[jboss-jira] [JBoss JIRA] (JBRULES-3554) drools-server 5.0.x - cannot pull in rulebases from guvnor >5.2 by guvnor's web URL when authentication is enabled
Nicholas DiPiazza (JIRA)
jira-events at lists.jboss.org
Fri Jun 22 17:53:13 EDT 2012
[ https://issues.jboss.org/browse/JBRULES-3554?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Nicholas DiPiazza updated JBRULES-3554:
---------------------------------------
Summary: drools-server 5.0.x - cannot pull in rulebases from guvnor >5.2 by guvnor's web URL when authentication is enabled (was: drools-server 5.0.x - cannot pull in rulebases from guvnor by >5.2 by guvnor's web URL when authentication is enabled)
> drools-server 5.0.x - cannot pull in rulebases from guvnor >5.2 by guvnor's web URL when authentication is enabled
> -------------------------------------------------------------------------------------------------------------------
>
> Key: JBRULES-3554
> URL: https://issues.jboss.org/browse/JBRULES-3554
> Project: Drools
> Issue Type: Bug
> Security Level: Public(Everyone can see)
> Components: drools-core
> Affects Versions: 5.0.0.FINAL
> Environment: All OS - only Drools Server 5.0.x connecting to Guvnor > 5.2 with some sort of authentication turned on with security:identity in components.xml
> Reporter: Nicholas DiPiazza
> Assignee: Mark Proctor
>
> There is an issue in
> org.drools.agent.HttpClientImpl.checkLastUpdated(URL u)
> When the URL passed in is not guest accessible (requires basic authentication), this is not a handled situation in this version of Drools.
> So when you try to use Drools Execution Server to connect rulebase in Guvnor >5.2 (has authentication enabled)... it will fail if the rulebase URL is not guest accessible.
> These two methods need to have authentication added in (marked by START and END NDD).
> public LastUpdatedPing checkLastUpdated(URL url) throws IOException {
> URLConnection con = url.openConnection();
> HttpURLConnection httpCon = (HttpURLConnection) con;
> try {
> // **** START NDD *****
> BASE64Encoder enc = new sun.misc.BASE64Encoder();
> String userpassword = "ad-user" + ":" + "ad-password";
> String encodedAuthorization = enc.encode( userpassword.getBytes() );
> httpCon.setRequestProperty("Authorization", "Basic "+
> encodedAuthorization);
> // **** END NDD *****
>
> httpCon.setRequestMethod( "HEAD" );
>
>
> String lm = httpCon.getHeaderField( "lastModified" );
> LastUpdatedPing ping = new LastUpdatedPing();
> ping.responseMessage = httpCon.getHeaderFields().toString();
> if ( lm != null ) {
> ping.lastUpdated = Long.parseLong( lm );
> } else {
> long httpLM = httpCon.getLastModified();
> if ( httpLM > 0 ) {
> ping.lastUpdated = httpLM;
> }
> }
> return ping;
> } finally {
> httpCon.disconnect();
> }
> }
> public Package fetchPackage(URL url) throws IOException,
> ClassNotFoundException {
> URLConnection con = url.openConnection();
> HttpURLConnection httpCon = (HttpURLConnection) con;
> try {
> // **** START NDD *****
> BASE64Encoder enc = new sun.misc.BASE64Encoder();
> String userpassword = "ad-user" + ":" + "ad-password";
> String encodedAuthorization = enc.encode( userpassword.getBytes() );
> httpCon.setRequestProperty("Authorization", "Basic "+
> encodedAuthorization);
> // **** END NDD *****
>
>
> httpCon.setRequestMethod( "GET" );
> Object o = DroolsStreamUtils.streamIn( httpCon.getInputStream() );
> if ( o instanceof KnowledgePackageImp ) {
> return ((KnowledgePackageImp) o).pkg;
> } else {
> return (Package) o;
> }
> } finally {
> httpCon.disconnect();
> }
> }
> Obviously a production scenario would pull those username/password combinations from the .properties file for the rulebase.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.jboss.org/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
More information about the jboss-jira
mailing list