|
Wednesday, September 17, 2003 |
|
Microsoft Authorization Manager. While researching a potential tool for limiting IIS administrators access to specific sites I stumbled across this excellent webcast describing Microsoft's Authorization Manager. This looks like a great tool for applying role-based security to specific operations within an application. Authorization Manager provides a centralized location for storing application, task, operation, and role information (in ActiveDirectory or a local XML file) as well as a small set of APIs that the application employs to open the authorization store and to check if a user is authorized to perform a requested operation. Very nice. So does IIS Admin already support these APIs? Microsoft is not saying they do, or even hinting it. I expect that to achieve my desired functionality I will have to write an IIS Administrator equivalent (for the operations I want to support, at least). I am not crazy about doing this so I'll have to give the idea some more thought. |
