The PDP can be deployed and started in the ESB container via 'tesb:start-authz-pdp'. The PDP can be configured by container/etc/org.talend.esb.authorization.pdp.cfg:
- registryAtomUrl: The URL of the XACML Policy Registry to retrieve policies from. The default is 'https://localhost:9001/services/XacmlRegistryAtom'.
- policyCachingStrategy: The PolicyCachingStrategy of the PDP (see previous section). The default is "InMemory".
- cacheConfiguration: The cache configuration file (see previous section). The default is "pdp-ehcache.xml".
- loadPermissionPoliciesOnInit: Whether to load permission policies on startup or not. The default is "false", meaning that they are retrieved (and subsequently cached) when required.
- policyReloadInterval: How often to reload policies (in minutes). The default is "10". If set to "0", policies are initially retrieved, and are not reloaded.
- usePIP: Whether to use a PIP or not to retrieve attributes that are missing in the request. The default is "false".