AzMan Provider missing from Security Application Block

Topics: Security Application Block
Mar 15, 2007 at 9:13 PM
Is there support for using AzMan in the 2.0 Enteprise Library Security Block?

The documentation says there is, but when I attempt to create an app.config that supports AzMan, there's no option to do so.

Mar 15, 2007 at 9:20 PM
It's there in the source tree, but the project is not in the default EnterpriseLibrary.*.sln files. We did this deliberately as the project will fail to compile if you don't have the AzMan components installed.

Tom
Mar 16, 2007 at 10:05 PM
Our company has standardized on AzMan and we are doing a review of the Enterprise Library 2.0 as part of our .NET 2.0 - 3.0 review.

I found the \Program Files\Microsoft Enterprise Library January 2006\src\Security\AzMan folder. It appears to contain "Security.AzMan.csproj".

I we were to deploy the Ent. Lib. and wanted to include the AzMan support, what's the easiest way to get this support back into the Security Application Block?

Just drag the project over to the solution?

Will the Enterpise Configuration tool then recognize the AzMan support?

Thanks.
Mar 16, 2007 at 11:38 PM
Edited Mar 16, 2007 at 11:39 PM
You could add the Security.AzMan and Security.AzMan.Design projects to your main EntLib solution if you want, or just compile them from the Security.sln solution. Once compiled, you need to copy the two DLLs into the config tool's bin folder - you can do this manually or with the CopyAssemblies.bat script.

Tom
Mar 21, 2007 at 4:26 PM
Edited Mar 21, 2007 at 4:33 PM
Thanks for the info.

I had to create some documentation on using the Enterprise Library so I will post part of the information here in case someone else needs it.

Adding Support for Authorization Manager (AzMan)


To use AzMan with the Enterprise Library, the development environment must be installed on a machine that also has AzMan installed. AzMan is installed by default on Windows 2003 Server. There should be an entry for “Authorization Manager” in the Administrative Tools program list or folder. The AzMan MMC snap in should be available from any machine with AzMan already installed.

In order to add support for AzMan into the main Enterprise Library or into the Security application block, two additional projects must be added into the solution.

The additional projects are located in the “AzMan” folder under the source code folder (src) under “security” under the main Enterprise Library folder.

Example: C:\Program Files\Microsoft Enterprise Library January 2006\src\Security\AzMan

The two projects are:

Project Location
Security.AzMan.csproj C:\Program Files\Microsoft Enterprise Library January 2006\src\Security\AzMan
Security.AzMan.Configuration.Design.csproj C:\Program Files\Microsoft Enterprise Library January 2006\src\Security\AzMan\Configuration\Design

The two projects can be added to EnterpriseLibrary.sln under the Security Folder.

The solution will not build, however, until the reference to Microsoft.Interop.Security.AzRoles.dll is corrected.

Please review the following article from Microsoft concerning the AzMan interop DLL and the azroles COM dll.
http://www.microsoft.com/technet/security/guidance/identitymanagement/idmanage/P3ASPD_4.mspx?mfr=true

Using the Enterprise Configuration Tool for AzMan Support


The Enterprise Configuration Tool can be used to create an application config tailored for use with the Security Application Block.

To allow the Enterprise Configuration tool supplied with the Enterprise Library to create settings for AzMan, two dlls must be copied into the C:\Program Files\Microsoft Enterprise Library January 2006\bin folder.

  1. Microsoft.Practices.EnterpriseLibrary.Security.AzMan.dll
  2. Microsoft.Practices.EnterpriseLibrary.Security.AzMan.Configuration.Design.dll

Note: The documentation supplied with the Enterprise Library supplies the steps needed to add Security Application Block support to an app.config.

May 7, 2007 at 8:32 PM
This question is related to the same issue of using AzMan with the Security Application Block.
Currently, we have a lot applications and our security department is tired to have to mantain different applications to provide access to the users to the app as well as set the authorization level. So, the idea is to have only one place where they will grant access to users as well as let them authorize to some parts of the application.
I know we could user AzMan with the Security Application Block. But, I am concern with the following:
- I read that the store could get corrupted by having concurrency going on in the store.
- Performance issues.
So, please I need some light on these concerns and if possible how I solve this issues.
Thanks in advance