Current filter:
                                You should refresh the page.
                                Show all comments
                                • Steven Rasmussen 06.20.2012

                                  Sooo.... Pretty disapointing that we still can't use DC with the new security system released last year. Is this going to be completed as part of a minor update? Or is it going to wait until 12.2?

                                • Arjan van Dijk 06.21.2012

                                  Yes you're right. I asked the same question 6 months ago. It's rather strange DevExpress won't create an example despite their promises to do so.

                                • Liu Xinrong 06.21.2012

                                  Yes, I have asked the same question many times, But DevExpress still not willing to implement it, don't know why.

                                • Rob Flippo_1 06.24.2012

                                  I've requested the example for manny times to. Still don't understand way the problem is..

                                • Dennis (DevExpress) 06.25.2012

                                  Hi guys, Thank you for your interest in the domain components and the new security system. There is no example on the subject available because we have not yet fixed the following issue: B211934.
                                  Let me now elaborate more on why it is taking us so long to fix this. Implementation of the IsGranted method for domain components (technically we have to deal with interfaces and not with classes) is not as straightforward as for regular persistent classes. In the first place ,this is because domain components may consist of smaller parts that are not registered as entities in the end application. Implementing a security system for these individual parts rather than for the entity as a whole creates many collisions and complexities. So, I would like to ask your opinion on whether we need to provide a security system implementation that will allow assigning permissions for these 1) smaller parts (not registered as entities) or for 2) registered entities only. The latter approach seems to be more logical to me, because after all, your end-users operate with entities and not by individual domain components. This also significantly decreases the complexity of the entire system. Take special note that people who require more control of this, will still be able to subclass the default security system and override the IsGranted method as they require. I would ask you show us your thoughts on this by posting 1) or 2) in the comments to this thread. Thank you for your help in advance.

                                • Steven Rasmussen 06.25.2012
                                  2. - That should be sufficient and would be inline with the way that XAF handles standard entities.
                                • Martin Brekhof 06.25.2012
                                  2. Seems to be the only one that makes sense
                                • Rob Flippo_1 06.25.2012
                                  2. Will be sufficient for most cases.
                                • Carlitos 06.25.2012
                                  2. fine for my case.
                                • Luca Lusetti 06.25.2012
                                  2. is fine for me too
                                • Liu Xinrong 06.25.2012

                                  Hello Dennis,
                                  I think the RegisterSharedPart method is dispensable for us and I thinks the RegisterSharedPart method should be unified for Register method because sometimes we need to rename the sharing of DC , but the RegisterSharedPart method can not support the rename method,so I think the RegisterSharedPart method is dispensable for us.
                                  XinRong Liu

                                • Trentin Barnard 06.25.2012
                                  2. Sounds fine to me.
                                • Liu Xinrong 06.25.2012
                                  2. is fine for me too.
                                • na zichong 06.25.2012

                                  Release in 12.2?

                                • Arjan van Dijk 06.26.2012

                                  For registered DC only sounds OK to me! Can you give us an estimate of when this will be implemented?

                                • Louis Z 06.26.2012
                                  2. "This also significantly decreases the complexity of the entire system" .. This is a no Brainer...
                                • SWAPI - Alziro Moraes 06.28.2012

                                  2 for me too.

                                • Dennis (DevExpress) 07.03.2012

                                  Thank you for the feedback, guys. We will take it into account.
                                  As for ETA, I am afraid I cannot share any dates at the moment. In any event, you will be automatically notified of any status changes.

                                • Arjan van Dijk 10.02.2012

                                  Is there any news concerning this ticket?

                                • JeePee [NL] 10.04.2012

                                  Any news so far on this topic?

                                • Arjan van Dijk 10.04.2012

                                  I think it is very important for dc and its users to implement this feature very soon!
                                  At the moment, dc users cannot fully benefit the new security features. It will make dc quite useless using the 12.x releases.

                                • Robert Hahn 10.04.2012

                                  +1 Arjan

                                • Alex Schille 10.05.2012

                                  i completely agree with you Arjan

                                • Rob Flippo_1 10.05.2012

                                  +1 Arjan

                                • Deniz Tekin 10.06.2012

                                  +1 Arjan

                                • TOPRAK YILDIZ 10.06.2012

                                  +1 Arjan

                                • Carlitos 10.06.2012
                                  2. registered entities only.
                                  Not using DC yet because of this. But next project I hope to use it when I migrate to 12.1
                                • Robert Hahn 10.06.2012

                                  hope all of you guys vote for this issue not just leaving comments ;-)

                                • Carlitos 10.06.2012

                                  Where/How do you vote?

                                • Robert Hahn 10.06.2012

                                  At the top of this site, next to the picture of Dennis,.... now there are 14 votes.
                                  click on the up button.
                                  see screenshot attached.

                                • Carlitos 10.06.2012

                                  Duh! Never saw that!!

                                • Arjan van Dijk 10.10.2012

                                  Any news???

                                • Reinhold Erlacher 10.10.2012

                                  Voted For!

                                • Dennis (DevExpress) 10.10.2012

                                  Guys, we do not have any new information for you at the moment. When we have something to share with you, we will certainly update this thread. Thanks for your patience.
                                  You are also right about upvoting the original message instead of putting these +1, which are not tracked by our system automatically. However, I would also ask you to upvote this only if you are really using DC and greatly interested in using the new security system (the old one already works fine) + middle tier with it, and not just because of coming across this thread and seeing other people liking it, not to negatively bias the results (especially taking into account that there are many other features you can benefit from instead).

                                • Arjan van Dijk 10.10.2012

                                  This is a bit unsatisfactory to tell our customers also. We urgently need this piece of functionality because we're using DC in our new projects which we must deliver at the end of this year.

                                • Dennis (DevExpress) 10.10.2012

                                  I understand your situation, Arjan. We do not have other suggestions at the moment except for using the old security system as demonstrated in the XCRM demo that works fine with DC. We apologize for all the inconvenience here.

                                • Dennis (DevExpress) 10.11.2012

                                  I wanted to inform you that we have made some changes in 12.2 regarding DC + new security system, and just finished recovering unit tests for the most common and simple scenarios . Note that as indicated and discussed with you above, we did not consider scenarios with assigning permissions to shared parts, but rather to real entities only. Also, we have not yet tested DC work in middle-tier scenarios and have not recovered respective functional tests for this. Please stay tuned to our further announcements.

                                • Dennis (DevExpress) 10.18.2012

                                  I have one more piece of news regarding this. We have recovered our functional tests for the DC + middle-tier scenario. We will consider providing a demo application (similar to our SecurityDemo for regular persistent objects) that demonstrates how to use domain components with the new security system.

                                • Arjan van Dijk 10.18.2012

                                  Very good news!!! I can't wait to see the demo..
                                  thx XAF team.

                                • Trentin Barnard 11.07.2012

                                  Any news regarding the release date for 12.2??

                                • Dennis (DevExpress) 11.08.2012

                                  As indicated on our web site, it is scheduled for December, 3rd.

                                • Daniel Großer 12.10.2012

                                  I've seen the demo in 12.2 and how domain components are used with the new security system. That's great. Anyway, I think most of us are waiting for the middle tier scenario to be supported. However, middle-tier + new security system + DC doesn't work yet, does it? (If so - how are the chances of this being supported in the next release?)

                                • Dennis (DevExpress) 12.10.2012

                                  @Daniel: The middle-tier scenario is already supported in 12.2. Feel free to test it and share your feedback with us.

                                • Daniel Großer 12.11.2012

                                  @Dennis: So it must be my fault then; I basically took the example from, upgraded it to version 12.2.4 and added a domain component to the module. (See attached solution.) I then ran the modified example and tried viewing an instance of the domain component - this gives an exception. I suppose it's just that the example is incomplete?

                                • Dennis (DevExpress) 12.11.2012

                                  Thank you for the update, Daniel. We will examine your example and get back to you as soon as we can. Please bear with us.

                                • Anatol (DevExpress Support) 12.14.2012

                                  We have examined this scenario and found out that, unfortunately, changes we have introduced are insufficient to support DC in the middle-tier security. I have created a separate suggestion in this regard: DC - Provide support for Domain Components in the RemoteSecuredDataServer/WcfSecuredDataServer classes. Currently, please use the Integrated Mode with domain components.

                                • Dennis (DevExpress) 12.17.2012

                                  @Daniel: I apologize for the confusion as it was fully my fault about mixing up the client-side Integrated mode with the middle-tier scenario, which even though does use the same core internally (SecuredDataServer), has some specificities that we hope to work out as part of implementing the DC - Provide support for Domain Components in the RemoteSecuredDataServer/WcfSecuredDataServer classes suggestion. Please stay tuned.

                                • Arjan van Dijk 12.18.2012

                                  I wonder why the ommision is defined in a suggestion rather than a bug considering the original request of implementing
                                  the new security system for DC.
                                  Is there any way we can develop support for middle tier ourselves?

                                • Dennis (DevExpress) 12.18.2012

                                  @Arjan: I have just updated the DC - Provide support for Domain Components in the RemoteSecuredDataServer/WcfSecuredDataServer classes suggestion with a temporarily solution.

                                3 Solutions

                                Creation Date Importance Sort by

                                If you are using domain components + complex security strategy + middle tier application server, then you can get things running by writing a patched version of the ServerSecurityClient class like this:

                                /// <summary> /// Patch requests to ServerSecurityClient. /// </summary> public class PatchedServerSecurityClient : ServerSecurityClient, IRequestSecurityStrategy { #region Constructors public PatchedServerSecurityClient(IServerSecurity serverSecurity, IClientInfoFactory clientInfoFactory) : base(serverSecurity, clientInfoFactory) { } public PatchedServerSecurityClient(IServerSecurity serverSecurity) : this(serverSecurity, new ClientInfoFactory()) { } #endregion /// <summary> /// Patch. /// </summary> /// <param name="assemblyQualifiedName">The assembly-qualified name of the type to get the permissions for.</param> /// <param name="membersName">The members to calculate the read-only status for.</param> /// <param name="targetObjectsHandle">The handles of the objects to deal with.</param> /// <returns>The permission matrix</returns> Dictionary<string, bool> IRequestSecurity.CanReadMembers(string assemblyQualifiedName, List<string> membersName, List<string> targetObjectsHandle) { // Apply a patch for generated classes if (assemblyQualifiedName.StartsWith("DevExpress.ExpressApp.DC.GeneratedClasses")) { // Get the first object handle. It is of the following form: // DOMAINCOMPONENT_FULLTYPENAME ( HANDLE ) ... // ---> we extract the domain component full type name here. string dcTypeName = targetObjectsHandle.First(); dcTypeName = dcTypeName.Substring(0, dcTypeName.IndexOf('(')); // Now we search the registered domain component type with that full name. var dcAssemblyQualifiedTypeName = (from type in XafTypesInfo.PersistentEntityStore.RegisteredEntities where type.FullName == dcTypeName select type.AssemblyQualifiedName).FirstOrDefault(); if (dcAssemblyQualifiedTypeName != null) // If we were successfull, patch the assemblyQualifiedName parameter. assemblyQualifiedName = dcAssemblyQualifiedTypeName; else // Otherwise allow anything. return membersName.ToDictionary((s) => s, (s) => true); } // Run base logic return base.CanReadMembers(assemblyQualifiedName, membersName, targetObjectsHandle); } /// <summary> /// Patch. /// </summary> /// <param name="permissionRequest">The request to elaborate.</param> bool IRequestSecurity.IsGranted(IPermissionRequest permissionRequest) { var request = permissionRequest as ClientPermissionRequest; // Decode the request: Is it a ClientPermissionRequest for a generated class? if (request != null && request.ObjectType.FullName.StartsWith("DevExpress.ExpressApp.DC.GeneratedClasses")) { // Get the domain component type of the generated class. var dcType = XafTypesInfo.CastTypeToTypeInfo(request.ObjectType); permissionRequest = new ClientPermissionRequest( dcType.Type, request.MemberName, request.TargetObjectHandle, request.Operation); } return base.IsGranted(permissionRequest); } }

                                Then, go to your WinForms client and instead of

                                var securityClient = new ServerSecurityClient(clientDataServer, new ClientInfoFactory());


                                var securityClient = new PatchedServerSecurityClient(clientDataServer, new ClientInfoFactory());

                                The patch basically translates the generated class types (or generated class type names) into domain component types (or domain component type names).

                                • Steven Rasmussen 01.15.2013

                                  Thanks for sharing!!!

                                Starting from version 12.2, we will provide a DC-based demo that works with the new security system (Client-Side Security UI and Integrated modes are currently supported. The middle-tier scenario will be supported in the future). For your convenience, both XPO and DC-based versions will be available as part of our SecurityDemo solution.

                                • Dennis (DevExpress) 11.08.2012

                                  I wanted to explicitly repeat the description of the DC operation specifics in a middle-tier scenario with regard to the shared parts we discussed earlier in this thread. The matter is that security permissions do not affect objects corresponding to shared parts and they are always loaded (e.g., a developer can always access them in code) by default. However, this does not affect end-users of your application in any way since the application itself behaves normally and displays "Protected Content" where required. There is no such specifics in the UI-level mode.

                                I have been working cheerfully for several month with the work-around posted at: Q363027.
                                I hope it helps.

                                • Daniel Großer 08.15.2012

                                  I'm afraid this won't work with 12.1