OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help



   RE: [xml-dev] SOAP-RPC and REST and security

[ Lists Home | Date Index | Thread Index ]

We do some similar things.  It is the notion 
that all fields can be secured this way and 
that the customer gets to pick and choose 
that is troubling.


-----Original Message-----
From: Gavin Thomas Nicol [mailto:gtn@rbii.com]

On Wednesday 20 February 2002 04:39 pm, Bullard, Claude L (Len) wrote:
> What is the impact on performance of implementing
> field level security?  Module or record level, I
> can understand, but field level seems to be prohibitively
> expensive.

It's not *very* expensive. In one of our products everything is 
protected via what I call "split capabilities" such that individual 
method invocations, fields, buttons etc. are all controlled. The real 
trick is to compile to a "resolved security matrix" on a per-user 
basis to allow short-circuited permission checking.

The checks probably adds 2-4% to the overall runtime in a JAVA 
environment, and could be made much faster still.


News | XML in Industry | Calendar | XML Registry
Marketplace | Resources | MyXML.org | Sponsors | Privacy Statement

Copyright 2001 XML.org. This site is hosted by OASIS