Alachisoft.com

How to Use NCache Security Feature

Using Security with NCache:

NCache provides security with authentication and authorization built into the product. Authentication is done through Active Directory files. NCache allows users to specify Cache administrators and users. Administrators can manage the cluster while the users can only make NCache API calls to a specific cache from an application.

NCache provides two levels of security; Admin and User Level. These are explained below:

Admin Level Security: On this level, users can control who can manage and configure NCache. Administrators can give rights to other users/accounts who can manage or make configuration changes on a cache acting as cache Administrators. These changes include (create a cache, stop a cache, remove cache etc). Once the admin level security is enabled then only authorized users will be allowed to manage NCache clusters.

User Level Security: On this level, users can decide who can connect to the cache on application level and perform cache level operations using NCache API (_cache.Add(), _cache.Get() etc). After enabling user level security, all applications would need to provide security credentials when connecting to a cache. Note: All cache Administrators and users are always authenticated based on Active Directory.

How to Configure Security on NCache:

Admin Level Security: Admin level or Node level security can be enabled only by the Administrator of the box. These administrators can enable/disable node level security on remote machines as well as add/remove NCache managers for that node. Admin level security configurations will be saved in Security.ncconf on the cache server where it is enabled. Following are the steps to configure Admin security (Cache server level) using Security Configuration Wizard.

Step 1

It is first required to specify admin credentials in NCache Manager in order to turn on admin security. User should be part of Active Directory and administrator group on this box.

  • Select Security from NCache Manager Tool bar.
  • Select Security Credentials and specify a cache admin to enable security.



Step 2
  • Select Security from NCache Manager Tool bar.
  • Select Configure Security option.


Step 3
  • Select a node for the security configuration.


Step 4
  • Configuring node level security on remote nodes requires credentials for that node (user name, password). You will be prompted with a dialogue box to enter admin name and password for that node. On successful verification you will be moved to the next page of the wizard.
  • Provide Administrative credentials for that node.
  • Press Ok to proceed further.


Step 5
  • You can enable/disable Node level security by checking the Enable Security box at the bottom.
  • You can also Add/remove NCache admins from the following wizard.
  • Press Finish to apply the settings.


When NCache security is enabled, users have to specify valid cache admin credentials for management activities. All credentials to the cache for admin activities are first authenticated against active directory and only authenticated connections are then authorized from NCache Security.ncconf file. Cache admin access is granted only if everything is successfully authenticated otherwise access is denied.

User Level Security:

Users can also configure user level security for a cache. Each cache will have its own user level security configurations independent of other caches and users. Cache user level security configurations will be saved in config.ncconf against each cache. NCache Manager provides a tab view for configuring user level security for all caches.

  • Select the Security tab.
  • You can enable/disable API security on cache using the option Enabled Security.
  • Using security tab you can also specify users who are authentic for the selected cache API as shown in the figure.


How to pass Security Credentials to API:

User can also pass security credentials to API from the application using the following code:

NCache.InitializeCache("cacheId", new Alachisoft.NCache.Web.Security.
SecurityParams("Username", "Password"),null);

Provide User credentials in NCache Client.ncconf file:

User credentials can be specified within the Client.ncconf file on the client machine so that all applications running on the machine use the same credentials in order to connect to the cache. Here is how you can do this.

  • Click on the client IP address in NCache manager tree for a cache
  • Go to Security Tab in the right pane and provide user credentials. This will update Client.ncconf file.


When NCache user level security is enabled, all connections to the cache are authenticated against Active Directory at the cache server. User Credentials are first authenticated against active directory and the authenticated connections are then authorized from NCache Config.ncconf file. Cache Access is granted only if a user is successfully authenticated otherwise application connection is denied.

What to Do Next?