dynamic tools for .net developers™  LaMarvin Home
home » constable » features » xml schema
separator
« back (constable)
separator
overview
separator
what's new
separator
features
separator
  » policy design
separator
  » xml schema
separator
  » documentation
separator
  » compatibility
separator
  » licensing
separator
tutorial
separator
faq
separator
requirements
separator
downloads
separator
buy
separator

CAZE product box

CAZE authorization policy XML schema

The schema of an XML authorization policy string is very simple; the string consists of one root authorizationPolicy element with nested role, state, action, property, actionRule and propertyRule elements: 
<authorizationPolicy>

  <!-- Roles -->
  <role id="Author" />
  ...
  
  <!-- States -->
  <state id="None" />
  <state id="New" 
     name="New document" 
     description="Newly created document (not in the database yet)" />
  ...
  
  <!-- Actions -->
  <action id="Create" />
  ...
  
  <!-- Properties -->
  <property id="Title" />
  ...
  
  <!-- Action authorization rules -->
  <actionRule 
     action="Create" role="Author" state="None" targetState="New" />
  ...
  
  <!-- Property authorization rules -->
  
  <propertyRule 
     property="Content" role="Author" state="New" isEnabled="false" />
  ...
		
</authorizationPolicy>
The role, state, action and property elements have the required id attribute and the optional name and description attributes. These attributes correspond to the same-name properties defined on the corresponding Role, State, Action and Property classes.

The role element can contain additional type attribute, whose value can be as follows:

Value Description
(attribute missing or an empty string) Indicates that the base Role class will be instantiated when the policy will be loaded from the XML string.
windows Indicates that the WindowsRole class will be instantiated when the policy will be loaded from the XML string. The role element must contain additional windowsGroupName attribute, whose value will be used to initialize the WindowsGroupName property, for example:
<role id="Author" type="windows" windowsGroupName="{DOMAIN}\Domain Users"/>
comPlus Indicates that the ComPlusRole class will be instantiated when the policy will be loaded from the XML string. The role element must contain additional comPlusRoleName attribute, whose value will be used to initialize the ComPlusRoleName property, for example:
<role id="Reviewer" type="comPlus" comPlusRoleName="COM+ Admins" />

The actionRule and propertyRule elements reference actions and properties and link them with roles and states. The rule elements can contain additional isEnabled and isVisible boolean attributes with semantics defined by the corresponding RuleBase.IsEnabled and RuleBase.IsVisible properties, respectively.

Here is a XSD schema file defining the structure of CAZE authorization policy XML files.

© 2002-2007 LaMarvin. All Rights Reserved.     [Terms of use]     [Privacy] This site doesn't open new browser windows.