Security Truth Table


The following sample procedure and truth table summarize the logic flow of security processing for provisioning requests in Microsoft® Provisioning Framework (MPF).

Value of @impersonate Basic Authentication Credential securityContext "Execute as" User on Procedure 2 Value of @Impersonate Result
0 Irrelevant (not used even if specified) Irrelevant (not used even if specified) 0 MPFServiceAcct
1 Basic authentication user NULL 0 Basic authentication user
1 NULL NULL 0 Calling user
2 Irrelevant (not used even if specified) Not used 0 MPFServiceAcct
Not specified Basic authentication user NULL 1 Basic authentication user
Not specified NULL NULL 1 Calling user
Not specified Irrelevant (not used even if specified) Irrelevant (not used even if specified) 2 MPFServiceAcct
1 Irrelevant (not used even if specified) "Execute as" user 0 "Execute as" user
Not specified Irrelevant (not used even if specified) "Execute as" user 1 "Execute as" user

The table's Result column lists the account under which MPF would run Procedure 3 in the following example, given various combinations of @impersonate, "execute as" credentials, and a basic authentication credential in the request passed to procedure 1.

<namespace name="namespace1">
  <procedure name="Procedure1">
	<execute procedure="Procedure2" namespace="Namespace1" impersonate="0" /><!—column 1-->
  </procedure>
  <procedure name="Procedure2" >
	<execute procedure="Procedure3" namespace="Namespace2" impersonate="0"><!—column 2-->
  </procedure>
</namespace>

See Also

Basic Authentication, Data Encryption, Provisioning Schema


Up Top of Page
© 1999-2002 Microsoft Corporation. All rights reserved.