[rules-users] Integration Of Guvnor with CustomApp
Harshit Bapna
hrbapna at gmail.com
Wed Dec 29 00:32:02 EST 2010
Hello Esteban,
Thanks for your invite to contribute.
Actually I really like Drools and belive it has most of the things required
for a successfull product.
Right now(for 1.5 months) I cannot do main stream contribution but I promise
that whatever I do to integrate or enhance Guvnor for our custom
requirements I will make it available to all..
I hope the stuff I have done might be useful for somebody.
For drools-guvnor users, primary purpose is to integrate it into their
custom app.(if they don't want to deploy guvnor separately)
1. Merging of Guvnor into a cutsom app is not a very difficult tasks. One
needs to copy all the Guvnor resources into the respective folders of the
cutsomApp. Also the web.xml has to be updated with the Guvnor stuff.
Note: My custom app was based on spring MVC. No GWT but it fits decently.
2. Authentication & Authorization:
The general requirment would be to do authentication & authorization in
the Guvnor based on the custom apps. Update the components.xml with
customAuthenticator & role based permission as true.
(There are other better ways to solve the problem like SSO, SAML but since I
was able to merge the apps so I depended on the HttpSession.)
>From a link in my custom app I am logging into the guvnor by
silent authentication. The session can be accessed in your
customAuthenticator by
AdminContext authenticatedAdminInfo =
(AdminContext)Contexts.getSessionContext().get("adminSession");
I have written a CustomIntegrator class which does the implicit package
creation, assign role to a user on a package.
RepositoryService instance can be created by
(ServiceImplementation) Component.*getInstance*(
"org.drools.guvnor.client.rpc.*RepositoryService*" );
RoleBasedPermissionStore instance can be created by
RoleBasedPermissionStore store = (RoleBasedPermissionStore) Component.*
getInstance*("org.drools.guvnor.server.security.RoleBasedPermissionStore");
store.addRoleBasedPermissionForTesting(userName, new
RoleBasedPermission(userName,
RoleTypes.PACKAGE_ADMIN, orgName, null));
------------------------------------------------------------------------code
snippet---------------------------------------------------------------------------------
package org.drools.sample;
import javax.security.auth.Subject;
import javax.security.auth.login.LoginException;
import javax.servlet.http.HttpSession;
import org.jboss.seam.annotations.Name;
import org.jboss.seam.contexts.Contexts;
import org.jboss.seam.security.Identity;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import com.sample.admin.framework.adminmgmt.PrincipalAdmin;
import com.sample.admin.framework.policy.AdminContext;
import com.sample.admin.framework.web.controller.AbstractCygnetController;
@Name("sampleAuthenticator")
public class SampleAuthenticator {
private static final Logger log = LoggerFactory.getLogger(
SampleAuthenticator.class );
/**
* @param session
* @return
*/
public boolean authenticate() {
log.info( "User logged in via sample admin login module .");
AdminContext authenticatedAdminInfo =
(AdminContext)Contexts.getSessionContext().get(AbstractCygnetController.SESSION_ADMIN_CONTEXT);
if(authenticatedAdminInfo == null)
return false;//no session available for the user
PrincipalAdmin principalAdmin =
authenticatedAdminInfo.getPrincipal();
if("ACTIVE".equalsIgnoreCase(principalAdmin.getAuthStatus())) {
Identity.instance().getCredentials().setUsername(
principalAdmin.getUserID() );
//CallbackHandler callbak =
Identity.instance().getCredentials().createCallbackHandler();
//callbak.handle(callbacks);
SamplePrincipal[] authPrincipals = new SamplePrincipal[3];
//Adding username to the subject
authPrincipals[0] = new
SamplePrincipal(principalAdmin.getUserID());
//Adding organization to the subject
authPrincipals[1] = new
SamplePrincipal(principalAdmin.getOrgName());
//Adding role to the subject
authPrincipals[2] = new
SamplePrincipal(principalAdmin.getRole().getName());
Subject subject = Identity.instance().getSubject();
for (int i = 0; i < authPrincipals.length; i++) {
if(!subject.getPrincipals().contains(authPrincipals[i]))
{
subject.getPrincipals().add(authPrincipals[i]);
}
}
return true;
}
return false;
}
/**
* @param session
* @return
*/
public boolean sessionAuthenticate(HttpSession session) {
log.info( "User logged in via sample admin login module .");
//AdminContext authenticatedAdminInfo =
(AdminContext)session.getAttribute("adminSession");
AdminContext authenticatedAdminInfo = (AdminContext)
session.getAttribute(AbstractCygnetController.SESSION_ADMIN_CONTEXT);
if(authenticatedAdminInfo == null)
return false;//no session available for the user
PrincipalAdmin principalAdmin =
authenticatedAdminInfo.getPrincipal();
if("ACTIVE".equalsIgnoreCase(principalAdmin.getAuthStatus())) {
Identity.instance().getCredentials().setUsername(
principalAdmin.getUserID() );
//CallbackHandler callbak =
Identity.instance().getCredentials().createCallbackHandler();
//callbak.handle(callbacks);
SamplePrincipal[] authPrincipals = new SamplePrincipal[3];
//Adding username to the subject
authPrincipals[0] = new
SamplePrincipal(principalAdmin.getUserID());
//Adding organization to the subject
authPrincipals[1] = new
SamplePrincipal(principalAdmin.getOrgName());
//Adding role to the subject
authPrincipals[2] = new
SamplePrincipal(principalAdmin.getRole().getName());
Subject subject = Identity.instance().getSubject();
for (int i = 0; i < authPrincipals.length; i++) {
if(!subject.getPrincipals().contains(authPrincipals[i]))
{
subject.getPrincipals().add(authPrincipals[i]);
}
}
}
try {
Identity.instance().authenticate();
} catch ( LoginException e ) {
log.error( "Unable to login.", e );
return false;
}
return Identity.instance().isLoggedIn();
}
}
2010/12/23 Esteban Aliverti <esteban.aliverti at gmail.com>
> Andrew Waterman and Jervis Liu were working on a REST API for Guvnor:
> https://issues.jboss.org/browse/GUVNOR-1080 Maybe you can help them.
> In the other hand, I have implemented a way to embedd Guvnor's editors in
> external applications:
> http://ilesteban.wordpress.com/2010/11/23/guvnor-embed-assets-editor-in-your-application/
>
>
> Best Regards,
>
> XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
>
> Esteban Aliverti
> - Developer @ http://www.plugtree.com
> - Blog @ http://ilesteban.wordpress.com
>
>
> 2010/12/23 Harshit Bapna <hrbapna at gmail.com>
>
>> Hello All,
>>
>> I am able to successfully integrate Guvnor into my custom app. (based on
>> spring)
>> (
>> http://drools-java-rules-engine.46999.n3.nabble.com/How-to-integrate-Guvnor-GUI-in-a-test-app-td1595617.html
>> )
>>
>> I have written some code in the index.jsp which invokes the
>> ServiceImplementation of Guvnor.
>> I am observing that RuleRepository object is coming as null.
>> Note: Through the integrated app If I hit the Guvnor URL than it is
>> working as normal.
>>
>> private ServiceImplementation getService() {
>> ServiceImplementation impl = new ServiceImplementation();
>> RulesRepository repository = impl.getRulesRepository();
>> return impl;
>> }
>>
>> What is the suggested way of using the Guvnor services from the jsp/java ?
>>
>>
>>
>> _______________________________________________
>> rules-users mailing list
>> rules-users at lists.jboss.org
>> https://lists.jboss.org/mailman/listinfo/rules-users
>>
>>
>
> _______________________________________________
> rules-users mailing list
> rules-users at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/rules-users
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/rules-users/attachments/20101229/af4fab06/attachment.html
More information about the rules-users
mailing list