I have a WCF service that calls the Authorization manager (AzMan) API - which is a COM interface. I use the following code to get a list of roles for a given user account:
public string[] GetRoleNamesForUser(string appName, SecurityIdentifier userSID)
{
m_azManStore.UpdateCache(null);
IAzApplication app = GetApplication(appName);
List<string> userRoles = new List<string>();
if (userSID != null)
{
IAzClientContext context = app.InitializeClientContextFromStringSid(userSID.ToString(), 1, null);
object[] roles = (object[])context.GetRoles("");
foreach (string uRole in roles)
{
userRoles.Add(uRole);
}
Marshal.FinalReleaseComObject(context);
}
return userRoles.ToArray();
}
This code works fine most of the time. However, while load testing (always using the same userSID), this code will sometimes return an empty array for the list of roles. Does AzMan have a problem with heavy load or is there something I am not doing right with regaurd to the AzMan COM object or something?
When using the AzMan COM object you must use Marshal.FinalReleaseCOMObject(object)
to release resources. A memory leak is possible if this is not done. I had to wrap the AzMan store in a disposable class so that each call would open AzMan, use it then close it. The result is a slower, but more stable, application.
Take a look at this SO question for more details