Carl,

 

I have the exact same concern. I posted a similar question several days ago but didn’t get any replies.

 

Have you deployed BRMS behind SSL? I haven’t so far, so can’t say if the RulesAgent can use https URLs.

 

Also, have you been able to enable security? Which app server are you using?

 

If security is enabled and BRMS login is password protected, how would the RulesAgent be able to consume packages from the URLs without using a username/password?

 

I’ll keep you posted if I discover anything in this regard.

 

Thanks,

 

Vikas

 

From: rules-users-bounces@lists.jboss.org [mailto:rules-users-bounces@lists.jboss.org] On Behalf Of Cabou, Carl
Sent: Wednesday, May 21, 2008 8:49 AM
To: Rules Users List
Subject: [rules-users] https package url

 

Hi all,

 

I use the Business Rules Server to deploy rules packages and I use the URL feature to consume them. It works fine but I am concern about security in rules requests.

I’ve seen in the documentation that we can use SSL for BRMS login security but what about url requests to rules packages ??

 

Regards,

Carl

 


This email and/or any files or attachments transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed, and may contain information that is privileged, confidential and exempt from disclosure under applicable law. If you are not the intended recipient, or the employee or agent responsible for delivering the message to the intended recipient, you are hereby notified that any dissemination, distribution or copying of this e-mail and/or any files or attachments transmitted with it is strictly forbidden. If you have received this email in error, please delete the e-mail and/or any files or attachments, and also notify the system manager (PostMaster@mercuryinsurance.com) of the error. Please note that any views or opinions presented in this email are solely those of the author and do not necessarily represent those of the company. Finally, the recipient should check this email and any attachments for the presence of viruses. The company accepts no liability for any damage caused by any virus transmitted by this email and/or any files or attachments transmitted with it.