Strategy when AM unavailable

When AM is unavailable, every request immediately returns an HTTP 403

When AM is unavailable, every request immediately return an HTTP 503

When AM is unavailable, incoming requests are matched against not-enforced rules. Access is granted to matched resources, everything else returns HTTP 403.

When AM is unavailable, incoming requests are matched against not-enforced rules. Access is granted to matched resources, everything else returns HTTP 503.

When AM is unavailable, incoming requests are matched against not-enforced rules. Unmatched requests are resolved against the cache. Requests unmatched by the cache result in HTTP 403. Cached entries expire naturally. Note that after the interval defined in "Policy Cache TTL" (org.forgerock.agents.policy.cache.ttl.minutes), this becomes exactly like EVAL_NER_ELSE_403.

When AM is unavailable, incoming requests are matched against not-enforced rules. Unmatched requests are resolved against the cache. Requests unmatched by the cache result in HTTP 503. Cached entries expire naturally. Note that after the interval defined in "Policy Cache TTL" (org.forgerock.agents.policy.cache.ttl.minutes), this becomes exactly like EVAL_NER_ELSE_503.

As soon as AM becomes unavailable, values in the agent caches are frozen and preserved indefinitely. Incoming requests are matched against not-enforced rules. Unmatched requests are resolved against the agent’s frozen cache. Requests not matching the cache result in HTTP 403.

As soon as AM becomes unavailable, values in the agent caches are frozen and preserved indefinitely. Incoming requests are matched against not-enforced rules. Unmatched requests are resolved against the agent’s frozen cache. Requests not matching the cache result in HTTP 503.