• The Quickstart sample seemed too complex to me and I decided to create a basic stuff from scratch to avoid the "my eyes glaze over symptom".
• I’ve reused the BankAccount class provided in the Quickstart sample, however:

Our business class (BankAccount) must be either derived from MarshallFromRefObject (option choosen here, but I don’t like it) , or must implement an interface (my favorite option, but this afternoon I’m too lazy  to adapt the code, it’s Sunday after all.

• I’ve created a console application, I’ve added the BankAccount class into the project as well as an app.config file. A great feature of Entlib3 is the integrated config file editor:

•  I’ve used this new editor for adding the Policy Injection Application Block configuration:

• It’s now time to define my policy:

•  Let’s rename the policy "Authorize and Audit" :

• Let’s define the criteria for being enlisted into this policy : what I want is that any class from the PolicyInjectionQuickStart.BusinessLogic namespace be part of this policy:

•   As part of the policy we want to handle the Exceptions :

• Let’s keep the default name :

• We have to define an Exception Policy : for doing this, we have to add the Exception Handling Application Block into the app.config file :

• Add a new Exception Policy:

• Rename it "Bank Account Exception Policy":

• Add a new Exception Type :

• Select ArithmeticException :

• Since we are going to replace our ArithmeticException with an ApplicationException, in the PostHandlingAction property, select  "ThrowNewException":

<>

• Let’s add a Replace Exeption Handler :

• And map it to ApplicationException and set the ExceptionMessage property to "Insufficient funds available" :

• Since we also want the ArithmeticException to be logged into the EventLog, add a  LoggingHandler  :

• Set the "FormatterType" property of the logging handler to "TextExceptionFormatter"

• Set the Category property to "General" which is the default Category Source defined in the logging Application Block config section :

• Select our Exception Handling Handler :

• Make the link with the Exception policy we’ve just defined :

• Create you application : notice the PolicyInjection class that generates a proxy (which handles the injection & AOP stuff).

• Verify that you have referenced the following assemblies :

• Run the application : your ArithmeticException (and any other ArithmeticException) has been transformed into an ApplicationException.

•  We also have an entry in the event log (it’s part of the BankAccount Exception Policy):

• It’s time to add some security features : for instance I only want the user "Serge" to be authorized to uset the BankAccount class.
• Let’s add the Secutity Application Block to our app.config file :

• Add an Authorization provider (notice that there is an Azman provider, but we’ll use the "Authorization Rule Provider") :

•  Add  new rule:

• Rename the rule "BankAccount" :

• In the BankAccount property page, set the expression as "I-Serge" (I means "Identity", if we want to specify the role, it’s ‘R’ instead):

• We now have to make a link between the Policy Injection and the Rule (add an Authorization handler) :

• Let’s configure the Authorization Handler in its property page : select "Rule Provider" as the Authorization provider and {type} for the Operation Name (the Authorization will work for the whole class here).

• Run the application : normally we have a security exception (the user is not Serge).
• Modify the main application :