Determining Whether a User is Authorized to Perform a Task

Retired Content

This content is outdated and is no longer being maintained. It is provided as a courtesy for individuals who are still using these technologies. This page may contain URLs that were valid when originally published, but now link to sites or pages that no longer exist.

The latest Enterprise Library information can be found at the Enterprise Library site.

A common security task is to authorize users to perform tasks.

Typical Goals

In this scenario, you must determine when a user is authorized to perform a task, based on the user identity, role information, and any authorization rules that are specified.

Solution

Retrieve the identity, role, and rule information to be used for the user. Create a GenericPrincipal object for the user. Create an authorization provider by calling the static GetAuthorizationProvider method on AuthorizationFactory. Call the Authorize method on the authorization provider.

QuickStart

For an extended example of how to use the Authorize method with the AuthorizationRuleProvider to determine whether a user is authorized to perform a task, see Walkthrough: Determine Whether a User is Authorized to Perform a Task.

Using Authorize

The following code shows how to use the Authorize method.

IPrincipal principal = new GenericPrincipal(new GenericIdentity("Username"), new string[]{"Manager"});

IAuthorizationProvider ruleProvider = AuthorizationFactory.GetAuthorizationProvider("RuleProvider");

// Determine whether user is authorized for the rule defined as "Print Document".
bool authorized = ruleProvider.Authorize(principal, "Print Document"); 

Usage Notes

The Security Application Block is designed to use either the AzManAuthorizationProvider or the AuthorizationRuleProvider. With the authorization request, supply the context for authorization. Typically, this is an access request or a request to perform an action.

Retired Content

This content is outdated and is no longer being maintained. It is provided as a courtesy for individuals who are still using these technologies. This page may contain URLs that were valid when originally published, but now link to sites or pages that no longer exist.

The latest Enterprise Library information can be found at the Enterprise Library site.
Show: