Performance Question

I am building a portal for a college. I have offices and departments divided
into groups, and within each group there is 3 different levels of Authority:
Director
Director Delegate
Content Creator
Access to certain folder is restricted to certain group, but at the same
time it can restricted by Authority level within that group also.
Which way would be more efficient and would cause the least impact in terms
of performance:
Setting roles in web.confg as <officename>-<authority level>. there are
about 40 different offices and departments, this would mean that in the
worst-case scenario I would have 40 x 3 = 120 Roles defined in the
web.config (I was concerned that it may be too much)
Second option would be to define under each restricted directory in the
AppSettings a MinimumAuthority appSettings key, so I would read that then
concatenate it with the Group name that the user belongs to and check if the
user is in that role. That would mean that in a worst-case scenario I would
only put 40 different group names in there
which way would be more efficient
Abdellah Elamiri
.net Developer
Efficacy through simplicity
Abdellah Elamiri
.net Developer
Efficacy through simplicityIn your case, it is not a matter of efficiency because reading the options
incur a disk I/O cost. Rather you should focus on maintainability. The
webconfig file stands out here because it can be edited by most anyone with
notepad experience. In addition, changes to the roles are immediately
applied thru an application restart. Not so with the appsettings.
Appsettings are read on app startup. This is easier for non-technical people
who do not necessarily want to mess with IIS internals to apply settings.
Regards,
Alvin Bruney [ASP.NET MVP]
Got tidbits? Get it here...
http://tinyurl.com/27cok
"A. Elamiri" < abdellahDOTelamiriATclintonDOTedutNOSPAM
> wrote in message
news:eacfoo7IEHA.3040@.TK2MSFTNGP09.phx.gbl...
>I am building a portal for a college. I have offices and departments
>divided
> into groups, and within each group there is 3 different levels of
> Authority:
> Director
> Director Delegate
> Content Creator
> Access to certain folder is restricted to certain group, but at the same
> time it can restricted by Authority level within that group also.
> Which way would be more efficient and would cause the least impact in
> terms
> of performance:
> Setting roles in web.confg as <officename>-<authority level>. there are
> about 40 different offices and departments, this would mean that in the
> worst-case scenario I would have 40 x 3 = 120 Roles defined in the
> web.config (I was concerned that it may be too much)
> Second option would be to define under each restricted directory in the
> AppSettings a MinimumAuthority appSettings key, so I would read that then
> concatenate it with the Group name that the user belongs to and check if
> the
> user is in that role. That would mean that in a worst-case scenario I
> would
> only put 40 different group names in there
> which way would be more efficient
> --
> Abdellah Elamiri
> .net Developer
> Efficacy through simplicity
> --
> Abdellah Elamiri
> .net Developer
> Efficacy through simplicity
>
Changes are actually done from within the Web Application which edits the
Web.Config file. No one but Administrators have access to that feature.
So it wouldn't matter if I had 120 roles stored in the web.config? I was
thinking that maybe the more the roles the more time it will take for the
Authentication logic to check whether a user belongs to a role which is
authorized
Abdellah Elamiri
.net Developer
Efficacy through simplicity
"Alvin Bruney [MVP]" <vapor at steaming post office> wrote in message
news:%23cFQT58IEHA.2688@.tk2msftngp13.phx.gbl...
> In your case, it is not a matter of efficiency because reading the options
> incur a disk I/O cost. Rather you should focus on maintainability. The
> webconfig file stands out here because it can be edited by most anyone
with
> notepad experience. In addition, changes to the roles are immediately
> applied thru an application restart. Not so with the appsettings.
> Appsettings are read on app startup. This is easier for non-technical
people
> who do not necessarily want to mess with IIS internals to apply settings.
> --
> Regards,
> Alvin Bruney [ASP.NET MVP]
> Got tidbits? Get it here...
> http://tinyurl.com/27cok
> "A. Elamiri" < abdellahDOTelamiriATclintonDOTedutNOSPAM
> wrote in message
> news:eacfoo7IEHA.3040@.TK2MSFTNGP09.phx.gbl...
then
>