Authorization Manager Model
Authorization Manager provides a flexible framework for integrating role-based access control into applications. It enables administrators who use those applications to provide access through assigned user roles that relate to job functions.
Authorization Manager applications store authorization policy in the form of authorization stores that are stored in Active Directory or XML files and apply authorization policy at run time.
Applications then call a run-time access check method that checks access against the policy information in the authorization store.
Authorization policy includes the following parts:
- Policy Stores, Applications, and Scopes
- Users and Groups
- Operations and Tasks
- Roles
- Business Rules
- Collections