Support rule configuration in a web archive ------------------------------------------- Key: DROOLS-299 URL: https://issues.redhat.com/browse/DROOLS-299 Project: Drools Issue Type: Feature Request Affects Versions: 6.0.0.CR4 Reporter: Shane Bryzak Assignee: Mario Fusco Priority: Major I'm currently working on integration between PicketLink and Drools to provide rule-based security permissions which control access to protected application resources, similar to a feature that we had in Seam 2: https://github.com/seam2/jboss-seam/blob/Seam_2_3/jboss-seam/src/main/jav... The following quickstart (work in progress) is intended to demonstrate this integration: https://github.com/picketlink/picketlink-quickstarts/tree/master/picketli... Building this quickstart first requires building the latest trunk of PicketLink locally: https://github.com/picketlink/picketlink What we would like is to allow the developer to define their security rules in the war project itself. Currently the quickstart defines the following kmodule.xml file in the src/main/resources/META-INF directory: <?xml version="1.0" encoding="UTF-8"?> <kmodule xmlns="http://jboss.org/kie/6.0.0/kmodule"> <kbase name="security" default="true"> <ksession name="ksession1" default="true"/> </kbase> </kmodule> There is also a security-rules.drl file in the src/main/resources/security directory which defines the security rules. Deployment of the quickstart yields the following errors and partial stacktrace: 18:52:56,036 INFO [org.drools.compiler.kie.builder.impl.ClasspathKieProject] (MSC service thread 1-7) Found kmodule: vfs:/content/picketlink-authorization-drools.war/WEB-INF/classes/META-INF/kmodule.xml 18:52:56,036 INFO [org.drools.compiler.kie.builder.impl.ClasspathKieProject] (MSC service thread 1-7) Virtual file physical path = /home/shane/apps/jboss/standalone/tmp/vfs/tempa9983c4071e1249/picketlink-authorization-drools.war-1c243fd87ed695cf/WEB-INF/classes 18:52:56,060 WARN [org.drools.compiler.kie.builder.impl.ClasspathKieProject] (MSC service thread 1-7) Unable to load pom.properties tried recursing down from/home/shane/apps/jboss/standalone/tmp/vfs/tempa9983c4071e1249/picketlink-authorization-drools.war-1c243fd87ed695cf/WEB-INF/classes null 18:52:56,061 ERROR [org.drools.compiler.kie.builder.impl.ClasspathKieProject] (MSC service thread 1-7) Unable to build index of kmodule.xml url=vfs:/content/picketlink-authorization-drools.war/WEB-INF/classes/META-INF/kmodule.xml null 18:52:56,140 ERROR [org.drools.compiler.cdi.KieCDIExtension] (MSC service thread 1-7) Annotation @KSession(ksession1) found, but no KieSessioneModel exist. Either the required kproject.xml does not exist, was corrupted, or mising the KieBase entry 18:52:56,160 ERROR [org.jboss.msc.service.fail] (MSC service thread 1-7) MSC00001: Failed to start service jboss.deployment.unit."picketlink-authorization-drools.war".WeldService: org.jboss.msc.service.StartException in service jboss.deployment.unit."picketlink-authorization-drools.war".WeldService: org.jboss.weld.exceptions.DeploymentException: WELD-001408 Unsatisfied dependencies for type [KieSession] with qualifiers [@KSession] at injection point [[field] @Inject @KSession org.jboss.as.quickstarts.picketlink.authorization.drools.PermissionAuthorizer.kSession] at org.jboss.as.weld.services.WeldService.start(WeldService.java:83) Mario indicated (during a discussion on IRC) that the rules are currently expected to be deployed within a separate jar file (which is then packaged as a library in the war), however our users are likely to view this as an extraneous requirement. It would be far more convenient to allow them to create their rule definitions within the war project itself, and also be easier to promote this integration via tutorials and quickstarts. Thanks for looking into this!