Menu
In a domain driven design architecture, in which layer is implemented security (access control)? How would the structure within the layer? It would be in the cross cutting?
565
Authentication will almost always go in your application layer. DDD is about modeling invariants that your business experts speak about and are likely to change. Something like authentication is usually not on a business expert's radar, and is taken as a given. In addition the logic for authentication is very unlikely to change.
Authorization is a bit more tricky. Sometimes you do need to bring that into your domain layer, since your business experts will speak of authorization. Such as "an order cannot be released until a manager and a regional manager both sign off on it". To me that is domain logic, as it is an invariant and a business policy that could change in the future.
I say a good test is if you came up with the need for something as a programmer, then it goes in the application layer. And if your business expert speaks of rules and policies concerning it, then it's domain layer.
97
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
