chris_dudley
Member
- Joined
- Mar 31, 2008
- Messages
- 7
- Programming Experience
- 5-10
Hi All,
I have gone down the n-layer architecture route for a web app, and it's working well with a Data Access Layer, Object Domain / Business Logic Layer, and Web UI. I've come to plumb in the user authentication and auditing and I see it as having two different ways to achieve the same thing. I'd like to know what the preferred or best-practice method is.
Let's say I'm saving a record in my system. The UI will have an instance of a business object and will call the Save() method to persist it. But the DAL needs to know the Id of the logged-in user in order to audit the change. I have two ideas:
1. The UI works out the Id of the logged-in user and passes the Id to the Save() method, and in fact all persistence methods of BLL objects.
or
2. The BLL gets the Id of the logged in User by looking for an HTTPContext, and if it exists, fetch the logged in User's Id from there (otherwise use a zero or null value).
The problem with #1 is that I have to add userId parameters to lots of methods. The problem with #2 is that although it works for a Web App (which is what this is), if I ever wanted to use a Winforms app and plug it into the same BLL, it would cease to audit changes (all changes would be attributed to user 0.)
From a purist standpoint, it seems to be that #1 is the way to go.
I hope this is clear! Any advice or suggestions would be appreciated!
Thanks
Chris
I have gone down the n-layer architecture route for a web app, and it's working well with a Data Access Layer, Object Domain / Business Logic Layer, and Web UI. I've come to plumb in the user authentication and auditing and I see it as having two different ways to achieve the same thing. I'd like to know what the preferred or best-practice method is.
Let's say I'm saving a record in my system. The UI will have an instance of a business object and will call the Save() method to persist it. But the DAL needs to know the Id of the logged-in user in order to audit the change. I have two ideas:
1. The UI works out the Id of the logged-in user and passes the Id to the Save() method, and in fact all persistence methods of BLL objects.
or
2. The BLL gets the Id of the logged in User by looking for an HTTPContext, and if it exists, fetch the logged in User's Id from there (otherwise use a zero or null value).
The problem with #1 is that I have to add userId parameters to lots of methods. The problem with #2 is that although it works for a Web App (which is what this is), if I ever wanted to use a Winforms app and plug it into the same BLL, it would cease to audit changes (all changes would be attributed to user 0.)
From a purist standpoint, it seems to be that #1 is the way to go.
I hope this is clear! Any advice or suggestions would be appreciated!
Thanks
Chris
