Migration Security Issues
This topic covers various security-related issues that you might encounter during migration to Commerce Server 2007.
Migration to the Authorization Manager security model
Commerce Server 2007 uses the Windows Server Authorization Manager security model to set permissions for business user roles. With the role-based access control in Authorization Manager, you can specify access control according to the organizational structure of your company.
Migrating security permissions from earlier versions of Commerce Server is a manual process. You must use Windows Authorization Manager (AzMan) to re-create security permissions as defined in Business Desk Security. In Authorization Manager, Application Groups are populated using existing Windows users or groups, or by nesting Application Groups that have been defined in AzMan.
For more information about how to use Authorization Manager, see https://go.microsoft.com/fwlink/?linkid=68223 on the Microsoft Patterns and Practices Web site. For information about Microsoft authorization technologies, see the https://go.microsoft.com/fwlink/?linkid=68232 documentation on the MSDN Web site.
Error loading ISAPI filter after upgrading
If you upgrade to Commerce Server 2007 from an earlier version of Commerce Server, and if you use the AuthFilter ISAPI filter to manage user authentication in your Web application, the Web application and associated Web services might fail if IIS cannot find the AuthFilter DLL (siteauth.dll). If this error occurs, you will see the following event message in the event log:
Could not load all ISAPI filters for site/service. Therefore startup aborted.
To correct this error, follow these steps.
To use IIS Manager to provide the correct path of the AuthFilter DLL (siteauth.dll)
In IIS Manager, right-click the site to update, and then click Properties.
In the Site Properties dialog box, click the ISAPI Filters tab.
On the ISAPI Filters tab, select the AuthFilter filter and then click Edit.
In the Add/Edit Filter Properties dialog box, click Browse, and locate the associated executable file (siteauth.dll).
Click OK.