Skip to main content
BuyLog In
XAF: Cross-Platform .NET App UI & Web API
Search in…
Docs > Application Security and Data Safety > Security (Access Control & Authentication) > Non-XAF UI Scenarios > Connect to an XPO Middle Tier Server from Non-XAF Applications (.NET)
All docs
V24.1
.NET 6.0+
XAF: Cross-Platform .NET App UI & Web API
Getting Started
Installation, Upgrade, Version History
Backend Web API Service
UI Shell and Base Infrastructure
Storage, ORM, and Business Model Design
Data Manipulation and Business Logic
User Interface and Behavior Customization
Data Filtering
Application Security and Data Safety
Security (Access Control & Authentication)
Security Tiers
User Logon and Authentication
ORM Object Model, Policy Configuration and Storage
Authorization and Data Protection
Non-XAF UI Scenarios
Connect to an EF Core Middle Tier Security Application from Non-XAF Applications
Connect to an XPO Middle Tier Server from Non-XAF Applications (.NET)
Connect to an XPO WCF Application Server from Non-XAF Applications (.NET Framework)
Security Considerations
Audit Trail (History of Data Changes)
Multi-Tenancy (Data per Tenant)
Validation (Prevent Data Errors)
Conditional Appearance (Manage State of UI Elements)
Reporting (Shape, Export & Print Data)
Analytics (Extract Data Insights)
Document Management
Business Process Management
Event Planning
Localization
Accessibility Support
Debugging, Testing and Error Handling
Deployment
Support, QA & Troubleshooting
API Reference
Download CHM

Connect to an XPO Middle Tier Server from Non-XAF Applications (.NET)

  • 2 minutes to read

This topic demonstrates how to access the data protected with the Middle Tier Application Server from a non-XAF application.

Initialize Metadata for Persistent Classes

The code sample below demonstrates how to initialize metadata on Employee, Project, and Task persistent classes.

XPDictionary dictionary = new ReflectionDictionary();
Type[] types = { typeof(Employee), typeof(Project), typeof(Task) }
dictionary.CollectClassInfos(types);

You can collect metadata for all persistent classes automatically when your data model is in a separate assembly. The code sample below demonstrates how to collect metadata for all persistent classes in the assembly that contains the Employee class:

dictionary.CollectClassInfos(Assembly.GetAssembly(typeof(Employee)));

Establish a Connection

The code sample below demonstrates how to create a connection to a Middle Tier Server.

var httpClient = new HttpClient();
httpClient.BaseAddress = new Uri("https://localhost:44319/");
var webSocketFactory = new ClientWebSocketFactory(httpClient, false);
var securedClient = new WebSocketSecuredDataServerClient(httpClient, webSocketFactory, XafTypesInfo.Instance);

Check if a Permission is Granted

Before checking whether a permission is granted, authenticate at the Middle Tier Service level:

securedClient.Authenticate(new AuthenticationStandardLogonParameters("John", ""));
((IMiddleTierServerSecurity)securedClient).Logon();

When the secured client is initialized, and the user is logged on, you can create a permission request and check whether a user has a specific permission:

var readRequest = new SerializablePermissionRequest(typeof(Employee), null, null, SecurityOperations.Read);
bool isReadGranted = ((IMiddleTierServerSecurity)securedClient).IsGranted(readRequest);

var writeRequest = new SerializablePermissionRequest(typeof(Employee), null, null, SecurityOperations.Write);
bool isWriteGranted = ((IMiddleTierServerSecurity)securedClient).IsGranted(writeRequest);

Access Data

To access data through the secured Object Access Layer, create a UnitOfWork through the constructor that takes an object layer (see UnitOfWork). You can then create an XPCollection in this Unit of Work, or use UnitOfWork methods. Note that an exception is thrown when you access data that is restricted to the current user.

MiddleTierSerializableObjectLayerClient securedObjectLayerClient = new MiddleTierSerializableObjectLayerClient(securedClient);
SerializableObjectLayerClient objectLayerClient = new SerializableObjectLayerClient(securedObjectLayerClient, dictionary);
UnitOfWork uow = new UnitOfWork(objectLayerClient);
foreach (Task task in new XPCollection<Task>(uow)) {
    Console.WriteLine(task.Subject);
}
try {
    var task = uow.Query<Task>().FirstOrDefault(t => t.Subject == "Check Reports");
    task.Subject = "Review Reports";
    uow.CommitChanges();
}
catch (Exception e) {
    Console.WriteLine("Error: " + e.Message);
}
See Also