AZMan & MSE

Topics: Technical Questions
Apr 19, 2010 at 2:58 PM

Good morning all,

We are working on implementing MSE with AZMan and looks like if a change is made in the AZMan group associated with MSE policy, I have to restart the MSE runtime service for it the change to take effect. This might be toroublesome in production as users are added or removed from groups. Is there a configuration in MSE that I am missing or is this by design?

Thanks,

SDFusion Team!

Apr 21, 2010 at 11:20 AM

Hi,

If you put your policy such a way that it needs to check Azman to authorize the user for each call, then you dont need to restart the MSE runtime to make the changes effect.

so for each call, MSE policy will check the azman & get the updates.

Vivek

 

Apr 21, 2010 at 1:43 PM

Thank you very much Vivek,

If I may impose one more question, we are using AzMan store and with that how do I go about configuring the policy to do check AzMan each time? We are very inexperienced with MSE.

Thanks

Ashish

Apr 22, 2010 at 8:53 AM

Hi Ashish,

1. Create a service authorization behaviour to access azman and check to authorize.
2. In MSE, using Tools->Load policy components, create a policy for this behaviour. [there are already available discussions in this MSE discussions]
3. Associate the created policy to Runtime server ex. LocalRS.

So, when a call comes inside MSE, this service behaviour is invoked inturn accesses azman to authorize the user for a particular operation.

Hope this helps you :)

Cheers,

Vivek