Custom Authorization Activity
I'm trying to write a custom authorization activity, and I cannot find out how the activity is supposed to signal that the authorization succeeded or failed. Should I throw some kind of exception? I also don't understand how I should use my activity. Am I supposed to create a permission-granting MPR and then attach a workflow with my activity to the MPR to restrict the possible actions, or can I also use my activity to grant some privileges that no other MPR is granting? Is there some example or walktrough about authorization activities? Thanks, PaoloPaolo Tedesco - http://cern.ch/idm
June 4th, 2010 7:33pm

Have you tried using reflector against the DLL that contains the OOB Authorization activity? What happens if you run the debugger against a workflow that has the default authorization activity included and tell the debugger to stop on first chance exceptions? Do you see an exception being thrown? -Jeremy
Free Windows Admin Tool Kit Click here and download it now
June 4th, 2010 8:26pm

Hi Paolo! You should think of the authorization workflow stage as a place where you could perform validation and approval of the request and it has nothing to do with MPR's since the MPR's are checked before the authentication stage, See Request Processing . You could for example use it to validate the naming convention for a user name. You reference your authorization workflow to any Request MPR regardless if it's a permission giving one or not. Authorization workflows are executed in parallel and you deny the authorization simply by throwing an exception and a good idea is to add a description to the exception since it'll show up on the request. In order for authorization to succeed all parallel workflows must succeed. //HenrikHenrik Nilsson, ILM/FIM MVP Blog: http://www.idmcrisis.com Company: Cortego (http://www.cortego.se)
June 5th, 2010 10:49am

This topic is archived. No further replies will be accepted.

Other recent topics Other recent topics