Versions Compared

Old Version 3

changes.mady.by.user Ram Krishna Verma

Saved on

compared with

New Version 4

changes.mady.by.user Ram Krishna Verma

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Component NameFeasibility AnalysisCommentsOwner
PAP  

Ram Krishna Verma

Drools-PDP

Jorge Hernandez

Apex-PDP

Ajith Sreekumar

Xacml-PDP

Pamela Dragosh

...

SolutionRankComments
ACTIVE/PASSIVE state change at PdpGroup LevelLOWThis solution makes all the policies running in PDP engine to stop/start execution.
But the intent is to stop/start individual policies. 
Deploy/Undeploy policy in PDP EngineMEDIUM

This solution might work but includes overhead of deploying/undeploying policies from PAP to PDP engine.

Delta update might help improve the list sent by PAP.

Also, needs to know what happens if an event is under process and PDP receives message to undeploy policy. 

Proposed plan/changes

Utilize the deploy/undeploy API to achieve the ability for enabling/disabling policy in PDP engine. And make the following changes:

  • Delta policy update between PAP & PDP

              Currently the whole list of policies are transferred always between PAP & PDP for any deploy/undeploy operation. This should be changed to only send the policy for which deploy/undeploy operation has to be performed by the PDP.

              This will help in not affecting other policies while trying to enable/disable a policy in PDP. Also, improves the overhead of sending the whole list again and again and PDP scanning through the list.

  • Graceful undeploy of policy in PDP

               When a PDP engine receives undeploy request from PAP, it should ideally try to finish the processing of any ongoing event and then gracefully undeploy the policy.