Performance Question

Discussion in 'ASP .Net' started by A. Elamiri, Apr 16, 2004.

  1. A. Elamiri

    A. Elamiri Guest

    I am building a portal for a college. I have offices and departments divided
    into groups, and within each group there is 3 different levels of Authority:
    Director
    Director Delegate
    Content Creator

    Access to certain folder is restricted to certain group, but at the same
    time it can restricted by Authority level within that group also.

    Which way would be more efficient and would cause the least impact in terms
    of performance:
    Setting roles in web.confg as <officename>-<authority level>. there are
    about 40 different offices and departments, this would mean that in the
    worst-case scenario I would have 40 x 3 = 120 Roles defined in the
    web.config (I was concerned that it may be too much)

    Second option would be to define under each restricted directory in the
    AppSettings a MinimumAuthority appSettings key, so I would read that then
    concatenate it with the Group name that the user belongs to and check if the
    user is in that role. That would mean that in a worst-case scenario I would
    only put 40 different group names in there

    which way would be more efficient

    --
    Abdellah Elamiri
    ..net Developer
    Efficacy through simplicity

    --
    Abdellah Elamiri
    ..net Developer
    Efficacy through simplicity
     
    A. Elamiri, Apr 16, 2004
    #1
    1. Advertising

  2. In your case, it is not a matter of efficiency because reading the options
    incur a disk I/O cost. Rather you should focus on maintainability. The
    webconfig file stands out here because it can be edited by most anyone with
    notepad experience. In addition, changes to the roles are immediately
    applied thru an application restart. Not so with the appsettings.
    Appsettings are read on app startup. This is easier for non-technical people
    who do not necessarily want to mess with IIS internals to apply settings.

    --
    Regards,
    Alvin Bruney [ASP.NET MVP]
    Got tidbits? Get it here...
    http://tinyurl.com/27cok
    "A. Elamiri" <abdellahDOTelamiriATclintonDOTedutNOSPAM> wrote in message
    news:...
    >I am building a portal for a college. I have offices and departments
    >divided
    > into groups, and within each group there is 3 different levels of
    > Authority:
    > Director
    > Director Delegate
    > Content Creator
    >
    > Access to certain folder is restricted to certain group, but at the same
    > time it can restricted by Authority level within that group also.
    >
    > Which way would be more efficient and would cause the least impact in
    > terms
    > of performance:
    > Setting roles in web.confg as <officename>-<authority level>. there are
    > about 40 different offices and departments, this would mean that in the
    > worst-case scenario I would have 40 x 3 = 120 Roles defined in the
    > web.config (I was concerned that it may be too much)
    >
    > Second option would be to define under each restricted directory in the
    > AppSettings a MinimumAuthority appSettings key, so I would read that then
    > concatenate it with the Group name that the user belongs to and check if
    > the
    > user is in that role. That would mean that in a worst-case scenario I
    > would
    > only put 40 different group names in there
    >
    > which way would be more efficient
    >
    > --
    > Abdellah Elamiri
    > .net Developer
    > Efficacy through simplicity
    >
    > --
    > Abdellah Elamiri
    > .net Developer
    > Efficacy through simplicity
    >
    >
     
    Alvin Bruney [MVP], Apr 16, 2004
    #2
    1. Advertising

  3. A. Elamiri

    A. Elamiri Guest

    Changes are actually done from within the Web Application which edits the
    Web.Config file. No one but Administrators have access to that feature.
    So it wouldn't matter if I had 120 roles stored in the web.config? I was
    thinking that maybe the more the roles the more time it will take for the
    Authentication logic to check whether a user belongs to a role which is
    authorized

    --
    Abdellah Elamiri
    ..net Developer
    Efficacy through simplicity
    "Alvin Bruney [MVP]" <vapor at steaming post office> wrote in message
    news:%...
    > In your case, it is not a matter of efficiency because reading the options
    > incur a disk I/O cost. Rather you should focus on maintainability. The
    > webconfig file stands out here because it can be edited by most anyone

    with
    > notepad experience. In addition, changes to the roles are immediately
    > applied thru an application restart. Not so with the appsettings.
    > Appsettings are read on app startup. This is easier for non-technical

    people
    > who do not necessarily want to mess with IIS internals to apply settings.
    >
    > --
    > Regards,
    > Alvin Bruney [ASP.NET MVP]
    > Got tidbits? Get it here...
    > http://tinyurl.com/27cok
    > "A. Elamiri" <abdellahDOTelamiriATclintonDOTedutNOSPAM> wrote in message
    > news:...
    > >I am building a portal for a college. I have offices and departments
    > >divided
    > > into groups, and within each group there is 3 different levels of
    > > Authority:
    > > Director
    > > Director Delegate
    > > Content Creator
    > >
    > > Access to certain folder is restricted to certain group, but at the same
    > > time it can restricted by Authority level within that group also.
    > >
    > > Which way would be more efficient and would cause the least impact in
    > > terms
    > > of performance:
    > > Setting roles in web.confg as <officename>-<authority level>. there are
    > > about 40 different offices and departments, this would mean that in the
    > > worst-case scenario I would have 40 x 3 = 120 Roles defined in the
    > > web.config (I was concerned that it may be too much)
    > >
    > > Second option would be to define under each restricted directory in the
    > > AppSettings a MinimumAuthority appSettings key, so I would read that

    then
    > > concatenate it with the Group name that the user belongs to and check if
    > > the
    > > user is in that role. That would mean that in a worst-case scenario I
    > > would
    > > only put 40 different group names in there
    > >
    > > which way would be more efficient
    > >
    > > --
    > > Abdellah Elamiri
    > > .net Developer
    > > Efficacy through simplicity
    > >
    > > --
    > > Abdellah Elamiri
    > > .net Developer
    > > Efficacy through simplicity
    > >
    > >

    >
    >
     
    A. Elamiri, Apr 16, 2004
    #3
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Don Beal
    Replies:
    13
    Views:
    861
    Richard Grimes [MVP]
    Sep 29, 2003
  2. jm
    Replies:
    1
    Views:
    540
    alien2_51
    Dec 12, 2003
  3. Cris Rock

    Performance related Question.....

    Cris Rock, Feb 12, 2004, in forum: ASP .Net
    Replies:
    1
    Views:
    323
    Stefano Mostarda
    Feb 12, 2004
  4. cjl
    Replies:
    3
    Views:
    1,012
    John Nagle
    May 21, 2007
  5. Software Engineer
    Replies:
    0
    Views:
    368
    Software Engineer
    Jun 10, 2011
Loading...

Share This Page