Resource permissions

Topics: Web Api
Dec 21, 2011 at 9:31 AM

I have set up a Web Api service using the self hosting method. For this my first attemp, I have chosen SSL + Basic Auth for security. I have followed this approach:

Now, I'd like to protect the user resources from others. For example should be accessible to the user 2323 but, it should not be accesible to the user 1234 or other. What is the best approach to do this? How can I protect user resources? My first though was to do this on every method, using IPrincipal object comming from OperationHandler. But I guess there is a better solution.

Thanks in advanced and keep up your great job guys!!