Announcement Announcement Module
No announcement yet.
ACL, nested groups and > 25 million instances Page Title Module
Move Remove Collapse
This topic is closed
Conversation Detail Module
  • Filter
  • Time
  • Show
Clear All
new posts

  • ACL, nested groups and > 25 million instances


    We are developing a pretty large system that will hold about 25 million orders per year and we have a few requirements for our access control system.

    Each installation will contain one or more organizations with a nested group hierarchy that references roles and users. I was wondering if anyone has any experience or ideas regarding:

    1. How to handle nested groups with inheritance of roles in an efficient manner?

    2. The application must support to set what group(s) can see a particular order (also with inheritance support), this of course must be filtered in our SQL/JPQL query.

    We need both instance access control (ACL) and role based security. Currently the system is running with Spring Security 3.0RC2 with a simplified "owner-organization-as-admin" functionality covering the ACL and groups without nesting.

    Attached is a very simple (and ugly!) minimal instance diagram.

    I would be thankful for any input on the subject!