Platform SDK: Exchange 2000 Server |
[This is preliminary documentation and subject to change.]
The workflow engine enforces security by checking privileges at run-time. For privileged mode workflows, it verifies that all the design-time pieces of a workflow were last modified by a member of the PrivilegedWorkflowAuthors role. This includes:
The call to Advance (engine) will fail if any of these were last modified by anyone other than PrivilegedWorkflowAuthors.
Exchange 2000 Server setup creates the COM+ Application package for the Workflow Event Sink and installs the PrivilegedWorkflowAuthors role. If you are writing your own event sink, you must register it as COM+ Application package in the Component Services tool, and add the PrivilegedWorkflowAuthors role. Your sink's calls to the workflow engine will fail without this role present in the sink's security context.
This section includes the following subtopics.