ContextQMD
Back to Devexpress

Implement a Security System User (ApplicationUser) Based on XAF Business Classes

expressappframework-404875-data-security-and-safety-security-system-security-object-model-implement-custom-security-objects-implement-a-security-system-user-based-on-xaf-business-classes.md

latest3.0 KB
Original Source

Implement a Security System User (ApplicationUser) Based on XAF Business Classes

  • Oct 27, 2025
  • 4 minutes to read

XAF has a built-in PermissionPolicyUser class for XPO and EF Core-based applications. This class implements basic functionality required to store Security System user data. The major limitation of the PermissionPolicyUser class is that it can be used directly only in applications with a single authentication method: either password-based or Windows Active Directory-based.

When a user has multiple ways to log in, you need to store information for all authentication types and associate this information with the user. To do this, use the ISecurityUserWithLoginInfo (a descendant of ISecurityUser and IOAuthSecurityUser) and ISecurityUserLoginInfo interfaces.

Additionally, if you want to support the user lockout feature (the capability to lock out users who fail to enter the correct password several times in a row), implement the ISecurityUserLockout interface in your security system user class.

Note

The Template Kit generates classes that implement these interfaces automatically. You can find these implementations in the following files within your solution:

  • SolutionName.Module\BusinessObjects\ApplicationUser.cs
  • SolutionName.Module\BusinessObjects\ApplicationUserLoginInfo.cs

Follow the steps below to implement the required classes from scratch.

  1. Add a class to store user login information. In this class, implement the ISecurityUserLoginInfo interface. You can use the following code as a reference implementation (the Template Kit generates equivalent code).

  2. Add an application user class that extends PermissionPolicyUser and implements the ISecurityUserWithLoginInfo interface required to associate multiple authentication methods with a user and the ISecurityUserLockout interface to support the user lockout feature. You can use the following code as a reference implementation (Template Kit generates equivalent code).

  3. Modify the Application Builder code as shown below so that XAF uses your custom classes to store security data:

See Also

Implement a Custom Security System User Based on an Existing Business Class