3 Replies Latest reply on Jan 20, 2010 12:20 AM by sage.sam

    All drools rules evaluating false?

    flopsi
    flopsi Dec 21, 2009 7:49 PM
      Hi!
      I want to use Seam 2.2.0 GA with drools-based security, but in my tests every rule seems to be evaluated false. Authentification (via SSL) works fine by the way. Here are my configs:

      WEB-INF/components.xml
      ----------------------
         <drools:rule-base name="securityRules" rule-files="security.drl"/>
         <security:rule-based-permission-resolver security-rules="#{securityRules}"/>
         <security:jpa-identity-store user-class="..." role-class="..."/>
         <security:remember-me mode="usernameOnly" cookie-max-age="2419200"/>


      Stripped down security.drl, placed in WEB-INF/classes
      -----------------------------------------------------
      package Permissions;
      import java.security.Principal;
      import org.jboss.seam.security.permission.PermissionCheck;
      import org.jboss.seam.security.Role;

      rule doUpdateBlobTest
      when
              $perm: PermissionCheck(action == "updateBlobTest", granted == false)
      then
              $perm.grant();
      end


      Restricted component method
      ---------------------------
      @Name("ppBlobtestHome")
      public class PpBlobtestHome extends EntityHome<PpBlobtest> {
              ...
              @Override
              @Restrict("#{s:hasPermission(null, 'updateBlobTest')}")
              public String update() {
                      ...
              }
              ...
      }


      IMHO the rule should always evaluate true, but running the app i always get the error:
      javax.faces.el.EvaluationException: org.jboss.seam.security.AuthorizationException: Authorization check failed for expression [#{s:hasPermission(null, 'updateBlobTest')}]
      The rule is so stripped down right now that i expect the problem results rather from not finding the rules at all than from rule evaluation, but i might be wrong...

      Any help is greatly appreciated,
      thanks a lot, and best regards
      Flo
      • 428 Views
      • Tags:
        • 1. Re: All drools rules evaluating false?
          balazska
          balazska Dec 21, 2009 10:14 PM (in response to flopsi)

          try to look at seam drools example apps.

            • Actions
          • 2. Re: All drools rules evaluating false?
            flopsi
            flopsi Dec 22, 2009 3:26 PM (in response to flopsi)
            Hi!

            I just wanted to state that i solved the issue. It seems that there were some libs missing, which is kind of strange cos my project was initially setup with seam-gen and according to Seam In Action there should be nothing else to do...
            Second thing (which i discovered by finally looking at the sources) is that null for the target parameter is not allowed for some reason:

            org/jboss/seam/security/Identity.java:
               public boolean hasPermission(Object target, String action)
               {
                  ...
                  if (target == null) return false;
                  ...
               }

            In my test-rules i did not use any target object, so i thought i could just pass null here. Now i pass some kind of dummy object, and it works...

            Thanks, best regards
            Flo
              • Actions
            • 3. Re: All drools rules evaluating false?
              sage.sam
              sage.sam Jan 20, 2010 12:20 AM (in response to flopsi)

              Florian Petersen wrote on Dec 22, 2009 15:26:


              I just wanted to state that i solved the issue. It seems that there were some libs missing, which is kind of strange cos my project was initially setup with seam-gen and according to Seam In Action there should be nothing else to do...


              Thanks for posting this little follow-up... you just solved my issue!

                • Actions