Configuring Policy Editor database service connections
You can configure the pooling mechanism and add allowed drivers for database service connections when developing and testing such services in external policy decision point (PDP) mode.
About this task
A database pool is a cache of database connections that PingAuthorize uses to manage system performance. Instead of establishing a new connection each time the server needs to retrieve policy information from the database, PingAuthorize leverages an existing connection from the database pool. PingAuthorize creates a database pool for each database service you define, and the pool configuration specified in the Policy Editor will apply to each pool.
Steps
-
Make a copy of the default options file:
$ cp config/options.yml my-options.yml
-
In the
databasePools
section of the newoptions
file, modify the following database pool properties:Property Description connectionTimeoutMillis
Specifies the maximum number of milliseconds that a connection request waits for an available connection in the database pool.
validationTimeoutMillis
Specifies the maximum number of milliseconds that a database pool tests a connection for aliveness.
maximumLifetimeMillis
Specifies the maximum number of milliseconds that a connection stays in the database pool. The database pool will only remove a connection if the maximum lifetime elapses and the connection is no longer active.
Setting this property to any value between 0 and 30000 will have no effect.
Setting this property to 0 makes the maximum lifetime indefinite.
maximumSize
Specifies the maximum number of connections in a database pool.
readOnly
Specifies whether the database pools are read-only. Some database types do not support the read-only mode. If the database type does not support the read-only mode, the database pools will be read-write regardless of the value of this property.
-
To add a database driver other than PostgreSQL or Oracle, in the
allowedDatabaseDrivers
section of the new options file, add a new driver in the form of a key-value pair.The key must be in the format
.driver
, and the value must be the fully qualified Java class name of the driver.Example:
postgresql.driver: "org.postgresql.Driver" oracle.driver: "oracle.jdbc.driver.OracleDriver"
-
Stop the Policy Editor.
$ bin/stop-server
-
Run
setup
using the--optionsFile
argument and customize all other options as needed.Example:
$ bin/setup demo \ --adminUsername admin \ --generateSelfSignedCertificate \ --decisionPointSharedSecret pingauthorize \ --hostname <pap-hostname> \ --port <pap-port> \ --adminPort <admin-port> \ --licenseKeyFile <path-to-license> \ --optionsFile my-options.yml
-
Start the Policy Policy Editor.
$ bin/start-server