Policy Retrieval Point
The PDP uses a PolicyRetrievalPoint (PRP) implementation to retrieve XACML Policies for evaluation against a request. The TESB PDP ships with a default PRP implementation which retrieves role and permission policies from the XACML Policy Registry. The PRP implementation caches XACML policies and roles in two distinct caches to avoid costly calls to the XACML Policy Registry. The default caching mechanism is based on Ehcache.
When the PDP is started for the first time, it will retrieve all role policies from the XACML Policy Registry. Permission policies are retrieved when needed from the XACML Policy Registry, but it can be configured to retrieve and cache all permission policies on startup.
Did this page help you?
If you find any issues with this page or its content – a typo, a missing step, or a technical error – let us know how we can improve!