Hello SB> The work-around currently is to set an environment variable SB> PEP_NOCACHE=true; which disables caching entirely, which is probably a SB> good idea whilst you are modifying policies (you can remove it once SB> you have a stable set).
Setting PEP_NOCACHE didn't seem to have any effect. I found that Fedora was storing FESLPOLICY datastreams in pdp/policy-db/. If I deleted the copy of my external FESLPOLICY, then it wasn't replaced, and Fedora behaved as if the policy didn't exist. I had to purge the datastream and add it again for it to appear and have an effect. SB> See SB> https://wiki.duraspace.org/display/FCR30/FeSL+Authorization#FeSLAuthorization-Policyevaluationresultscaching This page only mentions inline and managed datastreams. I changed my external datastream to managed, but again, I had to replace the content for a change to appear. I can't find a DBXML database file anywhere. I don't know if this is significant, or if FeSL is doing OK without DBXML. I haven't seen anything in the logs complaining about it. I'm using version 3.5 SNAPSHOT. Below is my installer.properties. Now that I know how to get policies refreshed, I could maybe even script the actions, so it isn't a major problem. But I'm puzzled as to why it doesn't behave in the way you described. Swithun. #Install Options #Tue May 03 10:31:57 BST 2011 keystore.file=/home/archive/keystore/server.jks ri.enabled=true messaging.enabled=true apia.auth.required=false database.jdbcDriverClass=org.apache.derby.jdbc.EmbeddedDriver tomcat.ssl.port=8443 ssl.available=true database.jdbcURL=jdbc\:derby\:/opt/fedora35_2/derby/fedora3;create\=true messaging.uri=vm\:(broker\:(tcp\://localhost\:61616)) database.password=fedoraAdmin keystore.type=JKS fesl.dbxml.home=/usr/local/BerkeleyDBXML.2.5.16 database.username=fedoraAdmin fesl.authz.enabled=true tomcat.shutdown.port=8005 deploy.local.services=true xacml.enabled=false tomcat.http.port=8080 fedora.serverHost=itspc-cs2.st-andrews.ac.uk database=included database.driver=included fedora.serverContext=fedora keystore.password=fedoraAdmin llstore.type=akubra-fs tomcat.home=/opt/alfresco/tomcat fesl.authn.enabled=true fedora.home=/opt/fedora35_2 install.type=custom servlet.engine=existingTomcat apim.ssl.required=true fedora.admin.pass=fedoraAdmin apia.ssl.required=false -- The University of St Andrews is a charity registered in Scotland: SC013532 ------------------------------------------------------------------------------ Achieve unprecedented app performance and reliability What every C/C++ and Fortran developer should know. Learn how Intel has extended the reach of its next-generation tools to help boost performance applications - inlcuding clusters. http://p.sf.net/sfu/intel-dev2devmay _______________________________________________ Fedora-commons-users mailing list Fedora-commons-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/fedora-commons-users
