This project is read-only.

.NET SQL Authorization Build History


Core & Snap-In

3.5.4.1 04-May-2009
- Fix: UserPermissionCache.CheckAccess bug fix when ValidFrom and/or ValidTo are not null (some cases only)
Work item 2877: http://netsqlazman.codeplex.com/WorkItem/View.aspx?WorkItemId=2877
- Fix on ENS (Event Notification System); ENS events are now raised only when this.ens!=null
Thanks to fdesbrosses. Work item 2878: http://netsqlazman.codeplex.com/WorkItem/View.aspx?WorkItemId=2878
- Fix into NetSqlAzManStorageDataContext.GetDBUsersEx (dataadapter.SelectCommand.Transaction not set)
Thanks to mrbmason. Work Item 2905: http://netsqlazman.codeplex.com/WorkItem/View.aspx?WorkItemId=2905
- Fix into IsInGroup(…) methods (SqlAzManStoreGroups / SqlAzManApplicationGroup). Now ArgumentNullException is thrown instead of NullReferenceException.
Thanks to mrbmason. Work Item 2912: http://netsqlazman.codeplex.com/WorkItem/View.aspx?WorkItemId=2912
- Added NetSqlAzMan Web Site link to the .MSI Setup Package.
- Added NetSqlAzManAuthorizationContext.Storage property that returns the IAzManStorage instance.
- Tested with SQL Server 2008 SP1, Windows Vista SP2, Windows Server 2008 SP2.

3.5.4.0 28-April-2009
- Fix: NetSqlAzManStorage Script fix (case sensitive collation)
Thanks to Cheers. Work item 2804: http://netsqlazman.codeplex.com/WorkItem/View.aspx?WorkItemId=2804
- Fix: NetSqlAzMan.Cache.StorageCache CheckAccess issue. it's not considering inheritance from the parent items when Biz-Rules are defined.
Thanks to rtang. Work Item 2824: http://netsqlazman.codeplex.com/WorkItem/View.aspx?WorkItemId=2824
- Fix: When call CheckAccess function of UserPermissionCache, it doesn't retrieve the attributes defined on the ITEMS. It does retrieve the attributes defined on the AUTHORIZATION, application and store
Thanks to rtang. Work Item 2825: http://netsqlazman.codeplex.com/WorkItem/View.aspx?WorkItemId=2825
- Fix: UserPermissionCache constructor requires contextParameters and doesn't not allow null value. When a BizRule exists, an exception will be thrown.
- Change: Added SqlAzManException class to wrap all NetSqlAzMan Exceptions, based on MS Design Guidelines for Exceptions: http://msdn.microsoft.com/en-us/library/ms229014(VS.80).aspx
All messages are now standardized. When an Exception is thrown, Data property is also valorized with a Dictionary<string, object> with context parameters (i.e. “Store Name”, “My store name”)
Thanks to rtang. Work item 2856: http://netsqlazman.codeplex.com/WorkItem/View.aspx?WorkItemId=2856

3.5.3.0 17-April-2009
• New:
o Added CheckAccessHelper method overloads to support CheckAccess with custom SIDs (IAzManCustomSID).
o Added CheckAccessHelper constructor without WindowsIdentity parameter for DB Users Only.
Thanks to cmacholz: http://netsqlazman.codeplex.com/WorkItem/View.aspx?WorkItemId=2431
o Change on "Add Database Users" dialog:
 Now custom columns are showed
Thanks to _Trip. Work item 2680: http://netsqlazman.codeplex.com/WorkItem/View.aspx?WorkItemId=2680
 Added Filter capabilities on the "Add Database Users" dialog (standard and custom columns)
Thanks to hmadanaraj. Work item 2663: http://netsqlazman.codeplex.com/WorkItem/View.aspx?WorkItemId=2663
o Added the ability to CheckAccess through .NET Attributes.
Thanks to news75. Work Item 2567: http://netsqlazman.codeplex.com/WorkItem/View.aspx?WorkItemId=2567
 Added two classes: NetSqlAzManAuthorizationAttribute and NetSqlAzManAuthorizationContext (namespace: NetSqlAzMan)
Example:

[Form1.Designer.cs]
[NetSqlAzManAuthorization("My operation", " Visible", false)] //If NOT CheckAccess(...) => button1.Visible = false
private System.Windows.Forms.Button button1;

[NetSqlAzManAuthorization("My Role", "Enabled", false)] //If NOT CheckAccess(...) => saveToolStripMenuItem.Enabled = false
private System.Windows.Forms.ToolStripMenuItem saveToolStripMenuItem;

[Form1.cs]
private void Form2_Load(object sender, EventArgs e)
{
//Initialize the NetSqlAzMan Context
NetSqlAzManAuthorizationContext ctx = new NetSqlAzManAuthorizationContext(
"data source=(local);Initial Catalog=NetSqlAzManStorage;User id=sa;password=",
"Eidos",
"DB Persone",
WindowsIdentity.GetCurrent(),
true); //True to use StorageCache, false to direct check access

//Optionally you can intercept events before and after the Access Check
//ctx.BeforeCheckAccess += new BeforeCheckAccessHandler(NetSqlAzManAuthorizationContext_BeforeCheckAccess);
//ctx.AfterCheckAccess += new AfterCheckAccessHandler(NetSqlAzManAuthorizationContext_AfterCheckAccess);

//If using the Storage Cache … you can also invalidate the cache
//ctx.InvalidateCache();

[…]

//Finally … check the security for all Attributes
ctx.CheckSecurity(this);
}

//void NetSqlAzManAuthorizationContext_AfterCheckAccess(NetSqlAzManAuthorizationContext context, NetSqlAzManAuthorizationAttribute attribute, ref bool partialResult)
//{
// //Do something before checking the access
//}

//void NetSqlAzManAuthorizationContext_BeforeCheckAccess(NetSqlAzManAuthorizationContext context, NetSqlAzManAuthorizationAttribute attribute)
//{
// //Do something after access check
//}
• Bug Fix in NetSqlAzManRoleProvider, Snap-In Check Access Test and Web Console Check Access test; WindowsIdentity.GetCurrent() replaced with ((System.Threading.Thread.CurrentPrincipal.Identity as WindowsIdentity) ?? WindowsIdentity.GetCurrent())
Thanks to Richard. Work Item 2740: http://netsqlazman.codeplex.com/WorkItem/View.aspx?WorkItemId=2740


3.5.2.1 26-March-2009
• New: Code to support an extension to an LDAP Group query to query specific roots such as under an OU:
[RootDSE:OU=ADS,OU=ADB,OU=ISV,OU=OCD,OU=EXE,DC=hcso,DC=tampa,DC=fl,DC=us](&(rest of my query))
http://netsqlazman.codeplex.com/WorkItem/View.aspx?WorkItemId=2357
o Updated: SnapIn & WebConsole
o Updated: dbo.ExecuteLDAPQuery Stored Procedure
Thanks to jeff_huntsman.
• Added static method SqlAzMan.SqlAzManSID SIDToInt32(int n) to get a DB Users from an int32 as custom SID.
Thanks to Craig: http://netsqlazman.codeplex.com/Thread/View.aspx?ThreadId=51318

3.5.2.0 10-March-2009
• Project moved at http://netsqlazman.codeplex.com
• ADDED: NetSqlAzMan Snap-In Russian translation.
Thanks to Alex Vrubel.

3.5.1.1 18-February-2009
• Bug fix into the NetSqlAzManStorage.sql script. Not it supports case sensitive SQL collations (i.e. Latin1_General_CS_AS).
Thanks to mcasiou: https://sourceforge.net/forum/message.php?msg_id=6399800
• Bug fix into the SqlAzManItem class. Cached items and cached members are now updated without a new database access.
Thanks to Tusan Esen: https://sourceforge.net/forum/message.php?msg_id=6310310
• Bug fix into the NetSqlAzManStorage.GetDBUsers() method.
Thanks to igadanec - tracker bug: https://sourceforge.net/tracker2/?func=detail&aid=2433444&group_id=165814&atid=836877
• WCF Attributes added to all NetSqlAzMan classes to support WCF exposure.
• Bug fix into the NetSqlAzManStorage.Cache.StorageCache.BuildStorageCache(string storeNameFilter, string applicationNameFilter) method; Biz Rule cache is cleaned before StorageCache building.
Thanks to Giuseppe Di Mauro
• Bug fix into GetDBUsers(IAzManSid sid) methods
Thanks to tusanesen: https://sourceforge.net/forum/message.php?msg_id=6141113
• Added “Invalidate WCF Cache Service” menu option to the Snap-In Console (on the Storage root node) to invoke InvalidateCache() method from the console.
• Minor SnapIn UI bug fixed


3.5.1.0 09-December-2008
• Options added to the console Import dialog form:
o Creates new Items ? (Yes/No)
o Overwrites existing Items ? (Yes/No)
o Delete missing Items ? (Yes/No)
o Creates new Item authorizations ? (Yes/No)
o Overwrites existing Item authorization ? (Yes/No)
o Delete missing Item authorizations ? (Yes/No)
Notes:
o Items comparison made by Name (and not by SID)
o Items authorization made by SID (and not by Name)
Thanks to Costasz, Richard Tang: https://sourceforge.net/forum/message.php?msg_id=5425180
• Added command line arguments (mmc.exe):
Syntax:
o mmc.exe netsqlazman.msc [/DebugMode] [/NoSplashScreen] [/NoCheckForUpdate]

where:
 /DebugMode: display a pop-up to allow Visual Studio.NET developers to attach to the mmc.exe process.
 /NoSplashScreen: does not show the Splash screen
 /NoCheckForUpdate: does not connect to Internet to check for NetSqlAzMan updates.
Thanks to Tekra: https://sourceforge.net/forum/message.php?msg_id=5431806
• Changed splash screen to a “more professional” one. 
• Removed “sealed” from NetSqlAzMan.Providers.NetSqlAzManRoleProvider class.
Thanks to Richard Tang: https://sourceforge.net/forum/message.php?msg_id=5440288
• Missing SQL script fragment to allow NetSqlAzMan_Readers to see all other Logins in SQL Server 2005 version only.
Thanks to Richard Tang: https://sourceforge.net/forum/message.php?msg_id=5317643
• Bug Fix into NetSqlAzMan.Cache.UserPermissionCache.
Thanks to josephrichtx: https://sourceforge.net/forum/message.php?msg_id=5057824
• Bug Fix into NetSqlAzManStoreGroup/NetSqlAzManApplicationGroup detectLoop private function.
Thanks to doitpc: https://sourceforge.net/tracker/index.php?func=detail&aid=2007600&group_id=165814&atid=836877
• Bug fix into NetSqlAzManStorage.TransactionInProgress property
Thanks to tusan esen: https://sourceforge.net/forum/message.php?msg_id=5573571
• Built with SQLAudit 2.0.1.0


3.5.0.2 13-April-2008
• Change: UserPermissionCache and StorageCache are now Serializable (Binary only).
Thanks to Nobody: https://sourceforge.net/forum/message.php?msg_id=4883401
• Bug Fix into NetSqlAzMan.Cache.StorageCache class to support Database user SIDs.
Thanks to K.Overmars, Tracker Id: 1939219: http://sourceforge.net/tracker/index.php?func=detail&aid=1939219&group_id=165814&atid=836877

3.5.0.1 26-January-2008
• Bug fix for Store/Application permission change using Snap-In.
Request ID: 1870222 - http://sourceforge.net/tracker/index.php?func=detail&aid=1870222&group_id=165814&atid=836877
• Bug fix on SnapIn Actions menu.
Thanks to nobody: https://sourceforge.net/forum/message.php?msg_id=4722379
• Bug fix while SQLAudit T-SQL generation (dbo.Log table missing)
(Thanks to brillobabu: https://sourceforge.net/forum/message.php?msg_id=4736276)
• Change: “Persist Security Info=true” forced by SqlAzManStorage.ConnectionString property when SQL Authentication is enabled (needed to open new SQL connection in a multi-thread environment).
(Thanks to John Woo: https://sourceforge.net/forum/message.php?msg_id=4738460)
• Built with SQLAudit 2.0.0.0
(http://sqlaudit.sourceforge.net)

3.5.0.0 21-December-2007
• .NET Framework 3.5 technology upgrade (.NET Framework 3.5 is now a prerequisite)
• Data layer upgrade from Tdo to LINQ to SQL (Tdo assembly reference removed).
o Use NetSqlAzMan.LINQ.NetSqlAzManStorageDataContext class to manipulate/query SQL Storage (LINQ Technology).
• All components are recompiled with the .NET Framework 3.5
• VS.NET 2008 source format for solution and projects (.sln / .csprj)
• Added System.IO.TextWriter IAzManStorage.LogStream property to get or set Text logging.
• “dbo.Log” table renamed to “dbo.LogTable”
• Added class NetSqlAzMan.Cache.StorageCache to allow:
o Client CheckAccess (instead of server CheckAccess)
o Entire Storage caching capability.
 When the BuildStorageCache() method is invoked all Storage elements are readed and cached.
 When the BuildStorageCache(StoreFilterName) method is invoked all specified Store elements are readed and cached.
 When the BuildStorageCache(StoreFilterName, ApplicationFilterName) method is invoked all specified Applications elements of the specified Store are readed and cached.
 BizRules result is not cached (only bizRule definition)
 LDAP Groups (Application/Store) members are cached.
• Bug fix for DBUsers CheckAccess when NetSqlAzManMode is set to Administrator mode.
(Thanks to debeardjr: https://sourceforge.net/forum/message.php?msg_id=4683470)
• Added new Package ‘NetSqlAzMan Cache Service’ (for further details see NetSqlAzMan Cache Service Build History):
o It is a Windows NT Service that exposes a self-hosted WCF service (http/net.tcp protocols).
o A StorageCache singlecall instance is exposed to allow CheckAccess cached operations for Windows users and DB Users (4 CheckAccess overloads).
o InvalidateCache method to force cache expire (and rebuild).
o NetSqlAzManCacheServiceInvalidateUtility.exe utility as standalone WCF client console to force cache expire (and rebuilt).
o Storage connection string, protocols (net.tcp/http), StoreFilterName, ApplicationFilterName, endpoint addresses and so on … are configureable via NetSqlAzManCacheService.exe.config configuration file.
• Added 5 Tutorials into the NetSqlAzMan – Guide:
o Tutorial 1: CheckAccess inside Windows/Web Applications
o Tutorial 2: CheckAccessHelper
o Tutorial 3: UserPermissionCache
o Tutorial 4: StorageCache
o Tutorial 5: Calling NetSqlAzMan WCF Cache Service
***********************************************************************************************************
Sql Storage DB schema HAS been changed.
TO Upgrade DB Schema from previous versions:
- upgrade DB Schema with provided sql scripts (SQL Script folder).
… Or …
- Follow this Upgrade TUTORIAL: http://sourceforge.net/forum/forum.php?thread_id=1561052&forum_id=564349
***********************************************************************************************************

2.5.0.0 29-November-2007
• DB Schema: all varchar data types are changed to nvarchar to support Unicode data.
(Thanks to Mohammad Tarhsaz – https://sourceforge.net/forum/message.php?msg_id=4628731)
• NetSqlAzManRoleProvider change:
o Added “userLookupType” string parameter; possible values: “LDAP” or “DB” to enable Windows Authentication model or Database Authentication model.
o Added “defaultDomain” string parameter to support System.Web.Security.ActiveDirectoryMembershipProvider (usernames without “DOMAIN\” prefix).
(Leave blank … if userLookupType == “DB”).
o New web.config template:
<roleManager defaultProvider="NetSqlAzManRoleProvider"
enabled="true"
cacheRolesInCookie="false"
cookieName=".ASPROLES"
cookieTimeout="30"
cookiePath="/"
cookieRequireSSL="false"
cookieSlidingExpiration="true"
cookieProtection="All" >
<providers>
<clear />
<add
name="NetSqlAzManRoleProvider"
type="NetSqlAzMan.Providers.NetSqlAzManRoleProvider"
connectionStringName="NetSqlAzManConnectionString"
storeName="My Store Name"
applicationName="My Application Name"
userLookupType="LDAP"
defaultDomain="MyDomain"
/>
<!-- UserLookupType options: { LDAP, DB } -->
<!-- Leave DefaultDomain blank if userLookupType=="DB" (DB users) -->
</providers>
</roleManager>
(Thanks to vbsmerlin – https://sourceforge.net/forum/message.php?msg_id=4635931)
• Added “NetSqlAzMan Storage DB documentation.chm” file with the NetSqlAzManStorage Database documentation.
• Built with Tdo 2.0.50727.32
***********************************************************************************************************
Sql Storage DB schema HAS been changed.
TO Upgrade DB Schema from previous versions:
- upgrade DB Schema with provided sql scripts (SQL Script folder).
… Or …
- Follow this Upgrade TUTORIAL: http://sourceforge.net/forum/forum.php?thread_id=1561052&forum_id=564349
***********************************************************************************************************

2.4.5.1 15-November-2007
• Built with Tdo 2.0.50727.32
• Bug fix in dbo.DirectCheckAccess stored procedure to support attributes length of 4000 instead of 255.
(Thanks to Nobody – Tracker Id: 1827513 - http://sourceforge.net/tracker/index.php?func=detail&aid=1827513&group_id=165814&atid=836877)
***********************************************************************************************************
Sql Storage DB schema HAS been changed.
TO Upgrade DB Schema from previous versions:
- upgrade DB Schema with provided sql scripts (SQL Script folder).
… Or …
- Follow this Upgrade TUTORIAL: http://sourceforge.net/forum/forum.php?thread_id=1561052&forum_id=564349
***********************************************************************************************************


2.4.5.0 30-October-2007
• Made update on CheckAccess Stored Proceure made to ignore NEUTRAL authorizations.
• Added ref AuthorizationType authorizationType parameter to the IAzManBizRule.Execute method to allow a Business Rule to change its AuthorizationType even if result is true.
Thanks to mOhammad tArhsaz (https://sourceforge.net/forum/message.php?msg_id=4557282).
IMPORTANT: Remember to update all yours Businnes Rules source code with the new Execute method signature as the following:
C#
public bool Execute(Hashtable contextParameters, IAzManSid identity, IAzManItem ownerItem, ref AuthorizationType authorizationType)
{
//Insert your code here
//Assign authorizationType to some AuthorizationType value to force CheckAccess result for this item.
return true;
}
VB.NET
Public Overloads Function Execute(ByVal contextParameters As Hashtable, ByVal identity As IAzManSid, ByVal ownerItem As IAzManItem, ByRef authorization as AuthorizationType) As Boolean _
Implements IAzManBizRule.Execute
'Insert your code here
'Assign authorizationType to some AuthorizationType value to force CheckAccess result for this item.
Return True
End Function
• Improved performance (300%) for UserPermissionCache construction.
• Added IAzManStorage.StorageTimeOut [int] property to get or set the Storage connection timeout.
• Bug fix in DirectCheckAccess SP (Internal transaction deleted to avoid dead locking in a multi-threading / enterprise environment.)
• Bug fix in frmImportFromAzMan (azStore.CloseApplication statement seems to hang the import for older MS AzMan versions)
Thanks to Pham Kim Son.
• Bug fix in NetSqlAzManRoleProvider.DeleteRole method.
Thanks to Nobody (https://sourceforge.net/forum/message.php?msg_id=4546230).
• Minor SnapIn UI bug fixed in Item Authorizations form when users click on a grid row header.
(Thanks to Jeff Oleson).
***********************************************************************************************************
Sql Storage DB schema HAS been changed.
TO Upgrade DB Schema from previous versions:
- upgrade DB Schema with provided sql scripts (SQL Script folder).
… Or …
- Follow this Upgrade TUTORIAL: http://sourceforge.net/forum/forum.php?thread_id=1561052&forum_id=564349
***********************************************************************************************************

2.4.4.0 20-September-2007
• Bug fix on NetSqlAzManRoleProvider.
Thanks to Richard Tang: https://sourceforge.net/forum/message.php?msg_id=4483763
• Added methods to create and delete delegates for DB Users (IAzManItem.CreateDelegateAuthorization / IAzManItem.DeleteDelegateAuthorization).
Thanks to Roberto: https://sourceforge.net/forum/message.php?msg_id=4514116
• Added methods to check the access to a Store/Application:
o IAzManStore:
 bool CheckStoreAccess(WindowsIdentity windowsIdentity, DateTime validFor, params KeyValuePair<string, object>[] contextParameters);
 bool CheckStoreAccess(IAzManDBUser dbUser, DateTime validFor, params KeyValuePair<string, object>[] contextParameters);
o IAzManApplication:
 bool CheckApplicationAccess(WindowsIdentity windowsIdentity, DateTime validFor, params KeyValuePair<string, object>[] contextParameters);
 bool CheckApplicationAccess(IAzManDBUser dbUser, DateTime validFor, params KeyValuePair<string, object>[] contextParameters);

***********************************************************************************************************
Sql Storage DB schema HAS been changed.
TO Upgrade DB Schema from previous versions:
- upgrade DB Schema with provided sql scripts (SQL Script folder).
… Or …
- Follow this Upgrade TUTORIAL: http://sourceforge.net/forum/forum.php?thread_id=1561052&forum_id=564349
***********************************************************************************************************

2.4.3.0 25-July-2007
• Bug fix on DirectoryServiceUtils class (objects pick-up from Active Directory).
• Added NetSqlAzMan.SqlAzManStorage.RootDSEPath static property string to get or set the Root DSE Path of your Active Directory domain. (default value is the Active Directory default naming context).
• UserPermissionCache accept now parameter “multiThreadBuild”; If true each CheckAccess method used to build UserPemissionCache is executed in a separated thread of thread pool (System.Thread.ThreadPool class).
30% Performance improvement.
• Complete rewrite of NetSqlAzManRoleProvider (support for Windows Users and DBUsers only). Same pattern as AuthStoreRoleProvider for MS AzMan (http://blogs.msdn.com/dc995/archive/2006/07/05/657173.aspx)
IMPORTANT: NetSqlAzManRoleProvider class is now under NetSqlAzMan.Providers namespace instead of NetSqlAzMan.Web.
(Thanks to Richard Tang: https://sourceforge.net/forum/forum.php?thread_id=1764422&forum_id=564350)
• Bug Fix on Items Hierarchy Report (Hierarchy issue when sub-Roles).
• Change on Items Hierarchy View (by default all is expanded).
• Change in CheckAccessHelper code generation (Constants are now protected internal).

***********************************************************************************************************
Sql Storage DB schema HAS been changed.
TO Upgrade DB Schema from previous versions:
- upgrade DB Schema with provided sql scripts (SQL Script folder).
… Or …
- Follow this Upgrade TUTORIAL: http://sourceforge.net/forum/forum.php?thread_id=1561052&forum_id=564349
***********************************************************************************************************


2.4.2.0 - 09 – May -2007
• Bug Fix on dbo.helplogins, dbo.GrantStoreAccess, dbo.GrantApplicationAccess Stored Procedures.
• Bug fix on dbo.StoreGroupsTable / dbo.ApplicationGroupsTable (missing delete Triggers)
• Bug fix on SqlAzManItemAttribute.Update() method.
• Bug fix on SqlAzManSID Class to full support Guid custom SID.
(Thanks to markomvp: https://sourceforge.net/forum/message.php?msg_id=4265615)
• Bug Fix on “Import From MS AzMan” feature (MSSQL:// provider).
***********************************************************************************************************
Sql Storage DB schema HAS been changed.
TO Upgrade DB Schema from previous versions:
- upgrade DB Schema with provided sql scripts (SQL Script folder).
… Or …
- Follow this Upgrade TUTORIAL: http://sourceforge.net/forum/forum.php?thread_id=1561052&forum_id=564349
***********************************************************************************************************

2.4.1.0 - 06 – April -2007
• Change in UserPermissionCache.CheckAccess() method: itemName parameter is now case-insenstive.
(Thanks to markomvp: https://sourceforge.net/forum/message.php?msg_id=4232290).
• Added Dictionary<string, IAzManItem> UserPermissionCache.Items cached property (same as IAzManApplication.Items).
(Thanks to Tai Kim).
• Bug Fix on [dbo].[GrantStoreAccess] / [dbo].[GrantApplicationAccess] Stored Procedures (authorization failure for NT Gropus)
(Thanks to Richard Tang).
• Assemblies Sign: NetSqlAzMan.dll and NetSqlAzMan.SnapIn.dll are now signed with a new key (pfx file). Pfx files are now password protected.
(Thanks to Nobody: http://sourceforge.net/forum/forum.php?thread_id=1699702&forum_id=564348)
***********************************************************************************************************
Sql Storage DB schema HAS been changed.
TO Upgrade DB Schema from previous versions:
- upgrade DB Schema with provided sql scripts (SQL Script folder).
… Or …
- Follow this Upgrade TUTORIAL: http://sourceforge.net/forum/forum.php?thread_id=1561052&forum_id=564349
***********************************************************************************************************

2.4.0.0 - 18 - March -2007
• Bug Fix on IAzManItem.AddMember() method (loop detection restored).
(Thanks to Marcel Milat).
• Bug Fix on BizRules runtime execution pipeline (System.Reflection.ReflectionTypeLoadException).
(Thanks to Richard Tang).
• Bug Fix on DBUsers CustomId (While Import & Export from/into XML file).
• CheckAccess Test, Items Hierarchy View e Reports are more fastly.
• Added IAzManStorage.DataBaseVersion property to get the current database version.
• Added Version Check when you connect by Snap-In to the NetSqlAzManStorage (warning if Run-Time version is different from Database version).
• Version Info is now written as XML Comment into exported XML Files.
• Tdo 2.0.50727.27 update (http://tdo.sourceforge.net).
• SQLAudit 1.7.0.0 update (http://sqlaudit.sourceforge.net).
***********************************************************************************************************
Sql Storage DB schema HAS been changed.
TO Upgrade DB Schema from previous versions:
- upgrade DB Schema with provided sql scripts (SQL Script folder).
… Or …
- Follow this Upgrade TUTORIAL: http://sourceforge.net/forum/forum.php?thread_id=1561052&forum_id=564349
***********************************************************************************************************

2.3.0.0 - 14 - March -2007
• NetSqlAzMan Application Permission Cache implemented
(Thanks to Marcel Milat - http://sourceforge.net/forum/forum.php?thread_id=1688961&forum_id=564348)
o Properties (that cache results):
 IAzManStorage.Stores
 IAzManStorage.DBUsers
 IAzManStore.Attributes
 IAzManStore.StoreGroups
 IAzManStore.Applications
 IAzManStoreGroup.Members
 IAzManApplication.Attributes
 IAzManApplication.ApplicationGroups
 IAzManApplication.Items
 IAzManApplicationGroup.Members
 IAzManItem.Attributes
 IAzManItem.Members
 IAzManItem.ItemsWhereIAmAMember
 IAzManItem.Authorizations
 IAzManAuthorization.Attributes
o Added NetSqlAzMan.Cache.UserPermissionCache class to store CheckAccess results (per WindowsIdentity/DBUser) into a local cache without round-trips to SQL Server Storage:
 UserPermissionCache(IAzManStorage storage, string storeName, string applicationName, WindowsIdentity windowsIdentity, bool retrieveAttributes, params KeyValuePair<string, object>[] contextParameters)
 UserPermissionCache(IAzManStorage storage, string storeName, string applicationName, IAzManDBUser dbUser, bool retrieveAttributes, params KeyValuePair<string, object>[] contextParameters)
 AuthorizationType CheckAccess(string itemName, DateTime validFor)
 AuthorizationType CheckAccess(string itemName, DateTime validFor, out List<KeyValuePair<string, string>> attributes)

Code example to perform a CheckAccess by retrieving results from UserPermissionCache:
IAzManStorage storage = new SqlAzManStorage("data source=.;Initial Catalog=NetSqlAzManStorage;Integrated Security = SSPI;");
NetSqlAzMan.Cache.UserPermissionCache cache = new NetSqlAzMan.Cache.UserPermissionCache(storage, "My Store", "My Application", WindowsIdentity.GetCurrent(), true);
List<KeyValuePair<string, string>> attributes;
AuthorizationType auth = c.CheckAccess("My Operation", DateTime.Now, out attributes);

o Updated CheckAccessTest to support CheckAccess from UserPermissionCache.

• Bug fix on GetStoreGroupSidMembers / GetApplicationGroupSidMembers Stored Procedures
***********************************************************************************************************
Sql Storage DB schema HAS been changed.
TO Upgrade DB Schema from previous versions:
- Follow this Upgrade TUTORIAL: http://sourceforge.net/forum/forum.php?thread_id=1561052&forum_id=564349
… Or …
- upgrade DB Schema with provided sql scripts (SQL Script folder).
***********************************************************************************************************

2.2.0.0 - 8 - March -2007
• Bug Fix on DirectCheckAccess Stored Procedure.
(Thanks to Marcel M. - https://sourceforge.net/forum/message.php?msg_id=4196582)
• Upgrade for SQLAudit 1.5.0.0 – http://sqlaudit.sourceforge.net
***********************************************************************************************************
Sql Storage DB schema HAS been changed.
TO Upgrade DB Schema from previous versions:
- Follow this Upgrade TUTORIAL: http://sourceforge.net/forum/forum.php?thread_id=1561052&forum_id=564349
***********************************************************************************************************

2.1.0.0 - 7 - March -2007
• SQLAudit Integration to enable Auditing on NetSqlAzMan Storage.
To generate T-SQL Script for Auditing, right click on NetSqlAzMan console root node – Options – Auditing and choose a Generation Script MMC.Action.
T-SQL generated Script cannot be executed inside NetSqlAzMan MMC but only copied into the system clipboard (for security reasons); run instead script using Query Analyzer or SQL Management Studio.
SQLAudit is an Open Source Project (LGPL) – http://sqlaudit.sourceforge.net
• .MSI Fix (PDF Tutorials corrupted).
(Thanks to markomvp - http://sourceforge.net/forum/forum.php?thread_id=1688182&forum_id=564348 )

2.0.3.0 - 23- February -2007
• Bug Fix into Logging (Event on DB); missing GRANT on Log table.
• Bug Fix on ItemsTable PK name.
• Minor bug Fix on MMC (Permissions button enabled when new Store).
(Thanks to Richard Tang)
• SQL Server 2005 Service Pack 2 (RTM) general test done.
***********************************************************************************************************
Sql Storage DB schema HAS been changed.
TO Upgrade DB Schema from previous versions:
- Follow this Upgrade TUTORIAL: http://sourceforge.net/forum/forum.php?thread_id=1561052&forum_id=564349
***********************************************************************************************************

2.0.2.1 - 20- February -2007
• Bug Fix on NetSqlAzMan_SqlServer.sql (removed COLLATE statement.)
• Bug Fix on internalCheckAccess methods (NullReferenceException if result was Deny or Neutral and retrieveAttribues true)
(Thanks to Richard Tang)
• Added dbo.NetSqlAzMan_DBVersion() scalar-valued Function on DB to retrieve Storage version number.
(Thanks to Ivano Modenin)
***********************************************************************************************************
Sql Storage DB schema HAS been changed.
TO Upgrade DB Schema from previous versions:
- Follow this Upgrade TUTORIAL: http://sourceforge.net/forum/forum.php?thread_id=1561052&forum_id=564349
***********************************************************************************************************

2.0.2.0 - 15- February -2007
• Bug Fixed into DirectoryServicesUtils class. (Some Well Know SIDs Translation failure).
• Minor Bug fixing on MMC.
• Italian Resource message fix.
(Thanks to Holpit - https://sourceforge.net/forum/forum.php?thread_id=1671874&forum_id=564350)
• Added SQL Script to update NetSqlAzMan Storage from previous versions without dropping and creating again.
• ENS (Event Notification System) has been totally reviewed
o All events generated by the run-time are trapped.
o Added interface NetSqlAzMan.Interfaces.IAzManENS
o SqlAzManENS is no more “static”
o Added read- only property IAzManENS IAzManStorage.ENS { get; } that expose the Event Notification System.
• Added ENS Logging on SQL Server feature (Log table) with Instance GUID, Transaction GUID and Operation Counter.
• NetSqlAzManRoleProvider fixed:
(Thanks to Richard Tang: https://sourceforge.net/forum/message.php?msg_id=4158192)
o ConnectionString attribute has become connectionStringName and refer to connectionString section
o All attributes are now camelCase
o roleManager element sample (web.config):

<connectionStrings>
<add name="NetSqlAzManConnectionString" connectionString="data source=(local);Initial Catalog=NetSqlAzManStorage;Integrated Security=SSPI;" />
</connectionStrings>

<roleManager defaultProvider="NetSqlAzManRoleProvider"
enabled="true"
cacheRolesInCookie="false"
cookieName=".ASPROLES"
cookieTimeout="30"
cookiePath="/"
cookieRequireSSL="false"
cookieSlidingExpiration="true"
cookieProtection="All" >
<providers>
<clear />
<add
name="NetSqlAzManRoleProvider"
type="NetSqlAzMan.Web.NetSqlAzManRoleProvider"
connectionStringName="NetSqlAzManConnectionString"
storeName="My Store Name"
applicationName="My Application Name" />
</providers>
</roleManager>

***********************************************************************************************************
Sql Storage DB schema HAS been changed.
TO Upgrade DB Schema from previous versions:
- Follow this Upgrade TUTORIAL: http://sourceforge.net/forum/forum.php?thread_id=1561052&forum_id=564349
***********************************************************************************************************

2.0.1.0 - 11- February -2007
• Performance improvement on NetSqlAzMan DB objects.
• Added SqlAzManStorage.VerifyStorageDB() static method to verify NetSqlAzMan Storage Database.
• MSI Change: NetSqlAzMan.dll, NetSqlAzMan.SnapIn.dll and Tdo.dll no more in GAC.
• Bug fix into SqlAzManItem.CreateDelegateAuthorization and SqlAzManItem. DeleteDelegateAuthorization methods (missing throw exception if user cannot delegate).
(Thanks to Richard Tang - https://sourceforge.net/forum/forum.php?thread_id=1669462&forum_id=564348)
***********************************************************************************************************
Sql Storage DB schema HAS been changed.
TO Upgrade DB Schema from previous versions:
- Follow this Upgrade TUTORIAL: http://sourceforge.net/forum/forum.php?thread_id=1561052&forum_id=564349
***********************************************************************************************************

2.0.0.1 - 8- February -2007
• NetSqlAzMan has changed licensing (from GPL to LGPL license).
• Bug fix on NetSqlAzManStore constructor (everyone Sid deleted).

2.0.0.0 - 7- February -2007
• Implemented Row-level security feature on NetSqlAzMan Database. NetSqlAzMan is now able to grant a SQL login (same as Storage connection) to Manage/See single Stores and/or Applications:
(Thanks to Richard Tang for collaboration in the architecture design and testing phase. Thanks Richard !!!)
• NetSqlAzMan Server Roles:
o NetSqlAzMan_Administrators (Full control).
o NetSqlAzMan_Managers
 Store Managers (Full control on given Store; cannot delete owned Store; can assign permissions on owned Store and Applications for Users and Readers but not for other Store Managers)
 Application Managers (Full control on given Application; cannot delete owned Application; can assign permissions on owned Application for Users and Readers but not for other Application Managers)
o NetSqlAzMan_Users
 Store Users (can perform “delegate” operations and read from all Applications of given Store)
 Application Users (can perform “delegate” operations and read from given Application)
o NetSqlAzMan_Readers
 Store Readers (can read from all Applications of given Store)
 Application Readers (can read from given Application)

• To Enable NetSqlAzMan Server Roles:
o STEP 1 (choose a NetSqlAzMan Server Role)
 To allow a SQL Login to manage all Stores and all Applications, add login to the NetSqlAzMan_Administrators SQL Role.
 To allow a SQL Login to manage a Store/Application, add login to the NetSqlAzMan_Managers SQL Role.
 To allow a SQL Login to delegate only on a Store/Application, add login to the NetSqlAzMan_Users SQL Role.
 To allow a SQL Login to read only (and allow CheckAccess operations) from a Store/Application, add login to the NetSqlAzMan_Readers SQL Role.
o STEP 2 (Set Store/Application grants)
 From NetSqlAzMan Console, right click on Store/Application and choose properties.
 Click “Permissions” button to assign/see permissions for SQL Logins on given Store/Application (Store / Application visibility filter).
• Permissions can be combined; for example “sqluser1” can be Store Manager of “Store1” Store and just Application Reader of “Store2.MyApplication”.
• NetSqlAzMan DOM Updated. NetSqlAzManApplication class and NetSqlAzManStore implements now IAzManSecurable interface:
o KeyValuePair<string, bool>[] GetManagers()  KeyValuePair = {RoleName, Has Grant}
o KeyValuePair<string, bool>[] GetUsers()  KeyValuePair = {RoleName, Has Grant}
o KeyValuePair<string, bool>[] GetReaders() KeyValuePair = {RoleName, Has Grant}
o void GrantAccessAsManager(string sqlLogin)
o void GrantAccessAsUser(string sqlLogin)
o void GrantAccessAsReader(string sqlLogin)
o void RevokeAccessAsManager(string sqlLogin)
o void RevokeAccessAsUser(string sqlLogin)
o void RevokeAccessAsReader(string sqlLogin)
o bool IAmAdmin { get; }
o bool IAmManager { get; }
o bool IAmUser { get; }
o bool IAmReader { get; }
• Console updated. For each Store/Application you can see NetSqlAzMan Server Role (Admin, Manager, User, Reader) and connected SQL User.
• CheckAccess performance better than 40%
• Fixed Import From AzMan for Windows Vista Users (AzMan 2.0). Added Import support for MSSQL:// Microsoft AzMan Provider.
(Thanks to Catho)
• Bug Fix on SqlAzManAuthorization.Update (wrong ownerSidWhereDefined).
***********************************************************************************************************
Sql Storage DB schema HAS been changed.
TO Upgrade DB Schema from previous versions:
- Follow this Upgrade TUTORIAL: http://sourceforge.net/forum/forum.php?thread_id=1561052&forum_id=564349
***********************************************************************************************************

1.6.0.0 - 20-January-2007
- Added Application Permissions feature:
(Thanks to Richard: http://sourceforge.net/forum/forum.php?thread_id=1618487&forum_id=564348)
- NetSqlAzMan is able now to allow only authorized users and/or groups (Application Managers) to manage (see and udpate) a single Application.
- Application Permissions can be managed by MMC from "Application Properties" (enabled after Application creation only).
- Permissions are stored on "dbo.ApplicationPermissions" SQL Table. (schema must be updated).
- NetSqlAzMan DOM updated (Added methods to IAzManApplication interface and SqlAzManApplication Class):
- SecurityIdentifiers[] GetPermissions()
- void AddPermissions(params SecurityIdentifiers[]),
- void RemovePermissions(params SecurityIdentifiers[])
- Check Access Test print retrieved attributes.
* VERY IMPORTANT:
- Application Permissions does not affect Check Access Operations and then there is no need to grant user that performs Check Access operations only.
- Application Permissions permit to the specified Windows Users (or Windows Groups) only to manage Application structure.
- When an Application is created (first time), by default, Everyone and creator user are granted onto the Application.
- When an Application is imported from an XML file
- if permissions are specified ==> only specified permissions are written onto Application (Everyone and creator user are NOT granted onto the Application).
- if permissions are NOT specified (XML file coming from older release) ==> by default, Everyone and creator user are granted onto the Application.
- When an Application is imported from MS AzMan ==> by default, Everyone and creator user are granted onto the Application.
- Change: Unified SQL Script for SQL Server 2000 and SQL Server 2005 (NetSqlAzMan_SqlServer.sql)
- Added SQL Script to update your DB from previous version (1.4.1.0 -> 1.5.0.0)
- Added SQL Script to give 'Everyone' Permissions to manage your NetSqlAzMan Applications (Script to give Everyone Permissions to your NetSqlAzMan Applications.sql).
- Added Snap-In splash screen with new NetSqlAzMan logo.
- Bug Fix on Setup package (wrong pre-requisite for MMC 3.0 on Windows Server 2003 R2).
(Thanks to Dick: http://sourceforge.net/forum/forum.php?thread_id=1635002&forum_id=564349).
***********************************************************************************************************
Sql Storage DB schema HAS been changed.
TO Upgrade DB Schema from previous versions:
- Use Installed Update Scripts
... or ...
- Follow this Upgrade TUTORIAL: http://sourceforge.net/forum/forum.php?thread_id=1561052&forum_id=564349
***********************************************************************************************************

1.5.0.0 - 10-January-2007
- Added CheckAccess overload to allow attributes retrieval
(Thanks to Ivano - Italy: http://sourceforge.net/forum/forum.php?thread_id=1642693&forum_id=564350)
- Added Event Log Enable/Disable options for Errors, Warnings, Informations into NetSqlAzMan Options form. (Same as where you choose NetSqlAzMan Mode).
By default only Errors and Warnings are logged into Application Event Log.
- Bug fix on Setup package (broken links on PDF Guides)
- .NET Samples (VB/C#) updated with most recent interface changes
(Thanks to holpit: https://sourceforge.net/forum/message.php?msg_id=4088246)
***********************************************************************************************************
Sql Storage DB schema HAS been changed.
Upgrade DB from previous versions: http://sourceforge.net/forum/forum.php?thread_id=1561052&forum_id=564349
***********************************************************************************************************

1.4.4.0 - 4-January-2007
- Bug Fix on CheckAccess Stored Procedure (Deny becomes neutral with Store/Application Groups)
(Thanks to Richard: http://sourceforge.net/forum/forum.php?thread_id=1642163&forum_id=564348)
(Sql Storage DB schema HAS been changed.)

1.4.3.0 - 23-November-2006
- NetSqlAzMan is Windows Vista Ready. (NetSqlAzMan was tested on Windows Vista [Ultimate ed.])
- Bug fix in ADObject class for Windows Groups name resolution for multiple domains.
(Thanks to tangrl [Richard] - http://sourceforge.net/forum/forum.php?thread_id=1615049&forum_id=564348)
- Bug fix in NetSqlAzMan SnapIn when showing DB Users Name and CustomSID.
(Thanks to Raimondo - http://sourceforge.net/forum/forum.php?thread_id=1617658&forum_id=564349)
(Sql Storage DB schema HAS been changed.)

1.4.2.0 - 15-November-2006
- Added NetSqlAzMan - English Guide (pdf)
(Sql Storage DB schema is the same as previous versions.)

A special thank to Giacinta (my wife) and to Nagireddy Tamalapudi for English translation NetSqlAzMan Guide.
Thanks guys !!!

1.4.1.0 - 27-October-2006
- Added NetSqlAzMan ASP.NET Role Provider (NetSqlAzMan.Web.NetSqlAzManRoleProvider).
Web.Config sample:
<system.web>
<roleManager defaultProvider="NetSqlAzManRoleProvider"
enabled="true"
cacheRolesInCookie="false"
cookieName=".ASPROLES"
cookieTimeout="30"
cookiePath="/"
cookieRequireSSL="false"
cookieSlidingExpiration="true"
cookieProtection="All" >
<providers>
<clear />
<add
name="NetSqlAzManRoleProvider"
type="NetSqlAzMan.Web.NetSqlAzManRoleProvider"
ConnectionString="data source=.;Initial Catalog=NetSqlAzManStorage;user id=[someuser];password=[somepassword]"
StoreName="[NetSqlAzMan Store Name]"
ApplicationName="[ApplicationName]" />
</providers>
</roleManager>
</system.web>
- Added Print feature (with Print Preview):
- Items Hierarchy Report;
- Authorizations Report;
- Added NetSqlAzMan Snap-In Albanian Localization.
- Bug Fix on SQL scripts: now SQL statements used within NetSQLAzMan are checked for case-sensitive problems.
(Thanks to "wraith10" - http://sourceforge.net/tracker/index.php?func=detail&aid=1580952&group_id=165814&atid=836877)
- Bug Fix on NetSqlAzMan.SnapIn
(Thanks to "nobody" - http://sourceforge.net/tracker/index.php?func=detail&aid=1550713&group_id=165814&atid=836877)
- Fixed minor localization SnapIn errors.
(Sql Storage DB schema HAS been changed.)

1.4.0.0 - 20-September-2006
- Added "Check Access Test" feature to NetSqlAzMan Snap-In to allow a Check Access Test impersonating (without password) other Windows/DB Users rather then yourself.
(From Snap-In select an Application, right click on it and choose "Check Access Test" item menu)
Note: Windows user impersonation is allowed only on Windows Server 2003 machines in a Windows 2003 Native Domain.
(Kerberos Protocol Transition).
- Added IsInGroup methods to check Store/Application Groups membership of a Windows/DB User:
- IsInGroup(WindowsIdentity windowsIdentity)
- IsInGroup(IAzManDBUser dbUser)
- Added ObjectHelperPicker2 source code project for .NET 2.0 (compiled with ATL_80 instead of ATL_71)
- Changed default location to Domain instead of local machine when picking AD Objects (Windows Users & Groups).
- Fixed Setup package that now install ATL 8.0 DLL pre-requisites.
(Error "Retrieving COM class factory for componenet with CLSID {0A386264-8872-483F-85B8-84F83F30AB49} failed due to the following error:8007007e"
while adding Windows Users & Groups).
- Fixed CheckAccess stored procedure issue for multiple authorizations for the same SID.
- Fixed SqlAzManItem.Delete() method issue (BizRule Foreign Key).
- Fixed minor localization SnapIn errors.
(Sql Storage DB schema HAS been changed.)

1.3.1.0 - 7-September-2006
- NetSqlAzMan Snap-In is now localized in English, Italian and Spanish.
(Feature Request N.: 1550495 - http://sourceforge.net/tracker/index.php?func=detail&aid=1550495&group_id=165814&atid=836880
Thanks to Daniel Laco - dlaco - for Spanish translation. If someone wants to localize in other languages, please contact me)
- Bug Fix on CheckAccessHelper source code generation.
- Added contextParameters params parameter to CheckAccessHelper generated methods.
- Added UsersDemo table into NetSqlAzManStorage as Demo Users table.
- Updated dbo.GetDBUsers Table Function that reads UsersDemo table.
(Sql Storage DB schema HAS been changed.)

1.3.0.0 - 25-August-2006
- Custom Authentication support for Database users implemented.
(Feature Request n.: 1544843 - http://sourceforge.net/tracker/index.php?func=detail&aid=1544843&group_id=165814&atid=836880)
- Added dbo.GetDBUsers table-function to retrieve db user lists. (Customize before use !)
- Added NetSqlAzMan.IAzManDBUser interface
- Added NetSqlAzMan.SqlAzManDBUser class
- property CustomSid
- property Username
- Added methods to retrieve Database users:
- IAzManStorage.GetDBUsers() -> IAzManDBUser
- IAzManStorage.GetDBUser(IAzManSid) -> IAzManDBUser
- IAzManStorage.GetDBUser(string) -> IAzManDBUser
- IAzManStore.GetDBUsers() -> IAzManDBUser
- IAzManStore.GetDBUser(IAzManSid) -> IAzManDBUser
- IAzManStore.GetDBUser(string) -> IAzManDBUser
- IAzManApplication.GetDBUsers() -> IAzManDBUser
- IAzManApplication.GetDBUser(IAzManSid) -> IAzManDBUser
- IAzManApplication.GetDBUser(string) -> IAzManDBUser
- Added CheckAccess / BeginCheckAccess overloads to support IAzManDBUser check.
- Modified MMC Snap-In Console to support Database users for:
- Store Groups
- Application Groups
- Item Authorizations
- Modified CheckAccessHelper source code generation to support DB Users
- Change in IAzManBizRule interface. Use NetSqlAzMan.Interfaces.IAzManSid instead of System.Security.Principal WindowsIdentity parameter.
- Little Bug fix in Biz Rule execution (forgotten debugging code deleted)
(Sql Storage DB schema HAS been changed.)

1.2.0.0 - 7-August-2006
- Update: Role/Task/Operation BIZ RULES implemented (same as AzMan Authorization Scripts).
Implementation Details:
- From Snap-In choose a Role/Task/Operation (already created) and press 'Biz Rule' button.
- NetSqlAzMan Biz Rules are NOT scripts (JScript/VBScript) but C#/VB.NET pre-compiled assemblies !!! WOW ... A lot of performance.
- All Biz Rule Compiled assemblies reside on 'BizRule' SQL Server table and they are cached.
- Use SqlAzManItem.ClearBizRuleAssemblyCache() static method to clear Biz Rule Assembly Cache.
(Thanks to Nagireddy for feature request - http://sourceforge.net/forum/forum.php?thread_id=1547623&forum_id=564350)
(Sql Storage DB schema HAS been changed.)

1.1.0.0 - 31-July-2006
- Now NetSqlAzMan is able to generate source code (C#/VB.NET) !!!
From Snap-In choose an application and right click on it (only Developer mode).
You will see an "Application menu" from which you can generate .NET source code ready for selected application.
(Enums with specific Roles/Tasks/Operations, CheckAccess methods that return true or false, etc...)
- Minor changes on Snap-In UI.
(Sql Storage DB schema has not been changed.)

1.0.1.2 - 28-June-2006
- Sql Script for Sql Server 2005 fix.
- Message view description showed on MMC Snap start-up.
- Changed NetSqlAzMan default Mode from Administrator to Developer.
- Updated reference to Microsoft.Interop.Security.AzRoles.dll assembly (R2 Edition).
(Sql Storage DB Schema fixed just for 2005).

1.0.1.1 - 17-June-2006
- Change on GetAttributeKey() method. If key does not exists return null instead of throwing exeption.
- Minor changes on Snap-In.
(Sql Storage DB schema has not been changed.)

1.0.1.0 - 30-May-2006
- Added direct Delete/Change Authorizations features from Snap-In scope node (without entering into "Manage Authorizations").
- Added Store Attributes
- Added Application Attributes
- Added Item Attributes
(Sql Storage DB schema has been changed.)

1.0.0.0 - 12-May-2006
- First release.


Web Console

3.5.4.1 04-May-2009
- Fix: UserPermissionCache.CheckAccess bug fix when ValidFrom and/or ValidTo are not null (some cases only)
Work item 2877: http://netsqlazman.codeplex.com/WorkItem/View.aspx?WorkItemId=2877
- Fix on ENS (Event Notification System); ENS events are now raised only when this.ens!=null
Thanks to fdesbrosses. Work item 2878: http://netsqlazman.codeplex.com/WorkItem/View.aspx?WorkItemId=2878
- Added NetSqlAzMan Web Site link to the .MSI Setup Package.
- Tested with SQL Server 2008 SP1, Windows Vista SP2, Windows Server 2008 SP2.

3.5.4.0 28-April-2009
- Fix: NetSqlAzManStorage Script fix (case sensitive collation)
Thanks to Cheers. Work item 2804: http://netsqlazman.codeplex.com/WorkItem/View.aspx?WorkItemId=2804
- Fix: NetSqlAzMan.Cache.StorageCache CheckAccess issue. it's not considering inheritance from the parent items when Biz-Rules are defined.
Thanks to rtang. Work Item 2824: http://netsqlazman.codeplex.com/WorkItem/View.aspx?WorkItemId=2824
- Fix: When call CheckAccess function of UserPermissionCache, it doesn't retrieve the attributes defined on the ITEMS. It does retrieve the attributes defined on the AUTHORIZATION, application and store
Thanks to rtang. Work Item 2825: http://netsqlazman.codeplex.com/WorkItem/View.aspx?WorkItemId=2825
- Fix: UserPermissionCache constructor requires contextParameters and doesn't not allow null value. When a BizRule exists, an exception will be thrown.
- Change: Added SqlAzManException class to wrap all NetSqlAzMan Exceptions, based on MS Design Guidelines for Exceptions: http://msdn.microsoft.com/en-us/library/ms229014(VS.80).aspx
All messages are now standardized. When an Exception is thrown, Data property is also valorized with a Dictionary<string, object> with context parameters (i.e. “Store Name”, “My store name”)
Thanks to rtang. Work item 2856: http://netsqlazman.codeplex.com/WorkItem/View.aspx?WorkItemId=2856

3.5.3.0 17-April-2009
• Change:
o Added CheckAccessHelper method overloads to support CheckAccess with custom SIDs (IAzManCustomSID).
o Added CheckAccessHelper constructor without WindowsIdentity parameter for DB Users Only.
Thanks to cmacholz: http://netsqlazman.codeplex.com/WorkItem/View.aspx?WorkItemId=2431
o Change on "Add Database Users" dialog:
 Now custom columns are showed
Thanks to _Trip. Work item 2680: http://netsqlazman.codeplex.com/WorkItem/View.aspx?WorkItemId=2680
 Added Filter capabilities on the "Add Database Users" dialog (standard and custom columns)
Thanks to hmadanaraj. Work item 2663: http://netsqlazman.codeplex.com/WorkItem/View.aspx?WorkItemId=2663
o Added the ability to CheckAccess through .NET Attributes.
Thanks to news75. Work Item 2567: http://netsqlazman.codeplex.com/WorkItem/View.aspx?WorkItemId=2567
 Added two classes: NetSqlAzManAuthorizationAttribute and NetSqlAzManAuthorizationContext (namespace: NetSqlAzMan)
Example:

[Form1.Designer.cs]
[NetSqlAzManAuthorization("My operation", " Visible", false)] //If NOT CheckAccess(...) => button1.Visible = false
private System.Windows.Forms.Button button1;

[NetSqlAzManAuthorization("My Role", "Enabled", false)] //If NOT CheckAccess(...) => saveToolStripMenuItem.Enabled = false
private System.Windows.Forms.ToolStripMenuItem saveToolStripMenuItem;

[Form1.cs]
private void Form2_Load(object sender, EventArgs e)
{
//Initialize the NetSqlAzMan Context
NetSqlAzManAuthorizationContext ctx = new NetSqlAzManAuthorizationContext(
"data source=(local);Initial Catalog=NetSqlAzManStorage;User id=sa;password=",
"Eidos",
"DB Persone",
WindowsIdentity.GetCurrent(),
true); //True to use StorageCache, false to direct check access

//Optionally you can intercept events before and after the Access Check
//ctx.BeforeCheckAccess += new BeforeCheckAccessHandler(NetSqlAzManAuthorizationContext_BeforeCheckAccess);
//ctx.AfterCheckAccess += new AfterCheckAccessHandler(NetSqlAzManAuthorizationContext_AfterCheckAccess);

//If using the Storage Cache … you can also invalidate the cache
//ctx.InvalidateCache();

[…]

//Finally … check the security for all Attributes
ctx.CheckSecurity(this);
}

//void NetSqlAzManAuthorizationContext_AfterCheckAccess(NetSqlAzManAuthorizationContext context, NetSqlAzManAuthorizationAttribute attribute, ref bool partialResult)
//{
// //Do something before checking the access
//}

//void NetSqlAzManAuthorizationContext_BeforeCheckAccess(NetSqlAzManAuthorizationContext context, NetSqlAzManAuthorizationAttribute attribute)
//{
// //Do something after access check
//}
• Bug Fix in NetSqlAzManRoleProvider, Snap-In Check Access Test and Web Console Check Access test; WindowsIdentity.GetCurrent() replaced with ((System.Threading.Thread.CurrentPrincipal.Identity as WindowsIdentity) ?? WindowsIdentity.GetCurrent())
Thanks to Richard. Work Item 2740: http://netsqlazman.codeplex.com/WorkItem/View.aspx?WorkItemId=2740


3.5.2.1 26-March-2009
• New: Code to support an extension to an LDAP Group query to query specific roots such as under an OU:
[RootDSE:OU=ADS,OU=ADB,OU=ISV,OU=OCD,OU=EXE,DC=hcso,DC=tampa,DC=fl,DC=us](&(rest of my query))
http://netsqlazman.codeplex.com/WorkItem/View.aspx?WorkItemId=2357
o Updated: SnapIn & WebConsole
o Updated: dbo.ExecuteLDAPQuery Stored Procedure
Thanks to jeff_huntsman.
• Added static method SqlAzMan.SqlAzManSID SIDToInt32(int n) to get a DB Users from an int32 as custom SID.
Thanks to Craig: http://netsqlazman.codeplex.com/Thread/View.aspx?ThreadId=51318

3.5.2.0 10-March-2009
• Project moved at http://netsqlazman.codeplex.com

3.5.1.1 18-February-2009
• Added “Invalidate WCF Cache Service” menu option to the Web Console (on the Storage root node) to invoke InvalidateCache() method from the console.
• Minor UI bug fixed

3.5.1.0 09-December-2008
• Options added to the console Import dialog form:
o Creates new Items ? (Yes/No)
o Overwrites existing Items ? (Yes/No)
o Delete missing Items ? (Yes/No)
o Creates new Item authorizations ? (Yes/No)
o Overwrites existing Item authorization ? (Yes/No)
o Delete missing Item authorizations ? (Yes/No)
Notes:
o Items comparison made by Name (and not by SID)
o Items authorization made by SID (and not by Name)
Thanks to Costasz, Richard Tang: https://sourceforge.net/forum/message.php?msg_id=5425180
• Changed splash screen to a “more professional” one. 
• Removed “sealed” from NetSqlAzMan.Providers.NetSqlAzManRoleProvider class.
Thanks to Richard Tang: https://sourceforge.net/forum/message.php?msg_id=5440288
• Added ShowSplashScreen option in the web.config file to display or not the web splash screen:
<add key="ShowSplashScreen" value="true"/>

3.5.0.2 13-April-2008
o Change: UserPermissionCache and StorageCache are now Serializable (Binary only).
Thanks to Nobody: https://sourceforge.net/forum/message.php?msg_id=4883401
o Built with NetSqlAzMan 3.5.0.3.

3.5.0.1 26-January-2008
• Bug fix for Store/Application permission change using Snap-In.
Request ID: 1870222 - http://sourceforge.net/tracker/index.php?func=detail&aid=1870222&group_id=165814&atid=836877
• Bug fix while SQLAudit T-SQL generation (dbo.Log table missing)
(Thanks to brillobabu: https://sourceforge.net/forum/message.php?msg_id=4736276)
• Change: “Persist Security Info=true” forced by SqlAzManStorage.ConnectionString property when SQL Authentication is enabled (needed to open new SQL connection in a multi-thread environment).
(Thanks to John Woo: https://sourceforge.net/forum/message.php?msg_id=4738460)

3.5.0.0 - 21-December-2007
- .NET Framework 3.5 technology upgrade (.NET Framework 3.5 is now a prerequisite)
- Data layer upgrade from Tdo to LINQ to SQL (Tdo assembly reference removed).
- All components are recompiled with the .NET Framework 3.5
- VS.NET 2008 source format for solution and projects (.sln / .csprj)
- Bug fix on CheckAccessTest for DB Users.

1.2.5.0 - 15-November-2007
- Added 3 Themes (0, 1 and 2); buttons for theme change are on upper right corner of WebConsole.aspx page.
- Minor UI bugs fixed (javascript treeview and resize errors).
- Built with NetSqlAzMan core v. 3.5.0.3

1.2.0.0 - 30-October-2007
- Minor UI bugs fixed.
- Built with NetSqlAzMan core v. 2.4.5.0

1.1.0.0 - 25-July-2007
- Change: StorageConnection.aspx now remember also sql passwords into an Encrypted Cookie.
- Minor UI bugs fixed.
- Built with NetSqlAzMan core v. 2.4.4.0
- Added RootDSEPath appSetting value (web.config) to set the Root DSE Path of your Active Directory domain. (default value is the AD default naming context).

1.0.0.0 - 30-May-2007
- RTM release.

0.9.5.0 - 15-May-2007 (Beta 2)
- Beta 2 released.
- All tested on IIS 6, IIS 7, Internet Explorer 5.0->7.0, Mozilla FireFox 2.x.x
- Liquid Layout style.
- Styles fixed into dlgCheckAccessTest.aspx and dlgBizRule.aspx
- Added MSI Custom Action to switch default virtual directory .NET Framework from 1.1 to 2.0
(Thanks to Brian: http://sourceforge.net/forum/forum.php?thread_id=1731570&forum_id=564348)
- Bug fix on dlgGetDBUsers.aspx (missing Application name filter).
(Thanks to Brian: https://sourceforge.net/forum/message.php?msg_id=4303742)
- Added Active Directory Search feature to allow direct selection of AD Objects (Users and Groups).


0.9.0.0 - 09-May-2007 (Beta 1)
- Beta 1 released.
- All features implemented (same as MMC 3.0).
- No Support for local Windows Users/Groups (local Users would be IIS local Users )

POST INSTALLATION NOTES:
- IIS Web Server and SQL Server on the same machine:
o Nothing to do.
- IIS Web Server and SQL Server on different machines (Web site use the client's single sign-on credentials to access SQL Server):
o http://msdn.microsoft.com/msdnmag/issues/05/09/SecurityBriefs/



WCF Cache Service

3.5.4.1 04-May-2009
- Fix: UserPermissionCache.CheckAccess bug fix when ValidFrom and/or ValidTo are not null (some cases only)
Work item 2877: http://netsqlazman.codeplex.com/WorkItem/View.aspx?WorkItemId=2877
- Fix on ENS (Event Notification System); ENS events are now raised only when this.ens!=null
Thanks to fdesbrosses. Work item 2878: http://netsqlazman.codeplex.com/WorkItem/View.aspx?WorkItemId=2878
- Added NetSqlAzMan Web Site link to the .MSI Setup Package.
- Added Restart Service link to the “Programs/.NET Sql Authorization Manager/Cache Service” menu.
- Tested with SQL Server 2008 SP1, Windows Vista SP2, Windows Server 2008 SP2.

3.5.4.0 28-April-2009
- Fix: NetSqlAzManStorage Script fix (case sensitive collation)
Thanks to Cheers. Work item 2804: http://netsqlazman.codeplex.com/WorkItem/View.aspx?WorkItemId=2804
- Fix: NetSqlAzMan.Cache.StorageCache CheckAccess issue. it's not considering inheritance from the parent items when Biz-Rules are defined.
Thanks to rtang. Work Item 2824: http://netsqlazman.codeplex.com/WorkItem/View.aspx?WorkItemId=2824
- Fix: When call CheckAccess function of UserPermissionCache, it doesn't retrieve the attributes defined on the ITEMS. It does retrieve the attributes defined on the AUTHORIZATION, application and store
Thanks to rtang. Work Item 2825: http://netsqlazman.codeplex.com/WorkItem/View.aspx?WorkItemId=2825
- Fix: UserPermissionCache constructor requires contextParameters and doesn't not allow null value. When a BizRule exists, an exception will be thrown.
- Change: Added SqlAzManException class to wrap all NetSqlAzMan Exceptions, based on MS Design Guidelines for Exceptions: http://msdn.microsoft.com/en-us/library/ms229014(VS.80).aspx
All messages are now standardized. When an Exception is thrown, Data property is also valorized with a Dictionary<string, object> with context parameters (i.e. “Store Name”, “My store name”)
Thanks to rtang. Work item 2856: http://netsqlazman.codeplex.com/WorkItem/View.aspx?WorkItemId=2856

3.5.3.0 17-April-2009
• Change:
o Added CheckAccessHelper method overloads to support CheckAccess with custom SIDs (IAzManCustomSID).
o Added CheckAccessHelper constructor without WindowsIdentity parameter for DB Users Only.
Thanks to cmacholz: http://netsqlazman.codeplex.com/WorkItem/View.aspx?WorkItemId=2431
• Fix: Removed ServiceContract attribute from methods InvalidateStoreCache(string storeName) and InvalidateStoreApplicationCache(string storeName, string applicationName) to avoid that some user could rebuild cache for a different store/application instead of what the service .config indicates.

3.5.2.1 26-March-2009
• New: Code to support an extension to an LDAP Group query to query specific roots such as under an OU:
[RootDSE:OU=ADS,OU=ADB,OU=ISV,OU=OCD,OU=EXE,DC=hcso,DC=tampa,DC=fl,DC=us](&(rest of my query))
http://netsqlazman.codeplex.com/WorkItem/View.aspx?WorkItemId=2357
o Updated: SnapIn & WebConsole
o Updated: dbo.ExecuteLDAPQuery Stored Procedure
Thanks to jeff_huntsman.
• Added static method SqlAzMan.SqlAzManSID SIDToInt32(int n) to get a DB Users from an int32 as custom SID.
Thanks to Craig: http://netsqlazman.codeplex.com/Thread/View.aspx?ThreadId=51318

3.5.2.0 10-March-2009
• Project moved at http://netsqlazman.codeplex.com

3.5.1.1 18-February-2009
• WCF Attributes added to all NetSqlAzMan classes to support WCF exposure.
• Bug fix into the NetSqlAzManStorage.Cache.StorageCache.BuildStorageCache(string storeNameFilter, string applicationNameFilter) method; Biz Rule cache is cleaned before StorageCache building.
Thanks to Giuseppe Di Mauro
• Bug fix into the NetSqlAzManCacheServiceSetup CustomActionData; sometimes Cache Service installer returns an error like “Exception occurred while initializing the installation: System.IO.FileNotFoundException: Could not load file or assembly 'file:///C:\WINDOWS\system32\xxxx' or one of its dependencies. The system cannot find the file specified.”
http://jlchereau.blogspot.com/2008/03/filenotfoundexception-in-visual-studio.html
• Added two methods to the ICacheService:
o [OperationContract()]
string[] GetItemNames(string storeName, string applicationName, ItemType type);
o [OperationContract()]
KeyValuePair<string, ItemType>[] GetAllItems(string storeName, string applicationName);


3.5.1.0 09-December-2008
• Added command line arguments to allow silent service installation (msiexec.exe):
Syntax:
o [msiexec.exe] /i NetSqlAzManCacheServiceSetup.msi [username="MYDOMAIN\MyUsername"] [password="mypassword"] [/quiet]
where:
 /i: install the service
 username: is the username used to start the NetSqlAzMan Cache Service
 password: is the username password used to start the NetSqlAzMan Cache Service
 /quiet: Performs a silent installation (no user interface)
Thanks to Brad: https://sourceforge.net/forum/message.php?msg_id=5420083
• Changed splash screen to a “more professional” one. 

3.5.0.2 13-April-2008
o NetSqlAzManCacheServiceInvalidateUtility change; added two command parameters.
Syntax: NetSqlAzManCacheServiceInvalidateUtility.exe [storeName] [ApplicationName]
o Added shortcut “Edit Service Configuration” in the user programs menu.
o Added “Start service after install” option in the MSI package.
o Change: UserPermissionCache and StorageCache are now Serializable (Binary only).
Thanks to Nobody: https://sourceforge.net/forum/message.php?msg_id=4883401
o Bug Fix into NetSqlAzMan.Cache.StorageCache class to support Database user SIDs.
Thanks to K.Overmars, Tracker Id: 1939219: http://sourceforge.net/tracker/index.php?func=detail&aid=1939219&group_id=165814&atid=836877
o Bug fix into the WindowsCacheService class. Error “'0' is not a valid value for 'Interval'. 'Interval' must be greater than 0” fixed.
o Built with NetSqlAzMan 3.5.0.3.

3.5.0.1 26-January-2008
o Built with NetSqlAzMan 3.5.0.1.

3.5.0.0 21-December-2007
• First release.
o It is a Windows NT Service that exposes a self-hosted WCF service (http/net.tcp protocols).
o A StorageCache singlecall instance is exposed to allow CheckAccess cached operations for Windows users and DB Users (4 CheckAccess overloads).
o InvalidateCache method to force cache expire (and rebuild).
o NetSqlAzManCacheServiceInvalidateUtility.exe utility as standalone WCF client console to force cache expire (and rebuilt).
• WCF Service Contract:
[ServiceContract]
public interface ICacheService
{
[OperationContract(Name = "CheckAccessForWindowsUsersWithAttributesRetrieve")]
AuthorizationType CheckAccess(string storeName, string applicationName, string itemName, string userSSid, string[] groupsSSid, DateTime validFor, bool operationsOnly, out List<KeyValuePair<string, string>> attributes, params KeyValuePair<string, object>[] contextParameters);
[OperationContract(Name = "CheckAccessForWindowsUsersWithoutAttributesRetrieve")]
AuthorizationType CheckAccess(string storeName, string applicationName, string itemName, string userSSid, string[] groupsSSid, DateTime validFor, bool operationsOnly, params KeyValuePair<string, object>[] contextParameters);
[OperationContract(Name = "CheckAccessForDatabaseUsersWithAttributesRetrieve")]
AuthorizationType CheckAccess(string storeName, string applicationName, string itemName, string DBuserSSid, DateTime validFor, bool operationsOnly, out List<KeyValuePair<string, string>> attributes, params KeyValuePair<string, object>[] contextParameters);
[OperationContract(Name = "CheckAccessForDatabaseUsersWithoutAttributesRetrieve")]
AuthorizationType CheckAccess(string storeName, string applicationName, string itemName, string DBuserSSid, DateTime validFor, bool operationsOnly, params KeyValuePair<string, object>[] contextParameters);
[OperationContract(Name = "InvalidateCache")]
void InvalidateCache();
}
• Storage connection string, protocols (net.tcp/http), Expiration policy, StoreFilterName, ApplicationFilterName, endpoint addresses and so on … are configureable via NetSqlAzManCacheService.exe.config configuration file:
<connectionStrings>
<add name="NetSqlAzMan.Cache.Service.Properties.Settings.NetSqlAzManStorageCacheConnectionString"
connectionString="Data Source=(local);Initial Catalog=NetSqlAzManStorage;Integrated Security=True"
providerName="System.Data.SqlClient" />
</connectionStrings>
<appSettings>
<add key="expirationValue" value="0 1 0 0" /> <!-- days hours minutes seconds -->
<add key="StoreNameFilter" value="" /> <!-- leave empty for all Stores -->
<add key="ApplicationNameFilter" value=""/> <!-- leave empty for all Applications -->
</appSettings>
• Features:
o Cache building after service start.
o Client CheckAccess (instead of server CheckAccess)
o Entire Storage caching capability.
 When the BuildStorageCache() method is invoked all Storage elements are readed and cached.
 When the BuildStorageCache(StoreFilterName) method is invoked all specified Store elements are readed and cached.
 When the BuildStorageCache(StoreFilterName, ApplicationFilterName) method is invoked all specified Applications elements of the specified Store are readed and cached.
 BizRules result is not cached (only bizRule definition)
 LDAP Groups (Application/Store) members are cached.
• To invoke from your Windows/Web application add a Service Reference to http://localhost:9000/NetSqlAzMan.Cache.Service/CacheService/ (metadata discovery address).
or
• Add an app.config file like this:
<?xml version="1.0" encoding="utf-8" ?>
<configuration>
<system.serviceModel>
<bindings>
<wsHttpBinding>
<binding name="WSHttpBinding_ICacheService" closeTimeout="00:01:00"
openTimeout="00:01:00" receiveTimeout="00:10:00" sendTimeout="00:01:00"
bypassProxyOnLocal="true" transactionFlow="false" hostNameComparisonMode="StrongWildcard"
maxBufferPoolSize="524288" maxReceivedMessageSize="65536"
messageEncoding="Text" textEncoding="utf-8" useDefaultWebProxy="true"
allowCookies="false">
<readerQuotas maxDepth="32" maxStringContentLength="8192" maxArrayLength="16384"
maxBytesPerRead="4096" maxNameTableCharCount="16384" />
<reliableSession ordered="true" inactivityTimeout="00:10:00"
enabled="false" />
<security mode="Message">
<transport clientCredentialType="Windows" proxyCredentialType="None" realm="" />
<message clientCredentialType="Windows" negotiateServiceCredential="true" algorithmSuite="Default" establishSecurityContext="true" />
</security>
</binding>
</wsHttpBinding>
<netTcpBinding>
<binding name="NetTcpBinding_ICacheService" closeTimeout="00:01:00"
openTimeout="00:01:00" receiveTimeout="00:10:00" sendTimeout="00:01:00"
transactionFlow="false" transferMode="Buffered" transactionProtocol="OleTransactions"
hostNameComparisonMode="StrongWildcard" listenBacklog="10"
maxBufferPoolSize="524288" maxBufferSize="65536" maxConnections="10"
maxReceivedMessageSize="65536">
<readerQuotas maxDepth="32" maxStringContentLength="8192" maxArrayLength="16384"
maxBytesPerRead="4096" maxNameTableCharCount="16384" />
<reliableSession ordered="true" inactivityTimeout="00:10:00"
enabled="false" />
<security mode="Transport">
<transport clientCredentialType="Windows" protectionLevel="EncryptAndSign" />
<message clientCredentialType="Windows" />
</security>
</binding>
</netTcpBinding>
</bindings>
<client>

<!-- HTTP ENDPOINT -->
<!--
<endpoint address="http://localhost:8000/NetSqlAzMan.Cache.Service/CacheService/"
binding="wsHttpBinding" bindingConfiguration="WSHttpBinding_ICacheService"
contract="sr.ICacheService" name="WSHttpBinding_ICacheService" />
-->
<!-- NET TCP ENDPOINT -->
<endpoint address="net.tcp://localhost:8000/NetSqlAzMan.Cache.Service/CacheService/"
binding="netTcpBinding" bindingConfiguration="NetTcpBinding_ICacheService"
contract="sr.ICacheService" name="NetTcpBinding_ICacheService" />
</client>
</system.serviceModel>
</configuration>
• Average times:
o Cache build: 2~5 seconds (depends by the Storage)
o CheckAccess: 0.05 seconds (depend by the Item Hierarchy)

Last edited May 4, 2009 at 6:30 PM by aferende, version 6

Comments

No comments yet.