You can choose to set up row-level security in the repository, or in the database.
Implementing row-level security in the repository provides many benefits, including the following:
All users share the same database connection pool for better performance
All users share cache for better performance
You can define and maintain security rules that apply across many federated data sources
Implementing row-level security in the database, in contrast, is good for situations where multiple applications share the same database. When you design and implement row-level security in the database, you should also define and apply object permissions in the repository.
Although it is possible to set up row-level security in both the repository and in the database, you typically do not enforce row-level security in both places unless you have a particular need to do so.
This section contains the following topics: