which would you consider best of these 2 options?
situatio:
There are a number of distibuted system each have there own web services sharing a number of methods. Every one of these methods needs to be secure as they contain confidential patient data or financial information.
one of these distributed system could be repeated any number of times possibly 1000's and each one will provide its own method's exactly the same for each one just different data becase each are using there own databases.
Each web service method on these can possibly be accessed by differnt user types. These usertypes are to be maintained in a database and assigned to each web service method.
There is also a centeral authentication system that holds users passwords so authorised users can login to any of these services.
Now to access these 1000's of system would it be best to
1) store the user types allowed for each web service method on the individual databases of each of the 1000's of system?
2) stored the user types and access rights to all the methods on a centeral database , the same one that's storing and handeling the user authentication?
i'm currently working out which one is best as both have there own advantages put personaly i'm wanting to go with option 2, why? becase if we went for option one the same database tables i.e. the ones holding the web service methods access rights would need to be repeated for every one of the 1000 systems also the same bits of code to access each of these database and authenticated the user types with the methods would have to be repeated line for line on every one of these system.
the only down side I see with my option that that its going to require more database queries to external datbase i.e. the authentication server.
The other guys response to managing option 1 is that its "easy to maintain 1000's of external database it'll just be like doing a mass virus update."
is this possible ?
My other consern with option 1 is maintain all the repeated code in all the 1000's of system, basicly the same access code is repeated on every one of the 1000's of system. what if at a later date we change some of the code we'd have to go round all the 1000's of systems and do the code update right ?
By the way this is being done ine asp.net, any sugestions welcome for arguing my case
sorry for the long post
situatio:
There are a number of distibuted system each have there own web services sharing a number of methods. Every one of these methods needs to be secure as they contain confidential patient data or financial information.
one of these distributed system could be repeated any number of times possibly 1000's and each one will provide its own method's exactly the same for each one just different data becase each are using there own databases.
Each web service method on these can possibly be accessed by differnt user types. These usertypes are to be maintained in a database and assigned to each web service method.
There is also a centeral authentication system that holds users passwords so authorised users can login to any of these services.
Now to access these 1000's of system would it be best to
1) store the user types allowed for each web service method on the individual databases of each of the 1000's of system?
2) stored the user types and access rights to all the methods on a centeral database , the same one that's storing and handeling the user authentication?
i'm currently working out which one is best as both have there own advantages put personaly i'm wanting to go with option 2, why? becase if we went for option one the same database tables i.e. the ones holding the web service methods access rights would need to be repeated for every one of the 1000 systems also the same bits of code to access each of these database and authenticated the user types with the methods would have to be repeated line for line on every one of these system.
the only down side I see with my option that that its going to require more database queries to external datbase i.e. the authentication server.
The other guys response to managing option 1 is that its "easy to maintain 1000's of external database it'll just be like doing a mass virus update."
is this possible ?
My other consern with option 1 is maintain all the repeated code in all the 1000's of system, basicly the same access code is repeated on every one of the 1000's of system. what if at a later date we change some of the code we'd have to go round all the 1000's of systems and do the code update right ?
By the way this is being done ine asp.net, any sugestions welcome for arguing my case
sorry for the long post