I am somewhat late to the party but can suggest how such a check might be implanted in the framework.
Axon internally uses things called HandlerEnhancerDefinitions to “add” behavior to message handling functions. I’ve put “add” between quotes because it is, in essence, the basis for all the behavior message handling functions have in Axon.
For example, the @SagaEventHandler sets and validates the associationProperty through a dedicated HandlerEnhancerDefinition. Likewise, the routingKey on the @CommandHandler annotation works with a dedicated HandlerEnhancerDefinition.
So, if you want to attach forms of security validation to command and query handling methods, providing a HandlerEnhancerDefinition would be the way to go. I have seen this being done at users of the framework, who constructed a custom security annotation. Axon reacted to those if they were paired with the @CommandHandler and/or @QueryHandler annotated method.
As a follow-up, you might think, “why isn’t this a part of Axon?” For that, I’d point to Milen’s earlier reply. There are quite some application-specific things to consider here, making it rough to construct a generic solution that suits everybody’s needs. I am not going to rule it won’t be a part of the framework eventually, however. For now, though, it’s something you’ll have to construct yourself.