Introduction to the Security Application Block
| Retired Content |
|---|
This content is outdated and is no longer being maintained. It is provided as a courtesy for individuals who are still using these technologies. This page may contain URLs that were valid when originally published, but now link to sites or pages that no longer exist. |
| The latest Enterprise Library information can be found at the Enterprise Library site. |
The Microsoft Enterprise Library Security Application Block helps developers implement common authorization-related functionality in their applications. Applications can use the Security Application Block to support authorization and to cache a user's authorization and authentication data. Together with the Microsoft .NET Framework 2.0 features, developers can easily implement common security-related functionality.
The Security Application Block has the following features:
- It reduces the requirement to write boilerplate code to perform standard tasks.
- It helps maintain consistent security practices, both within an application and across the enterprise.
- It eases the learning curve for developers by using a consistent architectural model across the various areas of functionality provided.
- It provides implementations that you can use to solve common application security problems
- It is extensible; it supports custom implementations of security providers.
Common Scenarios
Developers frequently write applications that must authorize users using one or more security providers such as Microsoft Active Directory directory service, Authorization Manager, Active Directory Application Mode (ADAM), and custom authorization providers. These applications may also need to cache authentication or authorization data for the duration of a logon session.
The Security Application Block simplifies these tasks by handling them in a consistent manner, abstracting the application code from the specific security providers. You can even change underlying providers through configuration changes without changing the underlying application code.
The Security Application Block provides code that will help you with the following scenarios:
- Authorization
- Caching security-related credentials
Example Application Code
The following code shows how to determine if a user is authorized to perform a task.
Audience Requirements
This guide is intended for software architects and software developers. To benefit fully from this guide, you should have an understanding of the following technologies:
- Microsoft Visual Studio 2005 development system (any of the following editions): Visual Studio 2005 Professional Edition, Visual Studio 2005 Team System Edition, Visual Studio 2005 Standard Edition
- .NET Framework version 2.0
Migrating From Enterprise Library June 2005
The Security Application Block – January 2006 supports user authorization and security-related caching. The functionality that was in earlier releases of the application block that supported authenticating a user and setting and retrieving role and profile information are no longer a part of the application block. Instead, use the .NET Framework 2.0 to implement these features.
- You can now implement authentication with the classes in the .NET Framework System.Web.Security namespace. If your application uses the Security Application Block to implement authentication, you should revise your code to use the .NET Framework 2.0 System.Web.Security.Membership class. The following code is an example of how to use this class to see if a user has been authenticated.
- Profiles are now supported in the .NET Framework System.Web.Profile namespace. You should revise any code that used the Security Application Block to read and write profile information to use the .NET Framework 2.0 System.Web.Profile.ProfileBase class. The following code shows how to write and read profile information for a user.
- Roles are now supported in the .NET Framework System.Web.Security namespace. You should revise your code that uses the Security Application Block to obtain roles for a user to now use the .NET Framework 2.0 System.Web.Security.Roles class. The following code shows how to retrieve a list of roles that a user is in.
Configuration data is treated differently in Enterprise Library – January 2006 than in earlier releases. This affects all application blocks, including the Security Application Block. You must perform the following tasks when you upgrade your application to Enterprise Library – January 2006:
- Migrate existing configuration information. The Enterprise Library – June 2005 release stored the Security Application Block configuration data in a location separate from the application configuration file. By default, this location was the securityConfiguration.config file. With this release, the default location for application block configuration data is the application configuration file. For a description of how to migrate your existing configuration information for use with Enterprise Library – January 2006, see Migration Information.
- Migrate custom providers. You must update any custom providers to reflect how the Enterprise Library – January 2006 release passes configuration information to providers.
System Requirements
The requirements for the Security Application Block are the following:
- Microsoft Windows 2000, Windows XP Professional, or Windows 2003 operating system
- Microsoft .NET Framework 2.0
- Microsoft Visual Studio 2005 development system (any of the following editions):
- Microsoft Visual Studio 2005 Standard Edition
- Microsoft Visual Studio 2005 Professional Edition
- Microsoft Visual Studio 2005 Team Edition for Software Developers
- Microsoft Visual Studio 2005 Team Edition for Software Testers
- Microsoft Visual Studio 2005 Team Edition for Software Architects
- Microsoft Visual Studio 2005 Team Suite
Note:
|
|---|
| The Security Application Block Authorization Manager provider requires Authorization Manager and the AzMan primary interop assembly. Authorization Manager is included with Microsoft Windows 2000 Server with Service Pack 4 and Microsoft Windows Server 2003. You can install Authorization Manager on Microsoft Windows XP by installing the Windows Server 2003 Administration Tools Pack. For information about how to install and use Authorization Manager and the primary interop assembly, see How To: Use Authorization Manager (AzMan) with ASP.NET 2.0. |
Security Application Block Dependencies
The Security Application Block depends on the following code that is included in the Enterprise Library:
- Core library functionality. The Enterprise Library Core provides services, such as instrumentation and configuration, and is a shared dependency of all Enterprise Library application blocks. The core library functionality is contained in the assembly Microsoft.Practices.EnterpriseLibrary.Common.dll.
-
The ObjectBuilder subsystem. The ObjectBuilder subsystem performs all of the repetitive and necessary tasks for creating and disposing of object instances, while still providing a high level of flexibility. Enterprise Library uses the ObjectBuilder subsystem for tasks such as injecting configuration into block classes and connecting instrumentation classes to application blocks. The ObjectBuilder subsystem is contained in the assembly Microsoft.Practices.ObjectBuilder.dll.
Depending on the specific functionality you require from the Security Application Block, you may also require the following application block contained in the Enterprise Library:
- The Caching Application Block. The Security Application Block uses the Caching Application Block to cache security information and then retrieve it when required. You can replace the Caching Application Block with your own caching provider. Depending on how you configure the Caching Application Block, you may also require the Data Access Application Block. For more information, see the Caching Application Block documentation.
The recommended way to modify the configuration settings for the Security Application Block is to use the Enterprise Library Configuration Console.
Security Application Block Documentation
Together with the introduction, the documentation contains the following topics:
- Design of the Security Application Block. This topic explains the decisions that went into designing the application block and the rationale behind those decisions.
- Developing Applications with the Security Application Block. This topic explains how to download and install the application block so you can use it in your applications. It also is divided into several subsections. The first subsection, Entering Configuration Information, demonstrates how to configure the application block to perform common tasks. The next subsection, Key Scenarios, demonstrates how to use the application block to perform the most typical security operations.
- Extending and Modifying the Security Application Block. This topic explains how to extend the application block by creating your own providers and how to modify the source code.
- Deployment and Operations. This topic explains how to deploy and update the application block's assemblies and also contains information about configuration.
- QuickStarts. This topic explains how to install and configure the QuickStart applications and contains a series of walkthroughs that demonstrate how to incorporate common security operations into an application.
For more information, see the following patterns & practices guides:
- Application Architecture for .NET: Designing Applications and Services
- .NET Security Architecture Guide
- Exception Management Architecture Guide
| Retired Content |
|---|
This content is outdated and is no longer being maintained. It is provided as a courtesy for individuals who are still using these technologies. This page may contain URLs that were valid when originally published, but now link to sites or pages that no longer exist. |
| The latest Enterprise Library information can be found at the Enterprise Library site. |