First off, let me state, I really like the Enterprise Library. In fact I put off development of one of my new applications specifically to build it around the EntLib. Great job by the EntLib team getting this out the door!
The concept behind it is fantastic, It's implementation is pretty good too.
I would like to see some people come out with a few articles on how to use these libraries, there are alot of missing pieces in the documentation.
For this to really be accepted and used effectively, further docs are going to be needed.
Specifically, I have already setup a new application to use the Configuration, Cryptography, Data Acces and Security Application Blocks. The Enterprise Library Configuration tool makes this a real snap and saves HUGE amount of time doing tedious and boring things in the initial setup.
Maybe I missed something, but in the Security Application Block, I don't see any straight forward way of doing dynamic rules. Role Based Security is an essential part of all my applications and I have been using it for years. I set up Users, Roles, Profiles and Rules for the Roles already. Changing the way I used to do it with Database lookups for all the dynamic information stored for each user was really easy until it came to Rules.
A Rule is essentially a way to restrict an event(printing, editing, etc.) based on the user's Role, but a Rule will allow for multiple roles to be able to do certain task while restricting others. Plain enough right?
Well, I used to put all my rules in the database with everything else, and apparently the Rule Provider doesn't support this. It doesn't make all that much sense to me to have Rules confined to your App.config. I don't want to go in and edit secutiyconfiguration.config whenever I need to change some permissions.
Fortunately, these are just text, so you can just stick them in the database, but to load them is going to require you to write your own methods to go retrieve them and create a .
When I get this extension written I will probably post something about it here, but this seems like it should have already have been in the core functionality along with Authentication, Roles and Profiles.
Basically I made this Table:
CREATE TABLE [dbo].[AuthorizationRules] (
[RuleID] [int] IDENTITY (1, 1) NOT NULL ,
[Name] [nvarchar] (254) COLLATE SQL_Latin1_General_CP1_CI_AS NOT NULL ,
[Expression] [ntext] COLLATE SQL_Latin1_General_CP1_CI_AS NOT NULL
) ON [PRIMARY] TEXTIMAGE_ON [PRIMARY]
ALTER TABLE [dbo].[AuthorizationRules] ADD
CONSTRAINT [PK_AuthorizationRules] PRIMARY KEY CLUSTERED
) ON [PRIMARY]
then populate the equivalent of this:
<rule name="Rule.CanEditCode" expression="NOT I:? AND (R:Developer OR R:Administrator)" />
into the table.
When My App does it's authorization, I load all the rules into an ArrayList of Strings that I can test when needed in a form or action.
Expect to see me doing more writeups on how I am using the EntLib as I discover more useful ways to use and extend it. Please send me your comments on how you are doing the same.