csla | A home for your business logic in any .NET application | Form library

No, CriteriaBase doesn't support any rules. There's no requirement to subclass it though for criteria type classes; you can use BusinessBase as your criteria subclass, which will support authorization and validation rules.

I believe the current recommendation is to move way from using CriteriaBase at all, especially since newer versions can pass multiple simple types or types which implement IMobileObject directly, so you'd really only need a class to represent your criteria if there needs to support business rules, such as your authorization rule, or perhaps a validation rule that requires a minimum number of criteria properties to be set.

#cslanet doesn't generate any SQL, that is entirely up to you and how you invoke your data access layer. Any techniques you use to view the SQL generated by EF will work, CSLA doesn't change how EF works in any way.

It is possible that you aren't efficiently or correctly using the CSLA data portal. For example, when loading a collection of objects, you should issue one data query at the collection (or higher parent) level, and then load each child object using the data from that single query.

I've seen where people issue a SQL query for each child object, which is terribly slow and is a very bad idea. I discuss this in the Using CSLA: Data Access book, including why you need to try to minimize calls to the database.

The UNIX pattern expects that your time is the unix time in seconds since epoch, which is a 10 digit number, but your timestamp field is the unix time in milliseconds since epoch, a 13 digits number.

You should use the UNIX_MS pattern instead.

Edit 2 explains the answer to my problem.

I wasn't adding the token correctly to the authorization header, so the service wasn't able to authenticate the token, or rather, it saw the token as invalid.