Lists Home |
Date Index |
On Wednesday 20 February 2002 04:39 pm, Bullard, Claude L (Len) wrote:
> What is the impact on performance of implementing
> field level security? Module or record level, I
> can understand, but field level seems to be prohibitively
It's not *very* expensive. In one of our products everything is
protected via what I call "split capabilities" such that individual
method invocations, fields, buttons etc. are all controlled. The real
trick is to compile to a "resolved security matrix" on a per-user
basis to allow short-circuited permission checking.
The checks probably adds 2-4% to the overall runtime in a JAVA
environment, and could be made much faster still.