Drools BRMS Secrity Features
by Vikrant Yagnick
Hi All,
I have a question on using the BRMS which I am unable to find any answers on the internet.
Does the JBOSS Rules BRMS have any security features in terms of "Role Based Access". For example, is there a way out of the box to specify that user-A can access only these rules (or categories or packages ) and User-B can access this bit only.
It need not be too sophisticated.
If it is not available at a Rules Level , can it be implemented at a JSP level. That is put in Sever specific URL Filters to not allow access to certain pages(if a page can correspond to a rule)?
Any, help in this regard will be a tremendous help for me to make some design decisions regarding the BRMS.
Cheers,
Vikrant
MASTEK LTD.
Mastek in NASSCOM's 'India Top 20' Software Service Exporters List.
In the US, we're called MAJESCOMASTEK
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Opinions expressed in this e-mail are those of the individual and not that of Mastek Limited, unless specifically indicated to that effect. Mastek Limited does not accept any responsibility or liability for it. This e-mail and attachments (if any) transmitted with it are confidential and/or privileged and solely for the use of the intended person or entity to which it is addressed. Any review, re-transmission, dissemination or other use of or taking of any action in reliance upon this information by persons or entities other than the intended recipient is prohibited. This e-mail and its attachments have been scanned for the presence of computer viruses. It is the responsibility of the recipient to run the virus check on e-mails and attachments before opening them. If you have received this e-mail in error, kindly delete this e-mail from desktop and server.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
15 years, 6 months
Checking facts between them
by Delaunay Gaetan
Hi all,
I was wondering if it was possible to create a rule which checks if a
fact is equal to another one. For example in my case i'd like to compare
the date of fact with the date of fact +1. I hope you understand what i
mean.
What kind of rule will be suitable to do that?
Thanks
Gaetan
15 years, 6 months
effective dates at package level
by hongyu lu
Is it possible to specify effective dates at package level instead of per rule based?
We would like to organize rules by package and manage at that
level. e.g., enable/disable all rules of a particular package as a
whole.
I tried to mimic it with package global variable, but it
doesn't look like you can assign a value to a global variable at
declaration?
thanks
Jeff
15 years, 6 months
How to kill drools?
by Руслан Сорокин
Hello rule-users,
How to kill drools? WorkingMemory.dispose() is not working - Drools
working all the same :(
Sincerely,
Ruslan Sorokin
sorokin(a)oogis.ru
15 years, 7 months
wrapping drools api?
by thomaskukofka@web.de
Hello,
some people write about wrapping the Drools API with an own access API
for integration in the application.
Sorry for the perhaps stupid question, but what is the reason for this?
Does this only make sense if I'm thinking about changing the rule
engine one day?
If I'm not intending to change the rule engine from Drools to another,
so isn't it the same if the developpers has to use the native Drools API
or an self-written access API?
Regards
Tom
15 years, 7 months
firing rules without modifying activations
by Fermion
Hi,
I'm doing an expert system for a highly complex high energy physics detector
(CERN->ATLAS->Pixel Detector->Detector Control System).
In principle the detector is a complex machine with a rather hierarchical
structure.
The idea is to use a Drools based expert system to inform the operator of
the Detector about what to do in case of a problem. The system itself is
controlled by something that we call a "Finite State Machine" which is
reducing the complex operation of the detector to a number of simple
button-actions.
As the Finite State Machine does not suggest, what to do, if something goes
wrong, the expert system should do that.
In order to do so, the expert system shall display "solution advices" to the
Detector operator. As there can be many unrelated problems at the same time,
we use a tree-structure to show, where in the Detector the problem happened.
If a rule gets activated by a fact (in my case a process parameter of the
detector, e.g. a temperature), the corresponding node in the tree is being
highlighted by a dedicated icon. Once the facts change and the activation is
cancelled, we remove the highlighting icon, so that the tree only shows the
current activations (we don't need logging here, as this is done elsewhere).
This works absolutely fine for us, BUT:
We can't FIRE the activations, as this would immediately remove them from
the agenda, which in turn would remove them from our tree => no operator
would see them.
At first I thought, that NOT-FIRING those activations wouldn't hurt, as we
just wrote the "solution" on the RHS of the rule and parsed this RHS by
ourselves. This way, we displayed the solution belonging to a given
activation as long as it was still on the agenda.
You can see, that the main problem of this is that one CANNOT do things
like:
PrintSolution("Reason for problem is a over-temperature of: " + $temp + "°C
on Module: " + $moduleName);
In our case we could still parse the code, but would be unable to access the
local variables $temp and $moduleName (example) without actually firing the
rule.
Firing the rule on the other hand would cancel it's activation, rendering
our display tree useless.
I think the thing that would be most usefull for us would be a way to fire a
rule "silently", without notifying the agenda about it (so that the
activation would NOT be removed).
I'm not sure whether I was able to explain the problem sufficiently, but
maybe someone has an idea how to handle the situation.
Thanks very much!
--
View this message in context: http://www.nabble.com/firing-rules-without-modifying-activations-tp196235...
Sent from the drools - user mailing list archive at Nabble.com.
15 years, 7 months
Problem with RuleFlow: Split
by Sangrish
Hi all,
I have a condition on an attribute of a few inserted objects(all of
same type) in the Split node of a ruleflow. During rule execution phase I
see that the condition holds true for all the inserted objects even when the
attribute has different values in different objects.
I mined the mailing list for it and found that this was a known problem
in July 2007 and workarounds were suggested for it. Is this problem still
there? I am using Drools 4.0.7
The condition looks like: Author( attribute == -1 )
and it holds for all objects if at least one of them has the attribute set
to -1. If none of them is -1 only then
the condition is not satisfied.
A solution I can think of is to insert objects one by one and fire all rules
after every insertion and retract object every time you fire. Will it be
inefficient? I can potentially have 10s of thousand of such objects.
Thanks
Siddharth
--
View this message in context: http://www.nabble.com/Problem-with-RuleFlow%3A-Split-tp19618925p19618925....
Sent from the drools - user mailing list archive at Nabble.com.
15 years, 7 months
activationCancelled() not being executed?
by Fermion
Hi!
I'm using a JTable to display rules that have been activated.
My goal is to have the table display a set of activations ordered by their
salience. The user should then choose which one of them to fire (if you want
to know why, be invited to read the background).
Of course this makes only sense as long as the activations are valid. Rules
whose activation has been cancelled should still be displayed, but in a
different style (like greyed out).
In order to accomplish this, I want to use an implementation of the
AgendaEventListener-interface, implementing the
activationCancelled()-method.
The Listener itself works, as I use the activationCreated()-method to add
the rule as a row to my table (which works fine).
Unfortunately the activationCancelled()-method doesn't seem to be executed
at all!
I assume that I have a fundamental misunderstanding of what should trigger
an activationCancelled() event?
Background: (just if you're curious...)
I'm working as a PhD student in physics at the CERN international
high-energy physics laboratory, for the ATLAS experiment.
As a member of the Detector Control System (DCS) group, I'm going to write
an expert system in order to assist the shift crew with the detector
operation.
The operation of the detector is a difficult task, because more than 70000
parameters (like voltages, currents and temperatures) have to be controlled.
A Finite State Machine (FSM) computes a defined and limited number of states
from the given parameters (like ON, OFF, STANDBY,...).
I'm going to synchronize the expert system application to ERROR states of
the FSM, in order to extract the relevant parameters from the system (as it
would be impossible to feed all parameters into the XPS all the time).
This is handled by quite some control rules that decide which data has to be
requested, released and so on.
Once all necessary data has been received, this might lead to activations of
the (more interesting) user rules.
Those rules have an explanatory character like "The temperature of this XYZ
is too high, so please try ABC."
For a given set of facts I assume more then one rule to be activated. Whilst
the rule engine should take care of the execution (firing) of all control
related rules, the execution of the user rules should be under direct user
control.
Displaying all activations in a GUI will allow the user to pick one (try it)
and rate it (the proposed solution solved the problem "yes/no"). Changing
the rules salience according to the answer, will allow the system to
dynamically reflect the current system status. (Rules that are related to
broken connections / wrongly connected cables are likely to be found at the
beginning of the experiment but hopefully only on rare occasion later on.)
In order to ensure that no information is lost during the absence of DCS
experts (which will not always be around), a log file should be written for
each major FSM-ERROR. At the moment the WorkingMemoryFileLogger seems to be
predestined for this job. This way I hope to collect large amounts of ERROR
data during the initial phase of the experiment that helps to extract rules
for numerous error conditions.
This will become especially handy, as such errors have a tendency to come
back, even if the original detector experts are gone for years...
--
View this message in context: http://www.nabble.com/activationCancelled%28%29-not-being-executed--tf434...
Sent from the drools - user mailing list archive at Nabble.com.
15 years, 7 months
