Inside Dynamics AX 4.0: Security

[Blog bot]

Источник: http://feeds.feedburner.com/~r/Insid.../security.html
==============

By default, record-level and column-level security are applied to all data retrieval. However, in some cases it is crucial that record-level and column-level security be ignored, such as when transmitting invoices. In such a case, it is essential that the customer be presented with the same data as actually posted, regardless of the security settings for the person invoking the document. The following example shows how to override the default behavior.



To prevent spoofing, you can implement the notion of constraints. Constraints essentially filter the endpoints that are potential legal recipients of an XML document. An example of a constraint is a customer associated with specific endpoints configured in the AIF. Immediately before transmission, the framework verifies that all constraints in the XML to be sent are legal for the endpoint chosen.
The getConstraintList method populates the list of AifConstraint objects present in the parameter list with the constraint type and the constraint ID. This helps prevent spoofing. The method is abstract in the AxdBase class and must be implemented by all derived classes. The following is an example of an overridden getConstraintList method.


http://insidedynamicsax.blogspot.com/
</img> </img> </img> </img> </img>


Источник: http://feeds.feedburner.com/~r/Insid.../security.html