MOSS Forum

Ask Question   UnAnswered
Home » Forum » MOSS       RSS Feeds

Security trimming performance

  Asked By: Travon    Date: Sep 05    Category: MOSS    Views: 996

I am looking to create a list in a MOSS 2007 intranet portal where
every list item will be individually permissioned using SharePoint
Groups (each SP Group containing 1 or more Active Directory groups).
The list is likely to contain between 100 and 200 items and will be
used to present a security trimmed list in a custom web part on the
portal homepage. My question is, will the security trimming that
SharePoint has to perform degrade the performance of presenting the
homepage that will recieve 50,000+ hits a day from 3,000+ unique



5 Answers Found

Answer #1    Answered By: Wilson Bryan     Answered On: Sep 05


Answer #2    Answered By: Nathanael Wong     Answered On: Sep 05

Yes it will to some extent, but I don't think you will see the same kind
of performance  degradation that you would see trying to implement
security trimming of the page interface itself. The contents of the
list webpart will always be refreshed when the page postsback, so you
aren't really invalidating a page fragment. But the refreshment of that
list will take slightly more time than retrieving a list  that is not
individually permissioned.

Answer #3    Answered By: Todd Hamilton     Answered On: Sep 05

Seriously, 50,000+ hits a day from 3,000+ unique visitors will tax
anything using AD Groups to determine real-time which of 200 individual
items to show. I'd conduct some benchmarks before proceeding with this
plan. I'd also plan for the likely scenario you will need to implement
some kind of caching. I also plan for the likely scenario you will need
to move the entire list  to a custom database table (a simple XREF table
will do) and query for the items for which a given user's groups have

Can it be done, probably. Will it degrade performance, probably. Will
the performance  hit be crippling, I dunno? If you go this route, be sure
that you stress test it to death.

Answer #4    Answered By: Edgar Castillo     Answered On: Sep 05

The reason I'm exploring this avenue is
that the current plan is to use Audiencies to achieve the same
functionality. My immediate feeling was that Audiencies shouldn't be
used for what is essentially security  trimming. I wonder if perhaps
Audiencies *and* item level security should be set but only the
Audience setting is used to filter the list  in the custom web part?
Perhaps I'll stress test this approach against straight item level
security and see how it fairs.

Answer #5    Answered By: Jerrod Collier     Answered On: Sep 05

Your immediate feeling is correct. Audiences are used to filter content that
the user does not NEED to see. security  trimming, obviously, is used to block
access to items that the user CAN NOT see. If this is a security concern
(rather than a usability concern) audiences are probably not the way to go.

Didn't find what you were looking for? Find more on Security trimming performance Or get search suggestion and latest updates.