Extending AuthorizationProvider

Topics: Building and extending application blocks, Security Application Block
Apr 6, 2009 at 7:52 PM
All,

I have extended the AuthorizationProvider and have copied the AuthorizationRuleProvider code to this just to see if it will work. However, for some reason, it will not come back. I added this to the configuration:

<securityConfiguration defaultAuthorizationInstance="CustomRuleProvider" defaultSecurityCacheInstance="" >
    <
authorizationProviders>
        <
add type="Amphire.Storefront.WebApplication.Providers.CustomAuthorizationRuleProvider, Amphire.Storefront.WebApplication" name="CustomRuleProvider">

My code looks like this:

[

ConfigurationElementType(typeof(AuthorizationRuleProviderData))]
public class CustomAuthorizationRuleProvider : AuthorizationProvider
{

 

 

private readonly IDictionary<string, IAuthorizationRule> authorizationRules;
private NameValueCollection _collection;

 

 

public CustomAuthorizationRuleProvider(NameValueCollection collection)
{
    _collection = collection;
}

 

 

public CustomAuthorizationRuleProvider(IDictionary<string, IAuthorizationRule> authorizationRules)
{

 

 

if (authorizationRules == null)
{
    
throw new ArgumentNullException("authorizationRules");
}

 

 

this.authorizationRules = authorizationRules;

 

}

 

public override bool Authorize(IPrincipal principal, string context)
{
    if (principal == null)
    {    
        
throw new ArgumentNullException("principal");
    }

 

 

if (string.IsNullOrEmpty(context))

 

{

 

throw new ArgumentNullException("context");

 

}

 

base.InstrumentationProvider.FireAuthorizationCheckPerformed(principal.Identity.Name, context);

 

 

BooleanExpression parsedExpression = this.GetParsedExpression(context);

 

 

if (parsedExpression == null)

 

{

 

throw new InvalidOperationException(string.Format(CultureInfo.InvariantCulture, "Rule was not found: {0}", context));

 

}

 

bool flag = parsedExpression.Evaluate(principal);

 

 

if (!flag)

 

{

 

base.InstrumentationProvider.FireAuthorizationCheckFailed(principal.Identity.Name, context);

 

}

 

return flag;

 

}

 

private BooleanExpression GetParsedExpression(string ruleName)

 

{

 

IAuthorizationRule rule = null;

 

 

this.authorizationRules.TryGetValue(ruleName, out rule);

 

 

if (rule == null)

 

{

 

return null;

 

}

 

string expression = rule.Expression;

 

 

Parser parser = new Parser();

 

 

return parser.Parse(expression);

 

}

 

 

}



If I call it like this, I get the AuthorizationRuleProvider back, not the CustomAuthorizationRuleProvider which I expect to get back:

IAuthorizationProvider

 

provider = AuthorizationFactory.GetAuthorizationProvider("CustomRuleProvider");

 

Thanks for any input. I have read other threads and didn't find any information that was helpful.

Mike

 

 


 

 

Apr 7, 2009 at 8:07 AM

Hi,

IMHO, that should be the expected behavior since you are getting the instance thru the factory which is the AuthorizationFactory.GetAuthorizationProvider .

Valiant Dudan
Global Technology & Solutions
Avanade, Inc.
entlib.support@avanade.com