Difference between revisions of "Policy Framework in STP"

From Eclipsepedia

Jump to: navigation, search
(User Roles)
Line 1: Line 1:
This wiki is used as a starting point to kick off the discuss of Policy support in STP
 
 
 
== Introduction ==
 
== Introduction ==
This doc is aiming to define a framework to enforce SOA policy during component development and deployment.
+
This doc is aiming to define a framework to enforce SOA policy during developing and deploying service component.
 
It includes  
 
It includes  
 
  *Policy Model
 
  *Policy Model
 
  *Policy Registry
 
  *Policy Registry
 +
*Policy Creation
 
  *Policy Validation
 
  *Policy Validation
 
  *Policy Processor  
 
  *Policy Processor  
  *Policy Creation
+
   
  
 
== Use Cases ==
 
== Use Cases ==
Line 65: Line 64:
 
  WTP based Policy Editor: Used to create policy following ws-policyattachment?
 
  WTP based Policy Editor: Used to create policy following ws-policyattachment?
  
=== Policy Associate/Policy View ===
+
=== Policy Association / Policy View ===
 
Policy View will list all of the policies associated with a service component.
 
Policy View will list all of the policies associated with a service component.
 
Allow user to add/remove policy.
 
Allow user to add/remove policy.
 
The add action will bring up the policy editor.
 
The add action will bring up the policy editor.
 +
 
Here is the screenshot:
 
Here is the screenshot:
  
Line 74: Line 74:
  
 
When user add/move policy from service component, the policy validator will be called.
 
When user add/move policy from service component, the policy validator will be called.
 +
 +
=== Policy association during deployment ===
 +
Maybe the deployment profile editor needs to be extended to support applying policies at deployment stage.
 +
  
 
== Policy Validation ==
 
== Policy Validation ==
The policy validation framework is used to define a validation mechanism when applying ws-policy.
+
The policy validation framework is used to define a validation mechanism when applying policies to a service component.
Policy is created by policy editor. We will write provide a policy validation rule editor for  
+
Similar to policy editor. We will provide a policy validation rule editor for user to dynamic add/remove validation rules as well.
user to dynamic add/remove validation rules as well.
+
  
 
The validation rules will cover following category:
 
The validation rules will cover following category:
Line 93: Line 96:
 
   </rule>
 
   </rule>
 
  </validation>
 
  </validation>
 +
 
=== Policy Conflict ===
 
=== Policy Conflict ===
 
Define conflict relationship between policies
 
Define conflict relationship between policies
Line 107: Line 111:
  
 
=== Policy Subject Constraints ===
 
=== Policy Subject Constraints ===
Define the subject set with the policy may apply
+
Define the subject set which the policy may apply
 
Example:"
 
Example:"
 
  <validation>
 
  <validation>
Line 127: Line 131:
  
 
=== Policy Validation Engine Implementation ===
 
=== Policy Validation Engine Implementation ===
Need to write a engine to support the about validation rules. When user add a policy, we will call the engine  
+
Need to write a engine to support the about validation rules. When user add/remove a policy, we will call the engine  
 
to do the validating, the give meaningful error message if any.
 
to do the validating, the give meaningful error message if any.
  
Line 136: Line 140:
  
 
==== rule based xml validator in stp ====
 
==== rule based xml validator in stp ====
Alternative, we may think about extend the current rule based xml validator for policy validation engine here.
+
Alternative, we may think about extend the current rule based xml validator to support policy validation here.
?
+
 
 +
 
 +
 
  
== Policy Association ==
 
== Screenshots==
 
 
== User Roles ==
 
== User Roles ==
 
   *Policy Developer -- write policies and policy validation rules. write policy processor.
 
   *Policy Developer -- write policies and policy validation rules. write policy processor.

Revision as of 02:30, 30 September 2007

Contents

Introduction

This doc is aiming to define a framework to enforce SOA policy during developing and deploying service component. It includes

*Policy Model
*Policy Registry
*Policy Creation
*Policy Validation
*Policy Processor 

Use Cases

Design Map

STP Policy Design.png

Policy Data model

The policy model used here is different than policy defined in ws_policy or sca policy framework. It will more focus on the policy metaphor used during service creation and deployment.

Name, the name of the policy

Description, policy description

Category, such as transport, binding, security...etc

Version, policy version. We should support versioning in the policy framework

Metadata, the represented underline policy. It maybe a policy file or policy id in the registry. For policy file, it maybe a WS-Policy file or user proprietary xml file.

(Add Policy Model to STP Intermedia Metadmodel?)


Policy Registry

The Policy Registry will used to hold all policies to share cross projects. It will provide following functions:

*addPolicy
*removePolicy
*updatePolicy
*listCategories
*listPolicies
*getPolicy

Since the resource nature of the registry, we will implement it as a REST full service. I am looking for a generic tool to expose database table to REST service. If can't find one, we may develop such as tool in stp.


Policy Database

In the first version, it will be implemented as XML file for simplicity. Later on, we will move to use embedded database (like Apache Derby) for better performance.


Policy Set Extension Point

Extension point to allow user to add pre-defined policy set to the registry. We will load those pre-defined polic sets during startup, and add them to the policy database.


Policy Creation

Which means create policy with policy editor and associate policies to service component

Policy Editor

Two policy Editors in STP:

XEF Policy Editor: It is a generic schema based policy editor.
WTP based Policy Editor: Used to create policy following ws-policyattachment?

Policy Association / Policy View

Policy View will list all of the policies associated with a service component. Allow user to add/remove policy. The add action will bring up the policy editor.

Here is the screenshot:

Policy view.PNG

When user add/move policy from service component, the policy validator will be called.

Policy association during deployment

Maybe the deployment profile editor needs to be extended to support applying policies at deployment stage.


Policy Validation

The policy validation framework is used to define a validation mechanism when applying policies to a service component. Similar to policy editor. We will provide a policy validation rule editor for user to dynamic add/remove validation rules as well.

The validation rules will cover following category:

Policy Dependency

Define dependencies relationship between policies. Example:

<validation>
  <rule>
    <dependency policy_id = "policy A">
      <on policy_id="policy B", version="2.0"/>
      <on policy_id="policy C"/>
    </dependency>
  </rule>
</validation>

Policy Conflict

Define conflict relationship between policies Example:

<validation>
  <rule>
    <conflict policy_id = "policy A">
           <with policy_id="policy D", version="2.0" />
           <with policy_id="policy E" />
    </conflict>
  </rule>
</validation>


Policy Subject Constraints

Define the subject set which the policy may apply Example:"

<validation>
  <rule>
    <subjects policy_id = "policy A">
           <subject>endpoint</subject>
           <subject>message</subject>
    </subjects>
  </rule>
  <rule>
    <subjects policy_id = "policy B">
           <subject>message</subject>
    </subjects>
  </rule>
</validation>


Policy Validation Engine Implementation

Need to write a engine to support the about validation rules. When user add/remove a policy, we will call the engine to do the validating, the give meaningful error message if any.

eclipse.emf.validation

Need to looking into the emf.validation to see if we can use use it here. User defines the validation rules from GUI. How to translate those rules to emf validator class on the fly is a problem in that case.

rule based xml validator in stp

Alternative, we may think about extend the current rule based xml validator to support policy validation here.



User Roles

 *Policy Developer -- write policies and policy validation rules. write policy processor.
 *Service Developer -- write policy, config and apply existing policy to service component.
 *Deployment Assembler -- apply policies to services during deployment
 *Operator -- dynamic config/modify policies at runtime.

Runtime support

Example

Questions

Relations with SCA Policy Framework?

The SCA policy association framework allows policies and policy subjects specified using WS-Policy and WS-PolicyAttachment, as well as with other policy languages, to be associated with SCA components.

Reference