When ASP.NET hosts a Web service, you can integrate Authorization Manager into the application to provide authorization to the service. Authorization Manager enables an application developer to define individual operations, which can be grouped together to form tasks. An administrator can then authorize roles to perform specific tasks or individual operations. Authorization Manager provides an administration tool as a Microsoft Management Console (MMC) snap-in to manage roles, tasks, operations, and users. Administrators configure an Authorization Manager policy store in an XML file, Active Directory, or in an Active Directory Application Mode (ADAM) store.
Authorization Manager is Integrated into the application by configuring the Authorization Manager ASP.NET role provider for the ASP.NET application that is hosting the Web service. Like other ASP.NET role providers, the Authorization Manager ASP.NET role provider is configured using the <
The following code example is a portion of a configuration file for a Web service that is integrating Authorization Manager into the application.
<system.web> <roleManager enabled="true" defaultProvider="AzManRoleProvider"> <providers> <add name="AzManRoleProvider" type="System.Web.Security.AuthorizationStoreRoleProvider, System.Web, Version=188.8.131.52, Culture=neutral, publicKeyToken=b03f5f7f11d50a3a" connectionStringName="AzManPolicyStoreConnectionString" applicationName="SecureService"/> </providers> </roleManager> </system.web>
For more information about integrating an ASP.NET role provider with a WCF application, see How to: Use the ASP.NET Role Provider with a Service. For more information about using Authorization Manager with ASP.NET, see How to: Use Authorization Manager (AzMan) with ASP.NET 2.0.