Logon Authentication

Before accepting an incoming FIX connection, additional authentication checks may be required.

The usual checks are Logon username/password and source IP address. Depending on the result of the authentication checks, the decision can be made whether to accept the FIX connection or reject and close the connection.

To achieve this, subscribe to the inbound session messages and add the required check logic. If the check fails and the FIX connection needs to be rejected (closed), then the InvalidInboundLogonException exception should be thrown from the inbound session message listener.

For example:

session.InboundSessionMessage += (object sender, InboundMessageEventArgs e) =>
{
    Message message = e.Message;

    if (message.Type.Equals(MsgType.Logon) && message.Get(Tag.Password) != "ExpectedPassword")
    {
        throw new InvalidInboundLogonException("Password is incorrect");
    }
    // ...
};