Authorization Manager Policy Access

After you unpack the Business Management applications, the authorization policies are extracted as the following files:

  • CatalogAuthorizationStore.xml

  • MarketingAuthorizationStore.xml

  • ProfilesAuthorizationStore.xml

  • OrdersAuthorizationStore.xml

In order to update the catalog scopes in the policies dynamically, for example, when the user creates or deletes a catalog, you must assign the ASP.NET worker process write access to the authorization policy files.

You can use a different authorization policy by changing the authorizationPolicyPath attribute in the Web.config file that is associated with the Business Management Web service as shown in the following example:

<CommerceServer>
<catalogWebService siteName="CSharpSite" authorizationPolicyPath="CatalogAuthorizationStore.xml" debugLevel="Production" fileUploadDirectory="%windir%\temp" maxChunkSize="1024" maxUploadFileSize="204800" timeOutHours="24" enableInventorySystem="true" disableAuthorization="false">
</catalogWebService>
</CommerceServer>

In This Section