Source Schema for the Security Application Block
This topic lists the XML elements and attributes used to configure the Security Application Block. You can manually edit the XML data, but the Enterprise Library configuration tools greatly simplify this task. If you choose to manually edit the XML, use the schema information contained in this topic.
The configuration file has the following section-handler declaration.
<configSections>
<section name="securityConfiguration"
type="Microsoft.Practices.EnterpriseLibrary.Security.Configuration.SecuritySettings,
Microsoft.Practices.EnterpriseLibrary.Security" />
</configSections>
The section-handler declaration contains the name of the configuration settings section and the name of the section-handler class that processes configuration data in that section. The name of the configuration settings section is securityConfiguration. The name of the section-handler class is Microsoft.Practices.EnterpriseLibrary.Security.Configuration.SecuritySettings.
securityConfiguration Element
The securityConfiguration element specifies the configuration of a Security Application Block. This element is required.
Attributes and Child Elements
The following sections describe the attributes and child elements of the securityConfiguration element.
Attributes
The following table lists the attributes for the securityConfiguration element.
Attribute |
Description |
|---|---|
defaultAuthorizationInstance |
The authorization instance to use if none is specified in the code. This attribute is optional. |
defaultSecurityCacheInstance |
The security caching instance to use if none is specified in the code. This attribute is optional. |
authorizationProviders Child Element
The authorizationProviders element is a child of the securityConfiguration element. It lists the authorization providers that can be used by the application. This element is optional.
add Child Element
The add element is a child element of the authorizationProviders element. The add element adds the name of an authorization provider. This element is optional. There can be multiple add elements.
Attributes
The following table lists the attributes for the add element.
Attribute |
Description |
|---|---|
name |
The name of the authorization provider. The name must be unique within the section. This attribute is required. |
type |
The type name of a class that derives from the AuthorizationProvider class. This attribute is required for this provider. |
storeLocation |
The location of the authorization store, Active Directory, or XML file. This attribute applies to the AzManAuthorizationProvider class. This attribute is required for this provider. |
application |
The name of the Authorization Manager (AzMan) application. This attribute applies to the AzManAuthorizationProvider class. It is optional. |
scope |
An optional name for the AzMan application scope. This attribute applies to the AzManAuthorizationProvider class. It is optional. |
auditIdentifierPrefix |
Audit identifier prefix to append to the generated audit identifier. This attribute applies to the AzManAuthorizationProvider class. This attribute is required for this provider. |
rules Child Element
The rules element is a child of the add element. It lists the authorization rules for the provider. This element applies to the AuthorizationRuleProvider class. It is required.
add Child Element
The add element is a child of the rules element. It adds a rule. This element applies to the AuthorizationRuleProvider class. It is optional. There can be multiple add elements.
Attributes
The following table lists the attributes for the add element.
Attribute |
Description |
|---|---|
name |
The name of the rule. This attribute applies to the AuthorizationRuleProvider class. The name must be unique in the section. This attribute is required for this provider. |
expression |
The authorization rule. This attribute applies to the AuthorizationRuleProvider class. The expression must be a string containing a Boolean predicate. This attribute is required for this provider. |
securityCacheProviders Child element
The securityCacheProviders element is a child of the securityConfiguration element. It lists the security caching providers that can be used by the application. This element is optional.
add Child Element
The add element is a child element of the securityCacheProviders element. The add element adds the name of a security caching provider. This element is optional. There can be multiple add elements.
Attributes
The following table lists the attributes for the add element.
Attribute |
Description |
|---|---|
name |
The name of the security caching provider. The name must be unique within the section. This attribute is required. |
type |
The type name of a class that derives from the CachingStoreProvider class. This attribute is required. |
defaultSlidingSessionExpirationInMinutes |
This attribute specifies if the security information added to the cache will expire after the specified time has elapsed from when the cache item was last accessed. The default time is 10 minutes. |
defaultAbsoluteSessionExpirationInMinutes |
This attribute specifies if the security information added to the cache will expire after the specified time has elapsed from when the cache item was added. The default time is 60 minutes. |