AuthorizationStoreRoleProvider implements all of the methods defined on the base RoleProvider class with the exception of the FindUsersInRole method. The provider throws a NotImplementedException from this method, which is a bit of a deviation from the normal practice of throwing a NotSupportedException for such cases. Because the provider is basically a "shim" that maps RoleProvider method calls to their equivalent for AzMan, and AzMan has no concept of searching for users in a role, the FindUsersInRole method was not implemented.
If you have ever worked with the AzMan APIs directly, you are probably already getting an idea of how the provider makes use of AzMan. Internally, each supported RoleProvider method maps directly to a method call on an AzMan interface or object. The complete mapping is shown in the following list:
CreateRole—Either IAzApplication::CreateRole or IAzScope::CreateRole
DeleteRole—Either IAzApplication::DeleteRole or IAzScope::DeleteRole
FindUsersInRole: Not implemented
GetAllRoles: Iterates through the roles returned by either the IAzApplization::Roles property or the IAzScope::Roles property
IsUserInRole: Retrieves roles from IAzClientContext::GetRoles and then performs a string comparison between the requested role and the set of roles returned from the AzMan method. The comparison is case-insensitive and uses ...