NCache provides security with authentication and authorization built into the product. Authentication is done through Active Directory files. NCache allows users to specify Cache administrators and users. Administrators can manage the cluster while the users can only make NCache API calls to a specific cache from an application.
NCache provides two levels of security; Admin and User Level. These are explained below:
Admin Level Security: On this level, users can control who can manage and configure NCache. Administrators can give rights to other users/accounts who can manage or make configuration changes on a cache acting as cache Administrators. These changes include (create a cache, stop a cache, remove cache etc). Once the admin level security is enabled then only authorized users will be allowed to manage NCache clusters.
User Level Security: On this level, users can decide who can connect to the cache on application level and perform cache level operations using NCache API (_cache.Add(), _cache.Get() etc). After enabling user level security, all applications would need to provide security credentials when connecting to a cache. Note: All cache Administrators and users are always authenticated based on Active Directory.
Admin Level Security: Admin level or Node level security can be enabled only by the Administrator of the box. These administrators can enable/disable node level security on remote machines as well as add/remove NCache managers for that node. Admin level security configurations will be saved in
Security.ncconf on the cache server where it is enabled. Following are the steps to configure Admin security (Cache server level) using Security Configuration Wizard.
It is first required to specify admin credentials in NCache Manager in order to turn on admin security. User should be part of Active Directory and administrator group on this box.
When NCache security is enabled, users have to specify valid cache admin credentials for management activities. All credentials to the cache for admin activities are first authenticated against active directory and only authenticated connections are then authorized from NCache Security.ncconf file. Cache admin access is granted only if everything is successfully authenticated otherwise access is denied.
Users can also configure user level security for a cache. Each cache will have its own user level security configurations independent of other caches and users. Cache user level security configurations will be saved in config.ncconf against each cache. NCache Manager provides a tab view for configuring user level security for all caches.
User can also pass security credentials to API from the application using the following code:
NCache.InitializeCache("cacheId", new Alachisoft.NCache.Web.Security.
User credentials can be specified within the Client.ncconf file on the client machine so that all applications running on the machine use the same credentials in order to connect to the cache. Here is how you can do this.
When NCache user level security is enabled, all connections to the cache are authenticated against Active Directory at the cache server. User Credentials are first authenticated against active directory and the authenticated connections are then authorized from NCache Config.ncconf file. Cache Access is granted only if a user is successfully authenticated otherwise application connection is denied.