Service Authorization
An application can implement custom authorization for incoming messages on a service host .
A service host receives a security callback WS_SERVICE_SECURITY_CALLBACK as part of the WS_SERVICE_ENDPOINT which is passed to the WsCreateServiceHost function. This callback is invoked when the WS_MESSAGE is received.
The application can rely on this callback to implement custom authorization for incoming messages on the service host. If the authorization fails the security callback function returns a failure HR, and the service host aborts the channel.
See the user name over SSL example, HttpCalculatorWithUserNameOverSslServiceExample, for an example implementation.