This project is read-only.

If You Need to Authorize Access to WCF Operations, Use Declarative Authorization

- J.D. Meier, Carlos Farre, Jason Taylor, Prashant Bansode, Steve Gregersen, Madhu Sundararajan, Rob Boucher

Declarative authorization can be added by specifying required access for a particular method declared as an attribute on the operation. Declarative authorization checks will work if you are using the ASP.NET role provider or windows groups. Use imperative authorization if you need finer-grained authorization decisions based on business logic.

The following code example shows how to use the PrinciplePermission attribute to perform declarative authorization:
[PrincipalPermission(SecurityAction.Demand, Role = "accounting")]
public double Add(double a, double b)
    return a + b;

Additional Resources

Last edited Jun 12, 2008 at 10:08 PM by prashantbansode, version 1


No comments yet.