Policy Enforcement Points (PEPs)
Policy Enforcement Points (PEPs) are components that intercept requests to the DirX Access Server and handle authentication and authorization processes. They are deployed on web servers, where they can manage incoming requests before they reach the access server. For mor details, see the PEPs page.
Performance testing scenario
The client (JMeter) sends login requests through the form method. Each request includes a login name and password. These requests are sent to Web Server, where the PEP is deployed. The PEP then creates a single sign-on (SSO) request based on the received request and sends it to the DirX Access Server. The DirX Access Server verifies the login data and sends the result back to the PEP, which processes the response and sends the result to the client. Testing scenario is depicted in Figure 1.
Chosen Testing Types
This chapter will describe two main testing types. One of them is Maximal Performance State and the second one is Unstable Environment
Maximal Performance State
Maximal Performance State testing focuses on assessing the system’s highest achievable throughput under ideal conditions. Performance is measured for both a dual server configuration and a single server configuration and then compared. Example of the testing result is depicted in Figure 2. The y-axis represents the number of transactions per second, while the x-axis indicates the elapsed time in minutes, with a one-minute granularity. The green line corresponds to the dual server configuration, and the red line corresponds to the single server configuration.
Unstable environment
This test focuses on the ability of the PEP implementation to detect unavailable servers. In addition, it must be able to detect if unavailable servers are not available again. In this scenario, the same test as the maximum performance test is used, but we do not focus on absolute values as these may be biased by the instability of the environment. Example of the testing result is depicted in Figure 3.
DXA nodes and their corresponding graph annotations are depicted by following table:
| DirX Access node | Graph annotation |
|---|---|
DirX Access Server 1 |
S1 |
DirX Access Server 2 |
S2 |
DirX Access PEP |
PEP |
The whole stability testing scenario takes almost 50 minutes. In the first half, we focus on DXA Servers which show how throughput is affected with both, one or no servers running. The second half of the figure focuses on PEP’s ability to re-establish connections after restarting the web server. It also shows that PEP can be started without DXA servers running and will start communicating with them when they start.
