Thanks for the reply,
Using the windows service,
>>- Raven/Authorization/Windows/RequiredGroups
>>- Raven/Authorization/Windows/RequiredUsers
does give me the ability to authenticate against windows groups/users.
But what I really wanted was the coarse-grained authorization like you have for anonymous users where you can set <add key="Raven/AnonymousAccess" value="Get"/>
but for windows groups/users.
In the end I decided to run it as an IIS Application which made it easy for me to do that type of authorization at the verb level in the web.config due to raven’s adherence to proper use of HTTP verbs. For others who may want to do the same, heres my config
<system.webServer>
. . .
<security>
<authentication>
<anonymousAuthentication enabled="false" />
<windowsAuthentication enabled="true" />
</authentication>
<authorization>
<remove users="*" roles="" verbs="" />
<add accessType="Allow" roles="CORP\Xapp - Data Administrators" verbs="GET,PUT,DELETE,POST,CONNECT" />
<add accessType="Allow" roles="CORP\Xapp - Site Representatives" verbs="GET" />
<add accessType="Allow" roles="CORP\Xapp - Graduate Managers" verbs="GET,PUT" />
<add accessType="Allow" roles="Administrators" verbs="GET,POST,PUT,DELETE,CONNECT" />
</authorization>
</security>
. . .
</system.webServer>