How best to design Access Control Layer in n-tier architecture application

softwareengineering.stackexchange https://softwareengineering.stackexchange.com/questions/45931

質問

This is a typical architecture scenario for a 3-tier design:

UI-tier
Has Graphical User Interface components

Middle-tier
Has business logic including the following layers:

  1. Data Access Layer (DAL)
  2. Access Control

Data-tier
Typically your database or physical data storage

What is the best way to implement Access Control when performance is top of priority list?

  • Should the DAL return ALL data and have the UI layer worry about Access Control?
  • Should the DAL perform Access Control, i.e. decide with data to return, so that the UI does not worry about Access Control?

What are your thoughts on this, and what guides you when making such design decisions?

正しい解決策はありません

ライセンス: CC-BY-SA帰属
所属していません softwareengineering.stackexchange
scroll top