Uncovered Security System scenarios fall into two categories:
1. Scenarios where we can simplify solutions.
- How to add a custom persistent field via the Application Model XAFML stored in DB when the middle-tier Application Server is used
2. Scenarios that cannot be implemented using the current architecture:
- Duplicate records can be created when using SecuredObjectSpaceProvider or a middle-tier application server despite RuleUniqueValue, RuleObjectExists and other validation rules
Most of these scenarios are quite rare and specific. Though it is possible that most of you will not face them in your real apps, we still think that it is worth mentioning them here. These enhancements are a subject for further discussion and we cannot provide any ETA for them. We will keep updating this document as we reveal new scenarios. Do not hesitate to contact our Support Team if you have any questions on the subject.
In addition, please refer to the Security - How to reduce the number of permission requests and improve overall performance KB Article for the full list of possible technical solutions for security module performance tuning in various configurations.
Any Update on this?
@Scott: We do not have any updates on this at this time. If you have a precise problem or question on a certain functionality, please open a separate ticket in the Support Center so we can provide you with solutions. Thanks.
I hope this 'new' SecuritySystem will be out of beta very soon now!
Me too, It seems to me that you are simply waiting for us to forgot that you said you were going to fully implement this.
Thanks for your feedback, guys. Our team and I would greatly appreciate it if you could post a list of the most important business scenarios with the new security system (Beta) which you cannot resolve at the moment or whose current solutions are costly in terms of implementation time and maintenance. We will be happy to review these use-case scenarios and your difficulties with them and expedite/discuss the implementation where possible or suggest a workaround. Please log this feedback separately for better tracking. Thanks in advance.
It generates gazillions of queries when using against a SecuredObjectSpaceProvider or using the Middle Tier Application Server.
Also, I think there should be built-in functionality to secure Actions in Controllers through the Roles-Users Authorizations.
The worst thing is the slowness that it makes it unusable.
Thanks for your feedback, Carlos and Paolo. If I understand you correctly, you both are talking about configurations with the Middle Tier Application Server and SecuredObjectSpaceProvider. Have you tried SecuredObjectSpaceProvider with a cached IDataStore service option described above? There are also UI-level security options, which are available from the XAF birth and which adjust the UI without querying the database much.
I am using the win client with the SecuredObjectSpaceProvider with cached IDataStore service. I was also using this in different subnets (i.e. over VPN connections). Dropped it and am using the web client now. But the gazillions of queries are still generated. The project is supposed to role out to all the offices but I doubt it will scale. Currently looking for alternatives.
Thanks for your feedback on the cached service, Carlos. Would you please elaborate a bit more on the reasons for "Dropped it and am using the web client now"?
The win client is super slow because of the generated sql queries over the vpn. You can look at: https://www.devexpress.com/Support/Center/Question/Details/T214347
So i changed to the web client and performance wise it's much faster for users as the web client generates gazillions of queries but the db server is next to it in the same subnet. In contrast, the win client generates the gazillion queries but these need to be sent over the VPN causing horrible performance for the client. Users are happy with the change (from win to web). Not sure however if the app will scale as there will be more office to start using the web application. But we'll see.
@Carlos: Thank you for the additional information!