How to assign the current principal with IAuthorizationPolicy to allow authorization using custom authentication

J.D. Meier, Jason Taylor, Prashant Bansode, Carlos Farre, Madhu Sundararajan, Steve Gregersen.

If you application stores authorization data in a custom store such as a SQL Server database, you can create a custom authorization policy. Custom authorization policies implement a class derived from IAuthorizationPolicy along with an Evaluate method that you can customize for your user authorization policy.

The Policy library is configured in the web.config or app.config configuration file or in code. The following example configures the policy location in the config file. Define the custom authorization policy type in the add element policyType attribute.
<serviceAuthorization serviceAuthorizationManagerType="Microsoft.ServiceModel.Samples.MyServiceAuthorizationManager, service">
<!-- The serviceAuthorization behavior allows one to specify custom authorization policies. -->
<authorizationPolicies>
<add policyType="Microsoft.ServiceModel.Samples.CustomAuthorizationPolicy.MyAuthorizationPolicy, PolicyLibrary" />
</authorizationPolicies>
</serviceAuthorization>

Additional Resources

Last edited May 8, 2008 at 12:58 AM by prashantbansode, version 1

Comments

No comments yet.