Community

MarkLogic 10 and Data Hub 5.0

Latest MarkLogic releases provide a smarter, simpler, and more secure way to integrate data.

Read Blog →

Company

Stay On Top Of Everything MarkLogic

Be the first to know! News, product information, and events delivered straight to your inbox.

Sign Me Up →

 
Knowledgebase:
Query Performance difference between Admin vs Non-Admin User
20 October 2020 12:55 PM

Summary

The Admin user bypasses all Security settings (roles/privileges) in the Security database and bypasses the document permissions in user databases. Any benchmark load test should be performed using a "real world" user account (i.e. not with the Admin user). 

Treat Admin as a super user.

MarkLogic treats the Admin user as a super user. When an Admin user executes a query, the query is not evaluated against any Security database settings and it bypasses all document permission checks (i.e. read, write, update) and Query privileges.

When comparing performance of a query run by Admin user versus a non-Admin user, all other non-Admin user queries may show longer execution run times, depending upon how many roles the user inherits, the size of the security database, and on the nature of the query. You may not notice difference for an isolated single query executions, but when run under a large load, difference may be noticeable.

Question: What is expected performance difference between Admin and non-Admin user.

Each non Admin-user is different and will likely inherit different number of roles and have different permissions on documents. Hence security evaluation overhead for different user is different and should be tested for their specific environment and bench marked.

Recommendation:

Non-Admin Application user and roles should be part of any query development process, which will give good measure of the performance impact of the Security schema from initial phase.

Further Reading

(0 vote(s))
Helpful
Not helpful

Comments (0)