Uploaded image for project: 'Red Hat 3scale API Management'
  1. Red Hat 3scale API Management
  2. THREESCALE-6705

Provide configurable option per policy to accept/reject request if policy is not executed in policy chain

    XMLWordPrintable

Details

    • False
    • False
    • Not Started
    • Not Started
    • Not Started
    • Not Started
    • Not Started
    • Not Started
    • Yes
    • +
    • 0
    • 0% 0%
    • Undefined

    Description

      Current behaviour

      If a policy is not executed/loaded due to incorrect configuration, non-compliant code (applicable only to custom policies) or any other factors that could cause this behaviour, the policy chain is still executed and APIcast will not fail and continues to process requests based on cached policy chain.

      Expected behaviour

      If a policy is not executed/loaded due to incorrect configuration, non-compliant code (applicable only to custom policies) or any other factors that could cause this behaviour, the policy chain is not executed and the incoming request simply rejected.

      For context, if the policy which is not loaded/executed is expected to be part of the policy chain and has any sort of security level functionality then it is not expected that the request reaches the upstream. Rather than make the default behaviour to reject requests when this occurs it would be best to make this a configurable option per policy as some policies are not critical enough to cause APIcast to abort the request.

      Attachments

        Activity

          People

            Unassigned Unassigned
            rhn-support-keprice Kevin Price
            Carlo Palmieri Carlo Palmieri (Inactive)
            Eloy Coto Eloy Coto (Inactive)
            Votes:
            0 Vote for this issue
            Watchers:
            7 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: