Security Permissions Caching

Security permission caching is implemented in Security Adapters - classes used by the Security System to process and cache security permission requests. Each Security Adapter has the corresponding Security Adapter Provider class, which is used internally to register the adapter. XPO adapters and their providers are located in the DevExpress.ExpressApp.Security.Xpo.v18.1.dll assembly. The provider and adapter for the Entity Framework are available in the DevExpress.ExpressApp.Security.EF.v18.1.dll assembly. Both these assemblies (XPO and EF) contain the SecurityAdapterHelper class that exposes static methods that enable/disable Security Adapters. So, in your code, you do not need to access Security Adapters directly. This topic describes how to enable and customize caching using the SecurityAdapterHelper class.

Enable Caching in Code

When creating a new XAF project, caching is enabled by the Solution Wizard. The wizard adds the following code line to WinForms, ASP.NET and Mobile applications.

using DevExpress.ExpressApp.Security;
// ...

This code is added to the following places depending on an application platform:

  • in the Main method of the WinForms application located in the Program.cs (Program.vb) file, before the WinApplication.Start call;
  • in the Application_Start method of the ASP.NET application located in the Global.asax.cs (Global.asax.vb) file, before the WebApplication.Start call;
  • in the Mobile application constructor located in the MobileApplication.cs (MobileApplication.vb) file.

To enable or customize Security permissions caching in an existing application, use the same code, or use another overload of the Enable method that takes an ReloadPermissionStrategy enumeration value. You can call this static method from any place of your code, which is executed before a user is logged on.

Reload Permission Strategies

Security Adapters support various modes of reloading the security permissions. The available modes are listed in the ReloadPermissionStrategy enumeration. There is an overload of the SecurityAdapterHelper.Enable method that takes the reloadPermissionStrategy parameter - use it to change the mode. By default, the NoCache mode is used. Each Session (in XPO) or DBContext (in Entity Framework) operates with the most recent permissions loaded from the database in this mode. You can use the CacheOnFirstAccess mode instead. Permissions are loaded and cached when the corresponding secured data is accessed for the first time, cached permissions are used until the user is logged off in this mode. This mode allows you to significantly reduce the number of database requests when working with secured data.