When to use Authorization Manager
Updated: December 15, 2006
Applies To: Windows Server 2003 R2
Authorization Manager is a component of Windows Server 2003 that provides role-based access control (RBAC) infrastructure for applications. When Authorization Manager is used with Active Directory Federation Services (ADFS), it offers the following advantages:
Administrative efficiency: Administrators can use Authorization Manager to map ADFS claims to specific application roles to more easily control and enforce corporate access policy, rather than have corporate access policy built directly into a claims-aware application.
Developer flexibility: Developers can create claims-aware applications that take advantage of the application authorization framework of Authorization Manager. The applications can then use RBAC policy and claims to make authorization decisions.
Federated claims-aware applications must be written specifically to take advantage of RBAC. For information about how to map ADFS claims to Authorization Manager roles, see Deploying Applications Using Windows Authorization Manager (http://go.microsoft.com/fwlink/?LinkId=77376).