This project is read-only.
1

Closed

Implement client authorization

description

All of the operations must authorize the caller before executing
Closed Mar 7, 2012 at 10:40 PM by JaredScarbrough

comments

JaredScarbrough wrote Dec 29, 2011 at 9:58 PM

  • In order to be authorized, the caller must be a member of the local 'ServiceBusAdapterUsers' group
  • BBEC web service calls are still made in the context of the account running the application pool, so this account must have appropriate permissions configured in BBEC. I would have preferred to make the calls in the context of the caller's identity but I couldn't accomplish that and have the service be asynchronous at the same time

JaredScarbrough wrote Dec 29, 2011 at 10:05 PM

This leverages WF Security Pack CTP1
[url:WF Security Pack CTP1|http://wf.codeplex.com/releases/view/48114]

wrote Mar 7, 2012 at 10:40 PM

wrote Feb 2, 2013 at 12:22 AM

wrote May 14, 2013 at 5:54 AM