1 Reply Latest reply on Mar 20, 2013 10:57 PM by Kurt Stam

    Actions associated with synchronous policies

    Gary Brown Master

      Hi

       

      Firstly, to set the context, the runtime governance capabilities currently support the concept of 'asynchronously' executed policies - which means that the decision and any subsequent actions are performed outside the executing systems control flow, and therefore cannot be used to influence its execution.

       

      We are now looking to implement 'synchronously' executed policies, for cases where a decision needs to be made instantly, and potentially influence the execution of the business transaction.

       

      The question is what types of action we expect these policies to be able to perform. The obvious one is to block the invocation of a service and enable a reason to be returned to the calling service.

       

      However do we need other actions to be available?

       

      For example, are we expecting these policies to also be able to modify the message exchanges in some way (i.e. patch the message content)? This type of action may be more complex, and potentially risky (i.e. easy to introduce unexpected side effects).

       

      My personal view currently is that governance should be there to observe what is occurring, instigate actions (e.g. notify administrators) where necessary and in some situations block an action from occurring. Subtly changing the behaviour of a business transaction seems to be out of scope, but would like to hear opinions for and against?

       

      Regards

      Gary

        • 1. Re: Actions associated with synchronous policies
          Kurt Stam Master

          I agree that 'governance' should not be allowed to *change* business logic. It should only check/validate against predefinded rules and notify any violations and block the message from being processed by business logic. So it all happens *before* it is handed over to the business logic. If we allow it to change business logic then we have crossed a line and we are no longer 'governing', but rather became part of the business logic. We might offer other 'interceptors' to do this but thay should not be part of governance imo.

           

          --Kurt