[Enhancement] Performance improvement for the server security connector

[mandy-chessell]

Is there an existing issue for this?

• I have searched the existing issues

Please describe the new behavior that that will improve Egeria

This is a performance improvement related to the server metadata security connector.

Current design

This connector supports multiple specialized interfaces that each focus on securing particular types of element. For example, there is a specific interface for assets, another for connections etc. A specific implementation may choose to implement a subset of these interfaces. It is also possible to run the server without a metadata security connector.

In the OMAGServerPlatform, calls to the interface are managed by the metadata security module. It offers an interface to the calling components that matches all of the security connector's interfaces. The calling components call the metadata secuity module at the appropriate points in the call path and the metadata security module determines if the security connector (if any) implements that part of the interface and hence needs to be called.

This design means that the calling modules do not need to handle missing, or incomplete security connectors and the aim is to keep that aspect.

Proposed enhancement

Because the security module supports the same interface as the security connector, callers need to transform the element to be tested into the security beans used on the connector API. If the connector is either not installed or does not support that API, then this transformation is wasted. The proposed improvement is to move the logic that builds the security beans into the metadata security module and give it an interface that matches the format used by the caller (probably OMRS Beans). This means that the metadata security module can test if the connector is present and supporting the appropriate interface before building the security beans.

This should have no effect on the performance when the security connector is in place and implementing the corresponding interfaces. However, when the security connector is not installed, or is supporting a selection of the available interfaces, the code path to decide there is no securty check to make will be faster.

Alternatives

Leave the function as it is.

Any Further Information?

• How metadata security works

Would you be prepared to be assigned this issue to work on?

• I can work on this

[github-actions]

This issue has been automatically marked as stale because it has not had recent activity. It will be closed in 20 days if no further activity occurs. Thank you for your contributions.