Adding a filesystem deployment package store - PingAuthorize - 9.1

PingAuthorize
bundle
pingauthorize-91
ft:publication_title
PingAuthorize
Product_Version_ce
PingAuthorize 9.1
category
ContentType
Product
Productdocumentation
paz-91
pingauthorize
ContentType_ce
Product documentation

To use the Deployment Manager, add a deployment package store for read access to the PingAuthorize server.

Use the administrative console or dsconfig to add the deployment package store.

Adding a new filesystem deployment package store using the administrative console

  1. In the administrative console, go to Configuration > Authorization and Policies > Deployment Package Stores.
  2. Click New Deployment Package Store.
  3. In the New Deployment Package Store list, select Filesystem Deployment Package Store.
  4. Complete the General Configuration fields:
    1. In the Name field, enter a name for the deployment package store.
    2. In the Poll Interval field, enter a value in seconds for how often the directory should be polled for changes.
      Note:

      A value of 0 only updates on start-up.

    3. In the Poll Directory field, enter the directory where the deployment package is stored locally.
  5. Optional: Complete the Policy Security fields.
    Note:

    If you select signed in the Deployment Package Security Level field, you must complete the Deployment Package Trust Store field.

  6. Click Save To PingAuthorize Server Cluster.

    Your filesystem deployment package store is displayed on the Deployment Package Stores page.

Configure the PingAuthorize server to use embedded PDP mode with your deployment package store.

Adding a new filesystem deployment package store using dsconfig

Run dsconfig with the create-deployment-package-store option:
  • Create a store with an unsigned deployment package.
    dsconfig create-deployment-package-store \
   --store-name "<store-name>"  \
   --type filesystem  \
   --set "poll-interval:<poll-interval>"  \
   --set "poll-directory:<filesystem-directory>"
  • Create a store with deployment-package-security-level set to signed.
    dsconfig create-deployment-package-store \
  --store-name "<store-name>" \
  --type filesystem \
  --set "poll-interval:<poll-interval>" \
  --set deployment-package-security-level:signed \
  --set "deployment-package-trust-store:<trust-store-provider-name>" \
  --set "deployment-package-verification-key-nickname:<key-nickname>" \
  --set "poll-directory:<filesystem-directory>"

Configure the PingAuthorize server to use embedded PDP mode with your deployment package store.