my application and my requirement is to copy the AzMan store from one location to another location. My source location is Active directory and destination is xml and I have the path for both of these. When I create an AzMan store and initialize with the source link to get a handle of object, th...
We're beginning to design a whole bunch of new services to create (WCF, ADO.NET Data Services, possibly in the cloud at some point) and one question that pops up is what authentication and authorization scheme to use - there are quite a few! We basically need to be able to identify users (actual people, and "virtual" application/servic...
I have a web application that uses AzMan authorization to grant different functionality to different users. I've just started using WatiN to implement some automated web UI tests that run under Visual Studio Team System/TFS. I'd like to be able to use it to verify the different authorization scenarios. To do this though I'd need to be ab...
Hi, I'm trying to fetch a list of operations related to user. I'm using AzMan to store the application authorization rules. How can i get list of operations per user using EntLib 4.1 SecurityApplicationBlocks or any other way? [C#] Thanks. ...
Hi, I'm wondering does any one know how to sync data between two instances of AzMan? I've created a big list of tasks and operations in the test instance of AzMan and I need to move it to another server for UAT. I've googled around and the closest solution I found was a bulk import/export tool, but there's no document on how to run ...
I've created a web application that uses Microsoft AzMan, and it works just fine until you have multiple users. I'm almost 100% certain that AzMan is caching the same stuff for multiple users. To simplify it a bit, the problem I'm seeing is user A goes to the site and has full access, the user is granted the correct access and can work...
I created a sample ADAM Instance. Used AzMan. Created a webservice to get the information from ADAM and AzMan. I created a user in AD. Used that user for anonymous access in IIS. Gave reader access to that user, in ADAM and AzMan. This setup worked successfully. Now I am creating the actual ADAM Instance for Dev, Test and Prod. My W...
I have an Azman store in AD, but cannot access it from our ASP.NET web server. I'm assuming that I need to grant the ASP.NET Network Service permission to the Azman store (using the Azman config tool), but cannot find the account for the ASP.NET server in AD. Should I use the Network Service account or reconfigure ASP.NET to impersonate...
Is it possible to use AzMan for role based authorization on objects which are created at runtime? If yes how can this be done? For Example: If an object of class "CustomAlert" is created at runtime, I am trying to see if I can have different rules for different objects of the class "CustomAlert". If an object is created by using a spec...
I'm using AzMan on Windows Server 2003, and I've written a management application that completely hides AzMan and the MMC from the security team. However, I'm having a hard time implementing one of the features in the MMC. I have a role called User, and a role called Branch User which contains nothing but the User role. I want to assig...
I'm using the AZROLESLib which is from the COM references "azroles 1.0 Type Library" and I am trying to create a list of the designated tasks for each role that I have currently set in my authorization manager but when I loop through the tasks for the role, I get the role name. I've looked all around but couldn't find anything that woul...
Hi, I'm able to get the roles associated with the authenticated user but not the groups. Is there a way to get the groups WindowsIdentity userIdentity = HttpContext.Current.User.Identity as WindowsIdentity; AzAuthorizationStoreClass azManStore = new AzAuthorizationStoreClass(); string storeConnectionString = ConfigurationManager.Conn...
Hello. What is the best way to achieve application authorization and entitlement in .Net. Earlier AzMan use to be the standard way. With the advent of provider model, at least roles are taken care of but I am not sure about the authorization & entitlement. I am looking at the ability to define and access operation level permissions for r...
Using ASP.NET (C#) I have set up Authorization Manager to allow me to handle roles on a website. Added users to roles is simple Roles.AddUserToRole("DOMAIN\\UserName", "role"). However I want to list the users belonging to a role, but since they are stored as SID's, displaying them would not be that helpful. To get the users, I am thinki...
I have a WPF application with a WCF service layer and a SQL database. I now want to restrict elements of the application so that certain functions are only available to those users with a particular role. For example, you will only be able to navigate to the settings screen if you are an administrator. I would like a user to be a member...
I have a wcf service in front of an AzMan store that passes roles and operations to clients using the following interface: [OperationContract] bool AuthenticateUser(string password, string appName); [OperationContract] string[] GetRoles(string storelocation, string appName); [OperationContract] string[] GetOper...
I am trying to add to the authentication system provided in the Silverlight 4 business template as my model does not completely fit that provided in the template. I have an existing web service that performs my authentication and provides roles and also permitted operations for each role. This is the model provided by AzMan/Authenticatio...