Installation Guides › Implementation Guide › Performance Tuning › Application Tier Performance › SOA Security Manager Policy Objects and Performance Roadmap › Rules and Rule Groups

Rules and Rule Groups

You can improve or degrade performance during authorization in the way you configure realms.

You create rules or rule groups in the context of a realm. Rules:

• Identify the specific resources within a realm that require protection
• May be used to either allow or deny access to the resource based on specific authentication or authorization events.

The resource filter you define in the rule, which is prefixed with the realm filter, identifies the resource that requires protection.

The Policy Server evaluates rules to determine which resource filter best matches the requested resource. Upon a match, the Policy Server fires the policies to which the rule is bound to determine if the user is authorized to access the resource.

The number of rules within a realm and how you define each of the resource filters directly correlates to SOA Security Manager performance during authorization.

Note: For more information about rules, see the [set the co variable for your book].