Interfaces

Project

Authorization

NuGet packageOwin.Framework.Authorization
GitHub sourceOwinFramework.Authorization

Home |  Readme

Allows other middleware to define required roles and permissions. Uses a system of identities, groups, roles and permissions stored in a database. Supports wildcard matching of resource specific permissions. Implements IAuthorization and depends on IIdentification middleware

The authorization repository readme file contains documentation on the key concepts around authorization in the Owin Framework. It is strongly recommended that you read it before using this assembly.

This package checks that the identity making the request has the required permissions. You must add middleware to the pipeline that implements IMiddleware<IIdentification> for this to work.

Adding this middleware to the Owin pipeline

 builder.Register(ninject.Get<OwinFramework.Authorization.AuthorizationMiddleware>())
    .As("Authorization")
    .ConfigureWith(config, "/owinFramework/middleware/authorization");    
The assumes that you are using Ninject as your IoC container, and followed the getting started walkthrough. If this is not the case then you will need to adjust the code to work in your application.

Default Configuration

The configuration below is the configuration you will get by default if you do not provide a configuration for this middleware.

{
   "owinFramework": {
      "middleware": {
         "authorization": {
            "documentationRootUrl": "/owin/authorization/config"
         }
      }
   }
}
There are not many configuration options on this package beacuse all that it does is enforce permissions provided by other middleware downstream using an implementation of IIdentityData injected by IoC.

Related Projects