AzMan Videos


The MS Developer and Platform Evangelism team has produced a series of AzMan developer Web Casts hosted by Keith Brown, check out the first of the four part series:


https://channel9.msdn.com/Showpost.aspx?postid=289062


 


Watch Donovan’s blog for news on the rest of the series; http://blogs.msdn.com/donovanf/


 


 


Here’s some additional video resources I’ve been remiss in not listing.


ADFS/AzMan .Net Show


A discussion on ADFS and Authorization Manager


http://msdn.microsoft.com/theshow/episode.aspx?xml=theshow/en/Episode047/manifest.xml


 


 


ISV Chalk Talk – Windows Authorization Manager


An introductory interview about AzMan.


http://www.microsoft.com/downloads/thankyou.aspx?familyId=4773b5c8-e9ee-49a8-81c9-2f3bd3994f3a&displayLang=en


 


Enjoy,


-Dave


Comments (2)

  1. Dan Finucane says:

    I really like the development model enabled by AzMan.  Specifically I like securing my code at the operation level and letting AzMan decide who can execute it.  It makes my code resiliant and allows an administrator to change their authorization model for the application without requiring code changes.

    I wrote an ASP.NET 1.1 HttpModule that utilized AzMan to ‘demand’ that the logged on user had the right to perform all the operations required of the ASP.NET page.  If the user did have the right then the module allowed the page to execute otherwise a SecurityException was thrown.  I used custom Attribute derived classes to decorate ASP.NET page classes with all the required operations.

    The thing that bothers me is that AzMan doesn’t have a very good ASP.NET 2.0 story.  You can’t secure your application with operations, as I describe above, and take advantage of any of the ASP.NET 2.0 controls which all seem to be ‘role based’.  The ‘Role based’ model isn’t nearly as powerful as the ‘operation based’ model.  Do you have any plans to improve support for using AzMan in ASP.NET applications?

    Thanks.

  2. davemm says:

    Hi Dan,

    To clarify, you can use AzMan via the PIA and use operations etc. But through the ASP.NET Role Manager AzMan provider you cannot (as that model only supports roles as sets of users.) A more natural managed solution for AzMan is being considered. If you don’t like interop, you may find the enterprise libs useful. See the whitepaper (see post below) for info on that.

    Thanks,

    Dave

Skip to main content