[
Lists Home |
Date Index |
Thread Index
]
We do some similar things. It is the notion
that all fields can be secured this way and
that the customer gets to pick and choose
that is troubling.
len
-----Original Message-----
From: Gavin Thomas Nicol [mailto:gtn@rbii.com]
On Wednesday 20 February 2002 04:39 pm, Bullard, Claude L (Len) wrote:
> What is the impact on performance of implementing
> field level security? Module or record level, I
> can understand, but field level seems to be prohibitively
> expensive.
It's not *very* expensive. In one of our products everything is
protected via what I call "split capabilities" such that individual
method invocations, fields, buttons etc. are all controlled. The real
trick is to compile to a "resolved security matrix" on a per-user
basis to allow short-circuited permission checking.
The checks probably adds 2-4% to the overall runtime in a JAVA
environment, and could be made much faster still.
|