Problems using Azman groups

  • Thread starter Patrick Allmond - Focus Consulting Inc
  • Start date
P

Patrick Allmond - Focus Consulting Inc

I am using AzMan and XML to do role, group and operation validation. This is
all new to me, and I am working in VB. My application is using Windows
Authentication. I have several questions:

1. When trying to authenticate that the current user has access to an
operation I use this code:
Results = clientContext.AccessCheck("Object Being Audited Goes Here",
Nothing, Operations, Nothing, Nothing, Nothing, Nothing, Nothing)
(Operations is one element array with the operation id I want to check).
After this call results(0) contains a 0 or 5. What are those supposed to
translate to ? It looks like a 5 means the person is not authorized for the
operation and a 0 means that they are. But I cannot find any good
documentation on what a 5 vs a 0 means.

2. Roles: I cannot get anything to work when it comes to role validation. A
simple call such as:
Dim temp() As String
temp = Roles.GetAllRoles()

results in:
Unknown name. (Exception from HRESULT: 0x80020006 (DISP_E_UNKNOWNNAME

I am pretty sure my web.config it set up correct but we can review if
needed. I think it is OK because (as indicated in #1) I can check
operations... somewhat.

Thanks,
Patrick
 
M

[MSFT]

Hello Patrick,

Here is the document for AccessCheck function:

http://msdn.microsoft.com/library/default.asp?url=/library/en-us/secauthz/se
curity/iazclientcontext_accesscheck.asp

And '5' measn ERROR_ACCESS_DENIED.

Error code list:

http://msdn.microsoft.com/library/default.asp?url=/library/en-us/debug/base/
system_error_codes__0-499_.asp

And here is a sample for using azman in ASP.NET.

http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnpag2/html
/paght000019.asp

Hope this help,

Luke
 
P

Patrick Allmond - Focus Consulting Inc

Luke,

Thanks for links - I've been at the AccessCheck one for two weeks. The last
link you send me to only works for checking operations. From there there is
a link that gives you some sample of checking roles via Azman using ADAM and
XML. That is where I am having a problem.

Whenever I check the role using the example I get an exception like the one
I listed. I cannot seem to find much help on this.

Do you think the fact that I am using Azman

Patrick
 
D

Dominick Baier [DevelopMentor]

Hello [MSFT],

sorry - but you can't be serious giving the advice that the application should
run as admin???

Check if the account ASP.NET runs under is in the "reader" role in AzMan
- you can set that in the AzMan MMC und store properties.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Members online

No members online now.

Forum statistics

Threads
473,995
Messages
2,570,230
Members
46,818
Latest member
Brigette36

Latest Threads

Top