Security Cross-cutting Concern
https://stackoverflow.com/questions/9340585
-
30-04-2021 - |
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianQuestion
I appreciate that Security is seen as a cross-cutting concern and in my current development I have built my security as a seperate component that can be used by my various layers. Within my security component there is a data access layer used to retrieve users, groups etc.
However, having this data layer with the security component just doesn't seem right to me when its used within an application which again has its own data layer.
Have I got this wrong?
Solution
I would say there is nothing wrong with this approach. If you want to keep security secure and free of potential issues introduced by changes to common DAL, keep it separate. Plus if security tables are used only by security component and there is not much common business logic, it does not give you much to have it in a common DAL. It would probably make it a bit safer - separate data connection for security checks.
