SecurityStrategyComplex Class

A Security Strategy that maintains users who have a list of associated roles.

Namespace: DevExpress.ExpressApp.Security

Assembly: DevExpress.ExpressApp.Security.v22.1.dll

Declaration

C#
VB.NET

[ToolboxTabName("DX.22.1: XAF Security")]
public class SecurityStrategyComplex :
    SecurityStrategy,
    ISecurityComplex,
    ISecurityStrategyBase,
    IRoleTypeProvider

<ToolboxTabName("DX.22.1: XAF Security")>
Public Class SecurityStrategyComplex
    Inherits SecurityStrategy
    Implements ISecurityComplex,
               ISecurityStrategyBase,
               IRoleTypeProvider

Remarks

In the SecurityStrategyComplex security strategy, each user can belong to one or more groups. These groups are called Roles (see XPO PermissionPolicyRole or EF 6/EF Core PermissionPolicyRole). Roles are characterized by an associated permission set. An application administrator creates users and roles, and assigns roles to users. An application developer can create a set of predefined users and roles that can be extended later by an administrator (see Client-Side Security (2-Tier Architecture)).

Note

To see what capabilities are provided to an administrator within the SecurityStrategyComplex security strategy, refer to the Security System Overview topic.

By default, a newly created XAF application uses no security. To enable to the SecurityStrategyComplex security strategy, invoke the Application Designer and drag the SecurityStrategyComplex component from the ToolBox‘s DX.22.1: XAF Security page to the designer’s Security pane.

Security_UseSecurityStrategyComplex

You can specify a custom user and role type by changing the SecurityStrategy.UserType and SecurityStrategyComplex.RoleType values in the Properties window.

Security_SetCustomUserType

Then, specify the authentication type that will accompany the security strategy. Drag either the AuthenticationStandard or AuthenticationActiveDirectory component from the toolbox to the Security pane of the designer. You can also use a custom authentication (see How to: Use Custom Logon Parameters and Authentication).

Security_DesignerAuthenticationSimple

Alternatively, you can enable the SecurityStrategyComplex Security Strategy in code. It is required to instantiate the SecurityStrategyComplex class and assign this instance to the XafApplication.Security property. In a Windows Forms application project, modify the Program.cs (Program.vb) file in the following manner.

C#
VB.NET

public static void Main(string[] arguments) {
    MySolutionWinApplication winApplication = new MySolutionWinApplication();
    winApplication.Security = 
        new SecurityStrategyComplex(typeof(PermissionPolicyUser), typeof(PermissionPolicyRole), 
            new AuthenticationStandard());
    // ...
}

Public Shared Sub Main(ByVal arguments() As String)
    Dim winApplication As New MySolutionWinApplication()
    winApplication.Security = _
    New SecurityStrategyComplex( _
    GetType(PermissionPolicyUser), GetType(PermissionPolicyRole), New AuthenticationStandard())
    ' ...
End Sub

In an ASP.NET Web Forms application project, modify the Global.asax.cs (Global.asax.vb) file in the following manner.

C#
VB.NET

protected void Session_Start(Object sender, EventArgs e) {
    WebApplication.SetInstance(Session, new MySolutionAspNetApplication());
    WebApplication.Instance.Security = 
       new SecurityStrategyComplex(typeof(PermissionPolicyUser), typeof(PermissionPolicyRole), 
            new AuthenticationStandard());

    // ...
}

Protected Sub Session_Start(ByVal sender As Object, ByVal e As EventArgs)
    WebApplication.SetInstance(Session, New MySolutionAspNetApplication())
    WebApplication.Instance.Security = _
    New SecurityStrategyComplex( _
    GetType(PermissionPolicyUser), GetType(PermissionPolicyRole), New AuthenticationStandard())
    ' ...
End Sub

As a result, in a WinForms application you can see the User, Role and My Details navigation items. The active user name is displayed in the status bar. Tutorial_Security_ActiveDir

The following code snippets (auto-collected from DevExpress Examples) contain references to the SecurityStrategyComplex class.

Note

The algorithm used to collect these code examples remains a work in progress. Accordingly, the links and snippets below may produce inaccurate results. If you encounter an issue with code examples below, please use the feedback form on this page to report the issue.

C#
VB.NET

XAF_how-to-implement-custom-permission-role-and-user-objects-e3794/CS/SecuredExportExample.Web/WebApplication.cs#L19

private DevExpress.ExpressApp.Security.AuthenticationStandard authenticationStandard1;
private DevExpress.ExpressApp.Security.SecurityStrategyComplex securityStrategyComplex1;
private DevExpress.ExpressApp.Validation.ValidationModule module5;

XAF_how-to-hide-navigation-items-based-on-the-current-user-e380/CS/HideNavigationItemsExample.Web/WebApplication.cs#L15

private HideNavigationItemsExample.Module.HideNavigationItemsExampleModule module3;
private DevExpress.ExpressApp.Security.SecurityStrategyComplex securityStrategyComplex1;
private DevExpress.ExpressApp.Security.AuthenticationStandard authenticationStandard1;

XAF_how-to-allow-a-user-to-select-the-authentication-type-at-runtime-e2371/CS/E2371.Web/WebApplication.cs#L19

private DevExpress.ExpressApp.Security.SecurityModule securityModule1;
private DevExpress.ExpressApp.Security.SecurityStrategyComplex securityStrategyComplex1;
private DevExpress.ExpressApp.Validation.ValidationModule validationModule;

XAF_how-to-change-connection-to-the-database-at-runtime-e1344/CS/RuntimeDbChooser.Win/WinApplication.cs#L21

InitializeComponent();
((SecurityStrategyComplex)Security).Authentication = new AuthenticationStandard<SecuritySystemUser, CustomLogonParametersForStandardAuthentication>();
//((SecurityStrategyComplex)Security).Authentication = new ChangeDatabaseActiveDirectoryAuthentication();

xaf-web-forms-use-oauth2-authentication-providers/CS/MySolution.Module.Web/Security/CustomSecurityStrategyComplex.cs#L7

namespace MySolution.Module.Web.Security {
    public class CustomSecurityStrategyComplex : SecurityStrategyComplex {
        protected override void InitializeNewUserCore(IObjectSpace objectSpace, object user) {

XAF_how-to-implement-custom-permission-role-and-user-objects-e3794/VB/SecuredExportExample.Web/WebApplication.vb#L19

Private authenticationStandard1 As DevExpress.ExpressApp.Security.AuthenticationStandard
Private securityStrategyComplex1 As DevExpress.ExpressApp.Security.SecurityStrategyComplex
Private module5 As DevExpress.ExpressApp.Validation.ValidationModule

XAF_how-to-hide-navigation-items-based-on-the-current-user-e380/VB/HideNavigationItemsExample.Web/WebApplication.vb#L17

Private module3 As HideNavigationItemsExample.Module.HideNavigationItemsExampleModule
Private securityStrategyComplex1 As DevExpress.ExpressApp.Security.SecurityStrategyComplex
Private authenticationStandard1 As DevExpress.ExpressApp.Security.AuthenticationStandard

XAF_how-to-allow-a-user-to-select-the-authentication-type-at-runtime-e2371/VB/E2371.Web/WebApplication.vb#L21

Private securityModule1 As DevExpress.ExpressApp.Security.SecurityModule
Private securityStrategyComplex1 As DevExpress.ExpressApp.Security.SecurityStrategyComplex
Private validationModule As DevExpress.ExpressApp.Validation.ValidationModule

xaf-web-forms-use-oauth2-authentication-providers/VB/MySolution.Module.Web/Security/CustomSecurityStrategyComplex.vb#L8

Public Class CustomSecurityStrategyComplex
    Inherits SecurityStrategyComplex

XAF_how-to-change-connection-to-the-database-at-runtime-e1344/VB/RuntimeDbChooser.Win/WinApplication.vb#L23

InitializeComponent()
CType(Security, SecurityStrategyComplex).Authentication = New AuthenticationStandard(Of SecuritySystemUser, CustomLogonParametersForStandardAuthentication)()
''CType(Security, SecurityStrategyComplex).Authentication = New RuntimeDbChooser.Module.ChangeDatabaseActiveDirectoryAuthentication()