Item Level Security - Performance impacts

We are planning to use Item Level Security but have read in the help that this means folder caching is not used. This will mean a performance degradtion.
Has anyone used Item Level Security and ran into performance problems ?
If so any guidelines on what is an acceptable limit in turns of size of content areas, number of items etc.
Thanks
Simon.

I'd appeciate a reply as well. For now I've been using content as a PL/SQL stored procedure in a package and then wrapping is_logged_in code around it. It works but isn't cusomizable.

Similar Messages

  • Real World Item Level Permission Performance?

    I am considering implementing item level permission on a list we use. I've seen all the articles online cautioning not to do this with lists of more than 1000 items, but the articles seem to have little detailed information about the actual impact and what
    causes the performance issues. Additionally, they seem to refer to document libraries more than lists. I'd like some feedback about what might occur if we were to use item level security in our situation.
    Our situation is this: list of current ~700 items in a sharepoint list. Expected to grow around 700 items per year. The list has about 75 fields on it. We have 8 active-directory groups that have access to the list, based upon company department. Each
    item in the list can apply to one or more departments. The groups represent around 100-150 different unique users.
    We would like to use item level security to be set via workflow, to enable particular groups to access the item based upon their group membership. For example, if the list item is for the HR department, then the HR group has access. If the item is for IT,
    then the IT group has access (and HR wouldn't).
    That's it. There would be no nesting of items with multiple permission levels, no use of user-level ACLs on the items, etc.
    Thoughts about this configuration and expected performance issues?  Thanks for any feedback!

    Just an update for anyone who finds this thread:
    I converted our data into a test SharePoint list with 1500 rows. I then enabled full item-level security, with restrictions to hide data not created by the person.
    I then set individual permissions for each item that included 2-3 AD groups with different permissions--contribute, full ownership, etc, and 2-3 individuals with varying permissions. The individuals represented around 50 total people.
    After the permissions were set I then did a comparison of loading individual views and the full data set in Standard and Datasheet views, for both myself as an administrator with full list access and with several of the individuals who only had access to
    their designated items--typically 75-100 of the total list.
    The results were that I found no discernable difference in system performance from the user interface level while loading list views after the item level security was configured in this way. I understand this will vary based up
    hardware configuration and exact permission configuration, but in our situation the impact of item level security on a list of 1500 items had very little, if any, negative performance impact. Note that I didn't check performance at the database server level,
    but I'm assuming the impact there was minimal since the front-end user experience was unaffected.
    I expect we'll put this solution into place and if we do I'll update this post when we have additional real-world usage information.

  • How programmatically "enable" the Page to have Item level security

    Some body known how do we programmatically "enable" the Page to have
    Item level security. - analogous to checking the box in the Page edit mode for "Enable item level security"

    Hi, I only know portal.wwsbr_api.enable_ils_for_item.....
    You can perform actions on multiple objects simultaneously.
    Navigator > Page Groups(TAB) > PageGroup > Page > actions(link)
    Click on actions link and in LOV, select "Enable ILS".
    Hope this help.

  • Item Level Security not working with Tabs

    I've Portal 9.0.2.2.22
    This issue is with Item Level Security with Tabs. Here is what I've have:
    Page Group: MyPagegroup (Privs: portal => Manage All)
    Page: MyTestPage (Privs: portal => Manage All,
    testUser => View)
    There is a tab called MyTab on page MyTestPage which has two items (simple images) image1 and image2. The tab's access privs have been set NOT to inherit from the page. The public check box has not been checked for the tab. I've specifically assigned access privs to the tab.
    Now here are the two scenarios that I'm having problem with:
    1) MyTab (portal => Manage All, testUser => view)
    image1 (ILS enabled: portal => Manage All)
    image2 (ILS enabled: portal => Manage All,
    testUser => View)
    When logged in as "testUser", I still see both the images on MyTab although image2 doesn't have view priv to testUser. My expected result is to see just image2 on the tab.
    2) MyTab (portal => Manage All)
    image1 (ILS enabled: portal => Manage All,
    testUser => View)
    image2 (ILS enabled: portal => Manage All)
    When logged in as "testUser", I still see NO images on MyTab although image1 has view privs to testUser. I would expect to see image1 on the tab.
    Question: In both the above cases, the tab privs seem to be dictating what the user sees regardless of what the item level privs are set to. Is this normal behavior or a bug? If a bug, is there a patch? Is there any way so that even after setting the tab privs, I still have finer control of what the user can access through item level privs?
    If I don't put the items under a tab, then things work as expected.
    thanks
    Lalit Agarwal
    Vienna, VA
    703-521-5200 x3610

    This is a known problem with the 9.0.2 release - fixed in 9.0.2.6.
    Regards,
    Jerry
    PortalPM

  • Item level security not working when placed in a portlet page

    I have three page links linking to separate pages and have two of them with item level security turned on for specific groups with view privilges. I have the access for those groups with view privilges in the page level as well. I have published that as portlet and placed the portlet in another page which has view priviliges for the groups specified in item level as well.
    But I notice that when i place the portlet in a page, the item level security is not working.
    Item Level Security Not Working for Items Placed on a page and published as portlet and placed in another page. Is there some work around for this.
    Thanks
    Valli

    Would you please clarify for me? Is the problem that unauthorized people can see the portlet, or that unauthorized people can see the links?

  • Item level security...

    We have an out of the box solution where users can log there meeting minutes in a custom list. The security of the site consists of about a 100 SharePoint groups which are being used throughout the site collection with different permissions.
    For the purpose of this solution we have each group belonging to one of four logical roles (Directors, Power Users, Employees (Internal) and Employees (External). There are about 50 groups that fit the role of Employees. We want to make sure that users can
    access only the items if they belong to this logical role. That means that an item created by employee has to be accessible by 50 groups.
    What would be the best practice to apply security in this situation since for item level security it would require that inheritance be broken at item level and 50 groups added to the permissions of that item.
    Regards

    We are often discouraged from using folders, but security is one place they are quite useful. Create one folder for each of your top level groups (Directors, etc), break inheritance on the folder and assign your 50 groups. Upload a file to the folder and
    all of the security you need has been applied. You general users don't need to know about the folders. Create view that "Show all items without folders". Keep one view with folders displayed for uploading files.
    Mike Smith TechTrainingNotes.blogspot.com
    Books:
    SharePoint 2007 2010 Customization for the Site Owner,
    SharePoint 2010 Security for the Site Owner

  • ACL - ILS (Item Level Security) for Content Server & WebCenter Spaces

    We're trying to implement Item Level Security (ILS / ACL) for Webcenter spaces. We're following the instructions from the Oracle® Fusion Middleware Administrator's Guide for Oracle WebCenter 11g Release 1 (11.1.1.5.0) http://docs.oracle.com/cd/E15586_01/webcenter.1111/e12405.pdf
    After making the configuration changes, we're unable to see the "Security" option from the "File" menu in the Document explorer. Has anyone else implemented this feature and ran into similar issues?
    I made the following configuration changes:
    UseEntitySecurity=1
    SpecialAuthGroups=SecurityGroups (comma separated list with no spaces and the application name is included)
    CS: Version:11gR1-11.1.1.5.0
    DB: 11.2.0.2.0 ---Oracle Database 11g Enterprise Edition
    WebCenter: 11.1.1.4.0 (in a clustered environment)
    Also, we're looking at the document properties in webcenter spaces via document explorer and do not see the "security group" or "accounts" metadata fields. We can see the "Content ID" and a whole bunch of fields and do not see "security groups" and "accounts". However, when we log into the content server and look at the folder or file "info" we can clearly see the security group and account values...not sure what is required to make these two fields show up in webcenter spaces.

    Hi ,
    Do you upload the documents from spaces or from UCM side ?
    When you say the security and account field are not displayed , is that when viewing the content or during update ?
    When the ACL features are turned off do you see the above fields ?
    Thanks
    Srinath

  • Item level security, workflow and tab problems

    was wondering if someone could help us out with some problems we are having. We need to up and running over the next two days so anyone who could get back to us pretty quickly would be greatly appreciated.
    We are actually having a couple of issues which all revolve around three
    groups we have created (for simplicity we have only attached one user to each group). Here are the steps we took:
    Problems adding content:
    a) Added the three groups to the page group and gave them view access.
    b) Turned on approvals and set group3 as the approver.
    c) Added the three groups to the page and gave them view access.
    d) In the page properties, I enabled item level security.
    e) Added an item content area to the page.
    f) Added three pieces of simple content
    g) For content item1 I granted granted full access to group1(Own, manage, view), for content item 2 I granted full access to group2, etc.
    h) WHen I log on as a user in group1 I only see content item1. HOwever, when I edit the page I find I cannot add any items as user1.
    i) I went back to the page properties and changed the access of all three groups to "manage items with approval" but let the item level security as it was.
    j) When I logged on as user1 I found I could see all items now when I should only have seen content item1. What the hell? Can anyone tell me what I did wrong?
    Problems with item level security on tabs:
    a) Repeat steps a) through d) above.
    b) Create a content region and add three tabs: Home, Work, Life.
    c) On the Work tab changed portlet region to item region.
    d) Added three items with security exactly as I did above.
    e) When I signed on as user1 I saw all three items when I only should have seen item1. What the hell?
    f) I monkeyed around with the secutiry at the tab level but it didn't seem to make much difference. ANyone have any ideas what is going on here?
    Thanks in advance.

    Does the library have versions enabled? Also are these logins occuring within word/excel etc?
    If there's multiple login prompts which occur even if entering valid credentials what does hitting escape (after the first prompt) achieve, does the document open anyway?
    There's a situation where Office will prompt for credentials if you open a document when you've only got read access but there's a version history (to which you don't have access). This is to allow you to enter more highly privelidged credentials if you
    want to.

  • Setting up item level security access

    Hello,
    I am new to Oracle Instant Portal and I'm trying to figure out how to set up item level security on a particular tab page. Can anyone give step by step instructions on how to make it work?
    So, say that I have a tab page called HR. On that HR page, I have 3 items. For item1 and item2, I want user1 to have view access to these only, and for user2 they could have view access to item3 only.
    I checked the option in the HR page's Page Access settings to Enable Item Level Security, saved the changes, and even cleared the cache, but it doesn't seem to give me any new functionality where I could specify that for item1 and item2, only user1 should have access to it, and for item3, only user2 should access it.
    Can someone please help?
    Thanks!

    Please disregard--I figured out how to do this:
    1. When you are editing the page, you must click on the "Edit Item" icon next to the item.
    2. Then click on the Access tab in the upper right.
    3. Select Define Item Level Access Privileges and click Apply.
    4. In the Grant Access section that now appears just below, select the user id you want to grant access to the item and then click Add.

  • Edit Folder link always is visible if Item Level Security is enabled

    Hi,
    When Item Level Security is enabled in a folder, it show the 'Edit Folder' link, instead if the user is not authenticated.
    Does anybody know how to remove this link???
    Thanks.

    We to have experienced this behavior. Is this a bug?
    The Edit Link generated does not allow the user to "edit" any items, but shows the Administration link. This is not a good thing. This makes using Item Level Security very difficult, from the standpoint of User Interface and confusion.
    We are looking into creating a portlet to dynamically generate an "Edit Folder" link to replace the current one. However, we have doubts this will work.
    Dean
    - Solaris
    - Portal 3.0.9.8.2
    - 8.1.7.3
    (Awaiting Release 2!)

  • Access Tab not showing for item level security

    I have enabled item level security for the portal page I am working on, but the access tab for the items is not showing.
    I have come accross exactly the same problem on this forum and the advice was:
    Hi try the following :
    go to page properties
    set the item level security
    clear the cache
    clear your browser cache
    it should work "
    I have tried all that, closed and opened a browser but the access tab is still not showing. This is a 10.1.4 portal on LINUX. Starnge enough I have a testing environment installed on my Windows XP (AS 10.2.0.2 not upgarded to 10.1.4) and I don't have any issues with item security access tab at all.
    I would appreciate any clues.
    Regards,
    Anna

    There should be two icons shown for each item when you put the page in Edit mode - Edit and Actions. Click on the Actions icon and "Access" should be one of the links in the list of actions (like hide, expire, delete, move, etc.)

  • WWSBR_ALL_ITEMS and item level security - BUG?

    Hi,
    View WWSBR_ALL_ITEMS does not seems to work correctly when using item level security on a folder.
    If I add an item to a folder with item level security enabled and do NOT define any special access settings for this item, ie the item setting is "Inherit Parent Folder Access Privileges", then the view does not return the item.
    Has anyone else run into this? Is it a bug?
    Any help appreciated.
    Portal 3.0.9.8.0
    Oracle8i Enterprise Edition 8.1.7.0 - 64 bit
    IBM AIX 4.3.3

    I've been informed that patch 3.0.9.8.2 will solve the problem. Sorry about the double post.

  • Search itens with item level security enabled

    Hi,
    I have a page that "item level security" enabled.
    I am doing a select to get itens...
    How can I get only itens that current user have view permission?
    select wv.title,
    wvt.numbervalue,
    wv.description,
    '/pls/portal/url/ITEM/'||wv.guid link
    from portal.wwv_things wv,
    portal.wwv_thingattributes wvt
    where wv.siteid = 271
    and wv.itemtype = 'basefile'
    and wv.subtype = 498194
    and wv.active = 1
    and wv.language = 'us'
    and wv.id = wvt.masterthingid
    and wv.siteid = wvt.siteid
    and wvt.attributeid = 1354
    and wvt.attribute_siteid = 0
    and wvt.valuetype = 'number'
    order by wv.title;

    I found the view. Thanks
    portal.WWSBR_ALL_ITEMS

  • How to use Item Level security

    I am working on portal 9.0.2.6.18.
    I have a folder with 1000 items. I want to grant groupA
    access to 997 items and
    (Group B,GroupA) access to 3 items.
    How do i do this.
    Here is what i tried:
    1.enabled item level security on folder
    2.granted folder level access to groupA and groupB
    3.Changed access of 997 items to grant access to GroupA
    4.Did nothing to the 3 items which i wanted to give access to GroupA,GroupB
    Is there a better way of achieving this?
    I am not really comfortable granting folder level access to groupB, because if i miss overwriting privileges of an item (in step 3), then groupB will have access to that item. I would love to change just 3 items because they are the exception.
    How is this feature supposed to be used?
    Thanks
    Harish

    Martin,
    Thanks for the reply. I just cited 1000 items folder as an example. We have various complex combination of security requirements for folders and items. So creating sub-folders for each combination will not work for me.
    Everytime the security requirements change we have to move the items around, which can confuse users. And sometimes we have to create sub-folders to workaround the item-level security problems even when there is no logical business classification to a set of items.
    Harish

  • ACL - ILS (Item Level Security) for Webcenter Spaces

    We're trying to implement Item Level Security (ILS / ACL) for Webcenter spaces. We're following the instructions from the Oracle® Fusion Middleware Administrator's Guide for Oracle WebCenter 11g Release 1 (11.1.1.5.0) http://docs.oracle.com/cd/E15586_01/webcenter.1111/e12405.pdf
    After making the configuration changes, we're unable to see the "Security" option from the "File" menu in the Document explorer. Has anyone else implemented this feature and ran into similar issues?
    Also, we're looking at the document properties in webcenter spaces via document explorer and do not see the "security group" or "accounts" metadata fields. We can see the "Content ID" and a whole bunch of fields and do not see "security groups" and "accounts". However, when we log into the content server and look at the folder or file "info" we can clearly see the security group and account values...not sure what is required to make these two fields show up in webcenter spaces.

    Hi ,
    Do you upload the documents from spaces or from UCM side ?
    When you say the security and account field are not displayed , is that when viewing the content or during update ?
    When the ACL features are turned off do you see the above fields ?
    Thanks
    Srinath

Maybe you are looking for

  • I'm not getting incoming mail

    my mail application is no longer sending mail into my inbox.  I can send an email out.  What can I do to fix this?  I am an aol user and have a macbook pro

  • How to remove "Items" in the Search Header Component

    Hi guys I'm hoping some of you can help me out with this problem. In my collection renderer, I have entered "SearchHeaderComponent,this", which has given me the Searchheadercomponent, that I was interested in. Unfortunately I'm only interested in the

  • XDK 10.1.0.2.0 NT XMLType and org.w3c.dom.Document problem/bug?

    Hi Chaps, I have Oracle 11g1 server side and am using the Oracle XDK 10.1.0.2.0 for Windows client side with Sun Java JDK 6 (1.6.0_06-b02). (I couldnt find an XDK for 11g1???) I have a table in my database that has an XMLType, its a very simple table

  • Benefits of Reorg to reclaim space in Oracle

    Hi All, I have archived and deleted records from few big tables from my database, now how want to reclaim space by doing reorg. Can anyone please guide me how to find out If I can reclaim some space by doing reorg. What are the queries which can help

  • Photoshop CC Phototomerge - "Some images could not be automatically aligned"

    Hi, Whenever I try to use Photomerge from Photoshop CC under Windows 8.1, I always get "Some images could not be automatically aligned". Under Mac OS X, it works ok with exactly the same images. I've also recently upgraded to Photoshop CC 2014, but t