Security descriptors are mechanisms used to configure authorization mechanism and policy. The authorization on the server side can be configured at the container, service or resource level.

On the client side, authorization can be configured using security descriptors or as a property on the stub. This configuration can be done on a per invocation granularity

2. Server side authorization

The server side authorization can be configured at the container, service or resource level using

Security descriptors using files. Refer to Section 3.1, “Configuring Using Files”
Security descriptors programmatically. Refer to Section 3.2, “Configuring Programmatically ”

To write and configure a server-side custom authorization mechanism refer to Section 2.3, “Writing a custom server-side authorization mechanism”.

3. Client side authorization

The client side authorization can be configured for each invocation.

Security descriptors using files. Refer to Section 4.1, “Configuring Using Files”, specifically Section 4.1.2.2, “Configuring authorization mechanism ”.
Security descriptors programmatically. Refer to Section 4.2, “Configuring Programmatically ”
Properties on the Stub. Refer to Section 2.1, “Configuring client-side authorization on the stub”

To write and configure custom authorization mechanism refer to Section 2.2, “Writing custom client-side authorization scheme”.

If no authorization mechanism has been specified, HostOrSelf authorization is used. In this scheme host authorization is tried first, if it fails, self authorization is attempted

Prev		Next
Building and Installing	Home	Deploying