Securing the messaging infrastructure

The responsibility of the message processor during execution is to ensure that the provided message gets handled by one or more handlers, and that the behaviors are properly called; however it remains agnostic to the semantics of the message itself. The authorization check is ensured by behaviors:

EnsureAuthorizedMessageProcessingBehavior takes the job of ensuring that the handling of the message is authorized.
- Retrieves the required permissions as specified at message level.
- Identifies the authorization scope by invoking the authorization scope service.
- Invokes the authorization service to authorize the scope for the required permissions.

Securing messages

Messages may be secured by decorating them with the [RequiresPermission] attribute.

Example:

    /// <summary>
    /// Message for importing a hierarchy node.
    /// </summary>
    [RequiresPermission(typeof(IExportImportPermission))]
    public class ImportHierarchyMessage : EntityActionMessage
    {
        // ...
    }

Quick Links

Foreword

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Securing the messaging infrastructure

Securing messages

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Quick Links

Core Components

Data Management

Messaging

Modeling

Security

Clone this wiki locally