Folks,
Are there any plans to tweak Drools to allow it to run in a security
constrained environment such as Google App Engine or Applets? I know some of
the other
JBoss.org projects have this on the 'todo' list.
When I try to load a simple web application using drools into the Google App
Engine, I get the error below.The app itself is the sample 8 from the
following web page, but tweaked according to the Google 'howto' to get it up
and running in the app engine;
http://code.google.com/p/red-piranha/
My understanding of the problem is that drools is using File access to check
if the configuration file exists the first time it is run. This is
constrained in App Engine - just like the J2EE spec says it should be
(although most other app servers allow you to get away with this!). I know
that if I tweak the source code there will be other points where similar
file access is required.
While not trivial, would it be possible to add a one-line check for that the
user has permission to do file.io before calling File.Exists (the
alternative , of catching and ignoring the AccessControlException is ugly!).
The hardest part of this is that the check would need to be added at
multiple points in the Drools source code.
Any thoughts / comments/ suggestions?
Paul
www.firstpartners.net/blog
WARNING: java.security.AccessControlException: access denied
(java.io.FilePermission /home/paul/drools.rulebase.conf read)
13-May-2009 09:04:16 com.google.apphosting.utils.jetty.JettyLogger warn
WARNING: Nested in javax.servlet.ServletException:
java.security.AccessControlException: access denied (java.io.FilePermission
/home/paul/drools.rulebase.conf read):
java.security.AccessControlException: access denied (java.io.FilePermission
/home/paul/drools.rulebase.conf read)
at
java.security.AccessControlContext.checkPermission(AccessControlContext.java:323)
at
java.security.AccessController.checkPermission(AccessController.java:546)
at java.lang.SecurityManager.checkPermission(SecurityManager.java:532)
at
com.google.appengine.tools.development.DevAppServerFactory$CustomSecurityManager.checkPermission(DevAppServerFactory.java:76)
at java.lang.SecurityManager.checkRead(SecurityManager.java:871)
at java.io.File.exists(File.java:731)
at
org.drools.util.ChainedProperties.loadProperties(ChainedProperties.java:225)
at org.drools.util.ChainedProperties.<init>(ChainedProperties.java:59)
at org.drools.util.ChainedProperties.<init>(ChainedProperties.java:31)
at org.drools.util.ChainedProperties.<init>(ChainedProperties.java:25)
at org.drools.RuleBaseConfiguration.init(RuleBaseConfiguration.java:174)
at
org.drools.RuleBaseConfiguration.<init>(RuleBaseConfiguration.java:133)
at org.drools.common.AbstractRuleBase.<init>(AbstractRuleBase.java:147)
at org.drools.reteoo.ReteooRuleBase.<init>(ReteooRuleBase.java:124)
at org.drools.reteoo.ReteooRuleBase.<init>(ReteooRuleBase.java:101)
at org.drools.RuleBaseFactory.newRuleBase(RuleBaseFactory.java:57)
at org.drools.RuleBaseFactory.newRuleBase(RuleBaseFactory.java:38)
at net.firstpartners.drools.RuleRunner.loadRules(RuleRunner.java:39)
at
net.firstpartners.drools.RuleRunner.runStatelessRules(RuleRunner.java:167)
at net.firstpartners.rp2.rp2Servlet.callRules(rp2Servlet.java:96)
at net.firstpartners.rp2.rp2Servlet.service(rp2Servlet.java:137)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:806)
at
org.mortbay.jetty.servlet.ServletHolder.handle(ServletHolder.java:487)
at
org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1093)
at
com.google.apphosting.utils.servlet.TransactionCleanupFilter.doFilter(TransactionCleanupFilter.java:43)
at
org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1084)
at
org.mortbay.jetty.servlet.ServletHandler.handle(ServletHandler.java:360)
at
org.mortbay.jetty.security.SecurityHandler.handle(SecurityHandler.java:216)
at
org.mortbay.jetty.servlet.SessionHandler.handle(SessionHandler.java:181)
at
org.mortbay.jetty.handler.ContextHandler.handle(ContextHandler.java:712)
at org.mortbay.jetty.webapp.WebAppContext.handle(WebAppContext.java:405)
at
com.google.apphosting.utils.jetty.DevAppEngineWebAppContext.handle(DevAppEngineWebAppContext.java:54)
at
org.mortbay.jetty.handler.HandlerWrapper.handle(HandlerWrapper.java:139)
at
com.google.appengine.tools.development.JettyContainerService$ApiProxyHandler.handle(JettyContainerService.java:306)
at
org.mortbay.jetty.handler.HandlerWrapper.handle(HandlerWrapper.java:139)
at org.mortbay.jetty.Server.handle(Server.java:313)
at
org.mortbay.jetty.HttpConnection.handleRequest(HttpConnection.java:506)
at
org.mortbay.jetty.HttpConnection$RequestHandler.headerComplete(HttpConnection.java:830)
at org.mortbay.jetty.HttpParser.parseNext(HttpParser.java:514)
at org.mortbay.jetty.HttpParser.parseAvailable(HttpParser.java:211)
at org.mortbay.jetty.HttpConnection.handle(HttpConnection.java:381)
at
org.mortbay.io.nio.SelectChannelEndPoint.run(SelectChannelEndPoint.java:396)
at
org.mortbay.thread.BoundedThreadPool$PoolThread.run(BoundedThreadPool.java:442)