PolicyEvaluationException
Hi,
I'm currently working on a project which requires Custom Conditions, which you can plug in, in AM (version 7).
Recently we made a Custom Condition and noticed that it was only consulted one time, at login time. After that, the Policy Decisions were cached. Since the requirement states that the Condition needs to kick in as the user selected another working data set, I've set the 'Subjects Result Time to Live' to '0' (Service Config->Policy Configuration).
After this, everything seemed to works fine, that is, locally. On local pc I have installed an agent which is linked to the AMDomain, no problem.
Now, when I'm testing on a unix domain, with his own agent, connecting to the same AMDomain, same source, same everything, I receive following exception:
com.sun.identity.policy.remote.PolicyEvaluationException: Received expired policy decision from serverfor resourceName=...
at com.sun.identity.policy.client.ResourceResultCache.getPolicyDecision(
ResourceResultCache.java:235)
at com.sun.identity.policy.client.PolicyEvaluator.getPolicyDecision(Poli
cyEvaluator.java:371)
at com.sun.identity.agents.policy.AmWebPolicy.checkPolicyForResource(AmW
ebPolicy.java:98)
at com.sun.identity.agents.filter.URLPolicyTaskHandler.process(URLPolicy
TaskHandler.java:105)
at com.sun.identity.agents.filter.AmFilter.processTaskHandlers(AmFilter.
java:185)
at com.sun.identity.agents.filter.AmFilter.isAccessAllowed(AmFilter.java
:152)
at com.sun.identity.agents.filter.AmAgentBaseFilter.doFilter(AmAgentBase
Filter.java:38)
....
Normally, if I would consult the PolicyEvaluator within my own code I would catch this exception and somehow try to deal with it. Now it seems that the agent filter itself is throwing this exception, which makes it more complex...
Does anyone have experience with this? I would be very grateful.
Many thanks in advance.
Regards,
Philip
