Skip to main content
All docs
V24.2

Connect to an EF Core Middle Tier Security Application from Non-XAF Applications

  • 2 minutes to read

Follow the steps below to configure a non-XAF .NET application so it can connect to a database through the EF Core-based Middle Tier Security application.

Note

The technique described in this topic was not tested with .NET MAUI and Blazor WebAssembly clients. With these platforms, we recommend that you use our Web API Service on the backend as demonstrated in the following examples on GitHub:

  1. Install the following NuGet package: DevExpress.ExpressApp.EFCore.

  2. Create an HttpClient instance with the following settings:

    // The Middle Tier server URL in the code below is the default setting for debug mode and may be different in your application. 
    // You can check this setting in the Middle Tier project's Properties/launchSettings.json file. 
    var httpClient = new HttpClient();
    httpClient.BaseAddress = new Uri("https://localhost:44319/");
    httpClient.DefaultRequestHeaders.Add("Accept", "application/json");
    
  3. Configure the client’s authentication scheme.

    var webSocketFactory = new ClientWebSocketFactory(httpClient, false);
    var securedClient = new WebSocketSecuredDataServerClient(httpClient, webSocketFactory, XafTypesInfo.Instance);
    securedClient.CustomAuthenticate += (sender, arguments) => {
        arguments.Handled = true;
        HttpResponseMessage msg = arguments.HttpClient.PostAsJsonAsync(
            "api/Authentication/Authenticate", 
            (AuthenticationStandardLogonParameters)arguments.LogonParameters).GetAwaiter().GetResult();
        string token = (string)msg.Content.ReadFromJsonAsync(typeof(string)).GetAwaiter().GetResult();
        if (msg.StatusCode == HttpStatusCode.Unauthorized) {
            throw new UserFriendlyException(token);
        }
        msg.EnsureSuccessStatusCode();
        arguments.HttpClient.DefaultRequestHeaders.Authorization
            = new AuthenticationHeaderValue("bearer", token);
    };
    
  4. Authenticate the client on the Middle Tier Security server:

    securedClient.Authenticate(new AuthenticationStandardLogonParameters("John", ""));
    ((IMiddleTierServerSecurity)securedClient).Logon();
    
  5. After authentication has succeeded, you can send permission request queries to the server, which allows you to gain access permissions for operations that are allowed for the current user.

    var readRequest = new SerializablePermissionRequest(typeof(Employee), null, null, SecurityOperations.Read);
    bool isReadGranted = ((IMiddleTierServerSecurity)securedClient).IsGranted(readRequest);
    
    var writeRequest = new SerializablePermissionRequest(typeof(Employee), null, null, SecurityOperations.Write);
    bool isWriteGranted = ((IMiddleTierServerSecurity)securedClient).IsGranted(writeRequest);
    
  6. To access data through an EF Core DbContext, configure DbContextOptions to use the Middle Tier Security as a database provider:

    var optionsBuilder = new DbContextOptionsBuilder<EFCoreDbContext>();
    optionsBuilder.UseMiddleTier(securedClient);
    optionsBuilder.UseChangeTrackingProxies();
    optionsBuilder.UseLazyLoadingProxies();
    var dbContextOptions = optionsBuilder.Options;
    

    After this, you can create a DbContext instance and execute data queries:

    var dbContext = new EFCoreDbContext(dbContextOptions);
    var users = dbContext.Employees.ToList();
    
See Also