Recently, I had chance to work on Extensible Data Security and noticed few things which can be very helpful, they are posted below.
- XDS can hurt performance sometimes if query is not designed well. In order to design security without hurting the performance, always try to reduce number of joins in your Security Policy Query.
- If your requirement is complex and needs to add some dynamic filters to the query. In that case you can create a temporary table with type TEMPDB and override its xds() method to fill the table dynamically. This method can be considered for performance improvements as it would reduce query joins. For this, please see xds method on the table MyLegalEntitiesForXDS
- If you have to disable XDS, consider following 2 methods
- Create a view and fetch data from that view. View is a different object for XDS framework, thus the security applied on the table will not be considered for view and you will see the data.
- Second method to disable the security is mentioned here in my other post.