Application Framework
BuyTryDemosHelp

Role-Based Security System

 

Security is very important to every multi-user application, but at the same time, it can be complex to implement, as it influences so many design decisions across an application. The eXpressApp Framework has been built from the ground up with security considerations in mind. To enable the security system in your application, add the Security Module to your application. This module allows you to use one of the following authentication strategies:

  • Standard Authentication Strategy

    An end-user is authenticated by the credentials specified in a logon window:

    Logon Form in the Windows Forms Application - DevExpress .NET Application Framework (XAF)

    Logon Form in the ASP.NET Application - DevExpress .NET Application Framework (XAF)

  • Active Directory Authentication Strategy
    Uses the WindowsActiveDirectory service to obtain information on a user.

The requirements for security are seldom the same across a number of applications. We supply two security system strategies:

  • Simple Security Strategy

    There are two user types: a user and an administrator. Users have access to any operation with all objects, except for User objects.Administrators have access to all operations on all objects, including the User objects.

    Simple Security Strategy - DevExpress .NET Application Framework (XAF)

  • Complex Security Strategy

    A user is assigned a role(s) that is characterized by a set of permissions.

    Compex Security Strategy - DevExpress .NET Application Framework (XAF)

The Security Module is agile enough to let you implement custom authentication and authorization strategies and certain classes used in them.

Of course, the Security Module works with both Windows Forms as well as ASP.NET target platforms.

Object-level and Member-level Security - Preview Version

XAF v2011 vol 2 introduces a preview of the new security model that includes the following ready-to-use permission types.

  • Type Permission - Grants access to a particular object type.
  • Member Permission - Grants access to specific members of a type.
  • Object Permission - Grants access to objects satisfying a particular criteria.

There are no denying access modifiers in permissions. This simplifies security logic and makes it easier to implement custom permissions.

To try using the new security system, see the Security Demo and read the Imporved Security System section in the documentation.

60 Day Money Back Guarantee


Microsoft Gold Certified Partner

DevExpress Products Fully Support Visual Studio 2010
More from DevExpress
DevExpress
About Us
Awards
Community Events
User Comments
Careers
Licensing
Contact Information		Press
DevExpress News
Logos
Reviews and Publications
Case Studies
DevExpress on Facebook
DevExpress on Twitter		Support
Knowledge Base
Ask a Question
Report an Issue
Online Documentation
Download Documentation
Technical Blogs		Training
Online Demos
Webinars
Videos
Courses
Partners
DXSquad
MVP Program
Community Group Support		Version History
What's New
Current Version/Build
Version History
Live Chat
Have a pre-sales question?
Need assistance with your evaluation?
We are here to help.
Chat is one of the many ways you can contact members of the DevExpress Team. We are available Monday-Friday between 8:30am and 5:00pm Pacific Time.
If you need additional product information, require pre-sales assistance, or want help with your order, write to us at info@devexpress.com or call us at
+1 (818) 844-3383.
DevExpress engineers feature-complete Presentation Controls, IDE Productivity Tools, Business Application Frameworks, and Reporting Systems for Visual Studio. Whether using WPF, Silverlight, ASP.NET or WinForms, DevExpress tools help you build and deliver your best in the shortest time possible.
Your Privacy - Legal Statements
Copyright © 1998-2012 Developer Express Inc.
ALL RIGHTS RESERVED
All trademarks or registered trademarks
are property of their respective owners