- Batch authorization queries whenever possible to avoid frequent out-of-process round trips. For example, retrieve roles for multiple users in a single request.
- Cache the authorization data close to where you will use it with an in-memory store, such as a Hashtable. The cache also reduces dependencies on the location and organization of the underlying store. You might also want a separate cache for each physical computer, for performance and increased security.
- Implement scheduled or on-demand refreshes of the cache information.
- Implement lazy initialization of the authorization cache to avoid retrieving authorization information when no access checks will occur.
Oct 27, 2007
Improving the Performance of a Reusable Authorization Framework
Labels:
Security
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment