Folks,

Are there any plans to tweak Drools to allow it to run in a security constrained environment such as Google App Engine or Applets? I know some of the other JBoss.org projects have this on the 'todo' list.

When I try to load a simple web application using drools into the Google App Engine, I get the error below.The app itself is the sample 8 from the following web page, but tweaked according to the Google 'howto' to get it up and running in the app engine; http://code.google.com/p/red-piranha/

My understanding of the problem is that drools is using File access to check if the configuration file exists the first time it is run. This is constrained in App Engine - just like the J2EE spec says it should be (although most other app servers allow you to get away with this!). I know that if I tweak the source code there will be other points where similar file access is required.

While not trivial, would it be possible to add a one-line check for that the user has permission to do file.io before calling File.Exists  (the alternative , of catching and ignoring the AccessControlException is ugly!). The hardest part of this is that the check would need to be added at multiple points in the Drools source code.

Any thoughts / comments/ suggestions?

Paul

www.firstpartners.net/blog


WARNING: java.security.AccessControlException: access denied (java.io.FilePermission /home/paul/drools.rulebase.conf read)
13-May-2009 09:04:16 com.google.apphosting.utils.jetty.JettyLogger warn
WARNING: Nested in javax.servlet.ServletException: java.security.AccessControlException: access denied (java.io.FilePermission /home/paul/drools.rulebase.conf read):
java.security.AccessControlException: access denied (java.io.FilePermission /home/paul/drools.rulebase.conf read)
    at java.security.AccessControlContext.checkPermission(AccessControlContext.java:323)
    at java.security.AccessController.checkPermission(AccessController.java:546)
    at java.lang.SecurityManager.checkPermission(SecurityManager.java:532)
    at com.google.appengine.tools.development.DevAppServerFactory$CustomSecurityManager.checkPermission(DevAppServerFactory.java:76)
    at java.lang.SecurityManager.checkRead(SecurityManager.java:871)
    at java.io.File.exists(File.java:731)
    at org.drools.util.ChainedProperties.loadProperties(ChainedProperties.java:225)
    at org.drools.util.ChainedProperties.<init>(ChainedProperties.java:59)
    at org.drools.util.ChainedProperties.<init>(ChainedProperties.java:31)
    at org.drools.util.ChainedProperties.<init>(ChainedProperties.java:25)
    at org.drools.RuleBaseConfiguration.init(RuleBaseConfiguration.java:174)
    at org.drools.RuleBaseConfiguration.<init>(RuleBaseConfiguration.java:133)
    at org.drools.common.AbstractRuleBase.<init>(AbstractRuleBase.java:147)
    at org.drools.reteoo.ReteooRuleBase.<init>(ReteooRuleBase.java:124)
    at org.drools.reteoo.ReteooRuleBase.<init>(ReteooRuleBase.java:101)
    at org.drools.RuleBaseFactory.newRuleBase(RuleBaseFactory.java:57)
    at org.drools.RuleBaseFactory.newRuleBase(RuleBaseFactory.java:38)
    at net.firstpartners.drools.RuleRunner.loadRules(RuleRunner.java:39)
    at net.firstpartners.drools.RuleRunner.runStatelessRules(RuleRunner.java:167)
    at net.firstpartners.rp2.rp2Servlet.callRules(rp2Servlet.java:96)
    at net.firstpartners.rp2.rp2Servlet.service(rp2Servlet.java:137)
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:806)
    at org.mortbay.jetty.servlet.ServletHolder.handle(ServletHolder.java:487)
    at org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1093)
    at com.google.apphosting.utils.servlet.TransactionCleanupFilter.doFilter(TransactionCleanupFilter.java:43)
    at org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1084)
    at org.mortbay.jetty.servlet.ServletHandler.handle(ServletHandler.java:360)
    at org.mortbay.jetty.security.SecurityHandler.handle(SecurityHandler.java:216)
    at org.mortbay.jetty.servlet.SessionHandler.handle(SessionHandler.java:181)
    at org.mortbay.jetty.handler.ContextHandler.handle(ContextHandler.java:712)
    at org.mortbay.jetty.webapp.WebAppContext.handle(WebAppContext.java:405)
    at com.google.apphosting.utils.jetty.DevAppEngineWebAppContext.handle(DevAppEngineWebAppContext.java:54)
    at org.mortbay.jetty.handler.HandlerWrapper.handle(HandlerWrapper.java:139)
    at com.google.appengine.tools.development.JettyContainerService$ApiProxyHandler.handle(JettyContainerService.java:306)
    at org.mortbay.jetty.handler.HandlerWrapper.handle(HandlerWrapper.java:139)
    at org.mortbay.jetty.Server.handle(Server.java:313)
    at org.mortbay.jetty.HttpConnection.handleRequest(HttpConnection.java:506)
    at org.mortbay.jetty.HttpConnection$RequestHandler.headerComplete(HttpConnection.java:830)
    at org.mortbay.jetty.HttpParser.parseNext(HttpParser.java:514)
    at org.mortbay.jetty.HttpParser.parseAvailable(HttpParser.java:211)
    at org.mortbay.jetty.HttpConnection.handle(HttpConnection.java:381)
    at org.mortbay.io.nio.SelectChannelEndPoint.run(SelectChannelEndPoint.java:396)
    at org.mortbay.thread.BoundedThreadPool$PoolThread.run(BoundedThreadPool.java:442)