Class RuntimeAuthorizationManager

Provides authorization access checking for service operations. Authorization relies on authorization rules provided by repository and assigned to service, contract, endpoint, or specific operation.

Inheritance

Object

RuntimeAuthorizationManager

Namespace: Nevatech.Vsb.Repository.Security

Assembly: Nevatech.Vsb.Repository.dll

Syntax

public sealed class RuntimeAuthorizationManager : ServiceAuthorizationManager

Remarks

Note: Authorization Manager is executed after all binding elements, but before message inspectors.

Constructors

RuntimeAuthorizationManager(ServiceAuthorizationManager)

Initializes a new instance with the provided authorization manager that new instance is replacing.

Declaration

public RuntimeAuthorizationManager(ServiceAuthorizationManager innerAuthorizationManager)

Parameters

Type	Name	Description
ServiceAuthorizationManager	innerAuthorizationManager	Original authorization manager that new instance is replacing.

Methods

CheckAccess(OperationContext, ref Message)

Checks authorization for the given operation context based on provided authorization rules, identity claims, and message content.

Declaration

public override bool CheckAccess(OperationContext operationContext, ref Message message)

Parameters

Type	Name	Description
OperationContext	operationContext	The OperationContext for the current authorization request.
Message	message	The message to be examined to determine authorization.

Returns

Type	Description
Boolean	True, if access is granted; otherwise, false. If service has no authorization rules assigned then access is granted.

CheckAccessCore(OperationContext)

Overrides standard WIF validation logic, so that messages with Null or empty "To" and "Action" headers can be processed.

Declaration

protected override bool CheckAccessCore(OperationContext operationContext)

Parameters

Type	Name	Description
OperationContext	operationContext	The OperationContext for the current authorization request.

Returns

Type	Description
Boolean	True, if access is granted; otherwise, false. If service has no authorization rules assigned then access is granted.

GetAuthorizationPolicies(OperationContext)

Returns policies that participate in policy evaluation.

Declaration

protected override ReadOnlyCollection<IAuthorizationPolicy> GetAuthorizationPolicies(OperationContext operationContext)

Parameters

Type	Name	Description
OperationContext	operationContext	The OperationContext of the current authorization request.

Returns

Type	Description
ReadOnlyCollection<IAuthorizationPolicy>	Collection of policies that participate in policy evaluation.