Ignore:
Timestamp:
25/08/10 11:03:04 (10 years ago)
Author:
pjkersha
Message:

Incomplete - task 2: XACML-Security Integration

  • working caching with ndg.security.test.integration.full_system integration test. Caching works at the app, caching authz decisions but also at the PIP inside the authorisation service, caching Attribute Authority query results.
  • TODO: make PEP use two stage PDP, first lightweight PDP filters out CSS and graphics requests to avoid overhead of network call to the authorisation service, second stage is callout to authorisation service as already in place.
File:
1 edited

Legend:

Unmodified
Added
Removed
  • TI12-security/trunk/NDGSecurity/python/ndg_security_test/ndg/security/test/integration/full_system/securityservices.ini

    r7350 r7361  
    444444# on behalf of the PDP onwards to the PIP 
    445445 
     446# The PIP can cache assertions retrieved from Attribute Authority calls to 
     447# optimise performance.  Set this flag to True/False to enable/disable caching 
     448# respectively.  If this setting is omitted it defaults to True 
     449authz.ctx_handler.pip.cacheSessions = True 
     450 
     451# Set the directory for cached information to be stored.  This options is  
     452# ignored if 'cacheSessions' is set to False.  If this setting is omitted, then 
     453# sessions will be cached in memory only.  If the service is stopped all cached 
     454# information would be lost 
     455authz.ctx_handler.pip.sessionCacheDataDir = %(here)s/pip-session-cache 
     456 
    446457#  
    447458# Attribute ID -> Attribute Authority mapping file.  The PIP, on receipt of a  
Note: See TracChangeset for help on using the changeset viewer.