Workflow permissions

By default, all application and processor roles are permitted to start any workflow and schedule it on any processor. If you run more than one application on a single directory and you need to separate them securely, you can do that by controlling which roles can start and execute a workflow.

You can mark workflow classes with AllowStartTo and AllowExecuteTo attributes specifying the roles granted the permission:


[AllowStartTo("Application/SecureApplication")]
[AllowExecuteTo("Processor/SecureProcessor")]
[DataContract]
public class MyWorkflow 
    : Process, IWorkflow<MyWorkflowRequest, MyWorkflowResult>
{
    ...

You can define multiple Allow* attributes if you need to grant the permissions to multiple roles.

Last edited May 16, 2013 at 5:38 PM by dbratus, version 2

Comments

No comments yet.