Hi Avdhut, The PyPDP currently works as a proxy between REST clients, and the XACML PDP. It proxies the 2 message formats. I’m told though that the PyPDP is going away and its functionality integrated into the XACML PDP. Hope this helps.
Best regards, Jorge From: KHOLKAR, AVDHUT Sent: Thursday, April 27, 2017 1:51 AM To: HERNANDEZ-HERRERO, JORGE <jh1...@att.com>; onap-discuss@lists.onap.org Subject: RE: [onap-discuss] [Policy] PyPDPServer(PEP) get notification from XACML PDP Hi Jorge, Can you please explain the functional difference between XACML PDP and PyPDP. The architecture description, https://wiki.onap.org/display/DW/Policy<https://urldefense.proofpoint.com/v2/url?u=https-3A__wiki.onap.org_display_DW_Policy&d=DwMGaQ&c=LFYZ-o9_HUMeMTSQicvjIg&r=AOclne09odx6cmeimzFUhQ&m=DaypU7sOzEHstwlqXfCy7wi_h1B-jXTcwBaPyPRjYj0&s=Z5DEuVjyxl2EJgq-AD4VSvxgxkvXFAMBJHbMPQFEMjI&e=>, does not explain PyPDP. From what I gather, both are XACML PDP engines but not sure of the difference. Both these components are also deployed in separate containers. The below email mentions PyPDP supporting a PEP function – is this related to the API’s exposed to retrieve Policy configuration rather than evaluating a XACML request and returning decision. Regards, Avdhut Kholkar From: onap-discuss-boun...@lists.onap.org<mailto:onap-discuss-boun...@lists.onap.org> [mailto:onap-discuss-boun...@lists.onap.org] On Behalf Of HERNANDEZ-HERRERO, JORGE Sent: Thursday, April 27, 2017 12:16 AM To: onap-discuss@lists.onap.org<mailto:onap-discuss@lists.onap.org> Subject: Re: [onap-discuss] [Policy] PyPDPServer(PEP) get notification from XACML PDP Here is some info I got from my colleague Tarun Tej, hopefully answers your questions. –Jorge There are two ways that a PyPDPServer (PEP) can receive a notification from PDP. 1) Through Websockets. We use websocket as internal mode of communication between PDP and PEP. (default) 2) It can also use UEB. callPDP method in turn makes a REST call to PDP component and returns back a response from PDP (XACML). The XACML response from PDP is converted back to Config /action or decision responses depending on the call made. The non-deprecated version of getDecision is getDecision(DecisionRequestParameters decisionRequestParameters). There are currently three calls that are supported by PEP (Policy XACML) 1) getConfig – This is a configuration based policy. When made a request the response should give back a configuration if a permit. 2) getDecision – This is a generic decision based policy. The response contains either a permit or deny. 3) sendEvent – This is an action based decision policy. Where upon occurrence of few events (signatures) the POLICY can either perform an action or suggest an action to be taken by the PEP. Hope this answers all the questions here. Regards, Tarun Tej. From: onap-discuss-boun...@lists.onap.org<mailto:onap-discuss-boun...@lists.onap.org> [mailto:onap-discuss-boun...@lists.onap.org] On Behalf Of Jingjing Zhang Sent: Tuesday, April 25, 2017 10:30 AM To: onap-discuss@lists.onap.org<mailto:onap-discuss@lists.onap.org> Subject: [onap-discuss] [Policy] PyPDPServer(PEP) get notification from XACML PDP I am wondering how does PyPDPServer(PEP) in XACML get notification from XACML PDP. PEP(PyPDPServer) queries XACML PDP using callPDP function in StdPolicyEngine.java. But how does PDP notify its decision to PEP? getDecision() in PolicyEngine.java is deprecated. sendEvent() function is not called by anyone. I didn't see how PEP get response from PDP. It's supposed to use either getDecision() or sendEvent(). But it looks like both are not called by anything else except tests. -- Regards! Zhang, Jingjing This message and the information contained herein is proprietary and confidential and subject to the Amdocs policy statement, you may review at https://www.amdocs.com/about/email-disclaimer<https://urldefense.proofpoint.com/v2/url?u=https-3A__www.amdocs.com_about_email-2Ddisclaimer&d=DwMGaQ&c=LFYZ-o9_HUMeMTSQicvjIg&r=AOclne09odx6cmeimzFUhQ&m=DaypU7sOzEHstwlqXfCy7wi_h1B-jXTcwBaPyPRjYj0&s=7EvfePHnnWtUPPIosv6Qcig48r8LobGhcubi12UYC48&e=> Amdocs Development Centre India Private Limited having CIN: U72200PN2004PTC0188320 converted into Amdocs Development Centre India LLP (A limited liability partnership with LLP Identification Number: AAI-6901 effective 28th Feb 2017)
_______________________________________________ onap-discuss mailing list onap-discuss@lists.onap.org https://lists.onap.org/mailman/listinfo/onap-discuss
