You can configure AzMan's authorization rules using an XML file as opposed to a directory or Microsoft SQL Server database (in this case, the XML file is the policy store. AzMan supports a file-specific connection string format for connecting to an XML file). AuthorizationStoreRoleProvider is configured with this connection string in the same way that you would configure a SQL-based provider with an ADO.NET-compliant connection string. You add the connectionStringName attribute to your provider definition and it references a connection string in the <connectionStrings /> section. For example, the following connection string uses a combination of the AzMan connection string syntax and a special syntax that is unique to AuthorizationStoreRoleProvider:
<add name="FileBasedPolicyStore" connectionString="msxml://~/App_Data/test.xml"/>
The bolded portion of the connection string uses the ASP.NET tilde shorthand. When the provider sees that the connection string starts with msxml it knows that it will be working with a file-based policy store. As a result, the provider makes an extra check for the tilde syntax. If it finds it, the provider gets the physical file path to the root of the web application and prepends it to the remainder of the connection string. In the preceding sample syntax, this means you could also use a connection string such as:
<add name="FileBasedPolicyStore" connectionString="msxml://C:\inetpub\wwwroot\379301_code\379301 ch_16_code\ ...