Authorization Interfaces
The following interfaces are used with authorization applications.
In this section
| Topic | Description |
|---|---|
|
Defines an installed instance of an application. An IAzApplication object is created when an application is installed. | |
|
Inherits from the IAzApplication interface and implements additional methods to initialize IAzClientContext2 objects. | |
|
Provides methods to manage IAzRoleAssignment, IAzRoleDefinition, and IAzScope2 objects. | |
|
Represents a collection of IAzApplication objects. | |
|
Defines a collection of principals. | |
|
Extends the IAzApplicationGroup interface by adding support for the BizRule group type. | |
|
Represents a collection of IAzApplicationGroup objects. | |
|
Defines the container that is the root of the authorization policy store. | |
|
Inherits from the AzAuthorizationStore object and implements methods to create and open IAzApplication2 objects. | |
|
Extends the IAzAuthorizationStore2 interface with methods that manage business rule (BizRule) support and caching. | |
|
Contains information about a Business Rule (BizRule) operation. | |
|
Provides methods and properties used to manage a list of IDispatch interfaces that can be called by business rule (BizRule) scripts. | |
|
Provides methods and properties used to manage a list of parameters that can be passed to business rule (BizRule) scripts. | |
|
Maintains the state that describes a particular client. | |
|
Inherits from the IAzClientContext interface and implements new methods that manipulate the client context. | |
|
Extends the IAzClientContext2 interface. | |
|
Translates security identifiers (SIDs) into principal display names. | |
|
Displays a dialog box that allows users to select one or more principals from a list. | |
|
Defines a low-level operation supported by an application. | |
|
Extends the IAzOperation with a method that returns the role assignments associated with the operation. | |
|
Represents a collection of IAzOperation objects. | |
|
Locates and chooses Active Directory Application Mode (ADAM) principals in Authorization Manager. | |
|
Defines the set of operations that can be performed by a set of users within a scope. | |
|
Represents a role to which users and groups can be assigned. | |
|
Represents a collection of IAzRoleAssignment objects. | |
|
Represents one or more IAzRoleDefinition, IAzTask, and IAzOperation objects that specify a set of operations. | |
|
Represents a collection of IAzRoleDefinition objects. | |
|
Represents a collection of IAzRole objects. | |
|
Defines a logical container of resources to which the application manages access. | |
|
Extends the IAzScope interface to manage IAzRoleAssignment and IAzRoleDefinition objects. | |
|
Represents a collection of IAzScope objects. | |
|
Describes a set of operations. | |
|
Extends the IAzTask interface with a method that returns the role assignments associated with the task. | |
|
Represents a collection of IAzTask objects. | |
|
Initializes a system service object to install an ActiveX object when the current user does not have permission to install the object. | |
|
Called by the IeAxiSystemInstaller interface to verify that an ActiveX object can be installed. | |
|
Installs an ActiveX object. | |
|
Provides a means to determine effective permission for a security principal on an object. | |
|
Provides a way to determine effective permission for a security principal on an object. | |
|
Enables the access control editor to communicate with the caller of the CreateSecurityPage and EditSecurity functions. | |
|
Enables the access control editor to obtain information from the client that is not provided by the ISecurityInformation interface. | |
|
Provides methods necessary for displaying an elevated access control editor when a user clicks the Edit button on an access control editor page that displays an image of a shield on that Edit button. | |
|
Enables the access control editor (ACE) to obtain the share's security descriptor to initialize the share page. | |
|
Provides a means of determining the source of inherited access control entries (ACEs) in discretionary access control lists (DACLs) and system access control lists (SACLs). |
Authorization interfaces are categorized according to usage as follows:
Access Control Editor Interfaces
The following interfaces are used with the access control editor.
- IEffectivePermission
- ISecurityInformation
- ISecurityInformation2
- ISecurityInformation3
- ISecurityObjectTypeInfo
ActiveX Installer Interfaces
ActiveX Installer provides the following interfaces.
Authorization Manager Interfaces
Authorization Manager provides the following interfaces.
- IAzApplication
- IAzApplication2
- IAzApplication3
- IAzApplications
- IAzApplicationGroup
- IAzApplicationGroup2
- IAzApplicationGroups
- IAzAuthorizationStore
- IAzAuthorizationStore2
- IAzAuthorizationStore3
- IAzBizRuleContext
- IAzBizRuleInterfaces
- IAzBizRuleParameters
- IAzClientContext
- IAzClientContext2
- IAzClientContext3
- IAzNameResolver
- IAzObjectPicker
- IAzOperation
- IAzOperation2
- IAzOperations
- IAzPrincipalLocator
- IAzRole
- IAzRoleAssignment
- IAzRoleAssignments
- IAzRoleDefinition
- IAzRoleDefinitions
- IAzRoles
- IAzScope
- IAzScope2
- IAzScopes
- IAzTask
- IAzTask2
- IAzTasks