Tutorials SOA DevelopmentIn order to enforce the two policies mentioned earlier, which were:
1. All requests must contain appropriate credentials to identify the source of the request.
2. Based on the source identified, requests must be routed to the appropriate version of the service.
the basic operations would be:
1. In the policy management point, configure a policy for the service endpoint that applies to all consumers which states that only requests that contain credentials in the format desired will be allowed. Any request that does not contain credentials, or contains credentials in the wrong format will be rejected.
2. In the policy management point, for each authorized consumer, define a policy that routes the request to the appropriate endpoint or applies appropriate transformations to the incoming request and outgoing response.
The policy enforcement approach can be thought of as a pipeline of decisions, ultimately resulting in a rejection of the request or the correct routing to the appropriate endpoint. Visually depicted, it looks like this:
Policy Enforcement Point Policy Decision Point Policy Cache Extract Credentials Return Fault Failed Succeed If Consumer A If Consumer B If Consumer C Transform Request Route Request Route Request Route Request Service Version 3 Service Provider Service Version 2 Service Provider There are a number of different categories of vendor products that are capable of providing this concept of policy driven infrastructure, providing a platform for the implementation of the policy pipeline as seen in the preceding figure.
