XML APIs? Yes. XML in the DB? No!

Dave Kearns writes about the XML infrastructure in Microsoft’s new IAM product:

http://www.networkworld.com/newsletters/dir/2009/092109id2.html?source=NWWNLE_nlt_security_identity_2009-09-23

I don’t think XML is *necessarily* a good thing!

Yes, its’ a great way to package APIs for communication between two systems. That’s what XML was always designed for and it does a great job.

But some vendors – in the IAM space and elsewhere, and I think this includes Microsoft’s Forefront Identity product, store XML “blobs” in the database to represent complex data structures, such as users along with their identity attributes, roles, accounts and group memberships.

Storing XML objects in the database is actually *terrible*. It can kill performance — try running a search through a table where a given attribute of an XML blob in some column has a given value!

It also pretty much eliminates the possibility of using third-party tools to run reports against the data. You want to use Crystal Reports, for example, to see what users are in some group and have some role? Too bad for you! That data is encoded in XML blobs that the reporting program can’t parse.

So yeah, having a web services, XML-based API is great. But storing XML in the database is nothing more than the product of lazy programmers who can’t be bothered to update the database schema to reflect the evolving needs of their app.

Tags:

Comments are closed.