Product Documentation

Use Case: Caching User Privileges

Oct 19, 2016

In this use case, user privileges ("GOLD", "SILVER", and so on) must be retrieved from an external web service.

To achieve this use case, perform the following operations:

  1. Create an HTTP callout to fetch the user privileges from the external web service.
    > add policy httpcallout get_user_privilege 
    > set policy httpcallout get_user_privilege -ipaddress 10.217.193.84 -port 80 -returntype text -httpmethod get -urlstemexpr '"/get_user_privilege"' -resultexpr 'http.res.body(5)'
    
  2. Store the privileges in a variable.
    > add ns variable user_privilege_map -type map(text(15),text(10),10000) -expires 1200 
    > add ns assignment set_user_privilege -variable $user_privilege_map[client.ip.src.typecast_text_t] -set sys.http_callout(get_user_privilege)
    
  3. Create a policy to check if there is already a cached entry for the client's IP address; if not, it calls the HTTP callout to set a map entry for the client.

    > add cmp policy set_user_privilege_pol -rule $user_privilege_map.valueExists(client.ip.src.typecast_text_t).not -resAction set_user_privilege

  4. Create a policy that compresses if the cached privilege entry for the client is "GOLD".

    > add cmp policy compress_if_gold_privilege_pol -rule '$user_privilege_map[client.ip.src.typecast_text_t].eq("GOLD")' -resAction compres

  5. Bind the compression policies globally.
    > bind cmp global set_user_privilege_pol -priority 10 NEXT 
    > bind cmp global compress_if_gold_privilege_pol -priority 20 END