After you successfully set up the PingDataGovernance Policy Administration GUI, you must start the server and then configure PingDataGovernance Server to use the Policy Administration GUI as its policy decision point (PDP).
To start the Policy Administration GUI, run the following command.
Then, sign on to the Policy Administration GUI. For more information, see Signing on to the PingDataGovernance Policy Administration GUI and import a policy snapshot. You can find a set of default policies in the resource/policies/defaultPolicies.SNAPSHOT file.
To configure PingDataGovernance Server to use the Policy Administration GUI, use dsconfig or the Administrative Console to create a Policy External Server to represent the Policy Administration GUI, then assign the Policy External Server to the Policy Decision Service and configure it to use external PDP mode. Also, set the Trust Framework Version to the current version, v2. Consider the following example.
dsconfig create-external-server \ --server-name "Policy Administration GUI" \ --type policy \ --set "base-url:https://<pap-hostname>:<pap-port>" \ --set "shared-secret:datagovernance" \ --set "branch:Default Policies" \ dsconfig set-policy-decision-service-prop \ --set pdp-mode:external \ --set "policy-server:Policy Administration GUI" --set trust-framework-version:v2
In the example, the base URL consists of the host name and port chosen for the Policy Administration GUI during setup. Similarly, the shared secret value was chosen during setup. The branch name corresponds to the branch name that you chose when importing your policy snapshot. The decision node is the ID of the root node in your policy tree. If you are using the default policies, then use the ID shown in the example.