Authorization Manager Policy Access
Commerce Server 2009
After you unpack the Business Management applications, the authorization policies are extracted as the following files:
-
CatalogAuthorizationStore.xml
-
MarketingAuthorizationStore.xml
-
ProfilesAuthorizationStore.xml
-
OrdersAuthorizationStore.xml
In order to update the catalog scopes in the policies dynamically, for example, when the user creates or deletes a catalog, you must assign the ASP.NET worker process write access to the authorization policy files.
You can use a different authorization policy by changing the authorizationPolicyPath attribute in the Web.config file that is associated with the Business Management Web service as shown in the following example:
<CommerceServer> <catalogWebService siteName="CSharpSite" authorizationPolicyPath="CatalogAuthorizationStore.xml" debugLevel="Production" fileUploadDirectory="%windir%\temp" maxChunkSize="1024" maxUploadFileSize="204800" timeOutHours="24" enableInventorySystem="true" disableAuthorization="false"> </catalogWebService> </CommerceServer>
Show: