4 Replies Latest reply on Jun 22, 2007 8:47 PM by Andrew

    Seam security with drools logging not working

    Andrew Apprentice

      I have setup the Drools based security with a Seam project residing on Tomcat 6. I am getting an exception of:

      Caused by: java.lang.IllegalArgumentException: The rule called TestRule is not valid. Check for compile errors reported.

      In the tomcat6/logs/localhost.2007-06-22.log file. None of the log files for tomcat actually contain the compiler error though (including catalina.out where I am sending all tomcat stdout and stderr output).

      How can I get the rule compiler error information?

      Relevant Environment:
      jdk 1.6
      tomcat 6
      jboss embedded ejb3 configuration files

      WEB-INF/lib contents:

      activation-1.1.jar concurrent-1.3.4.jar jsf-facelets-1.1.11.jar
      ajax4jsf-1.1.1.jar core- jstl-1.1.2.jar
      antlr-2.7.6.jar dom4j-1.6.1.jar jung-1.7.2.jar
      antlr-3.0ea8.jar drools-compiler-3.0.5.jar junit-3.8.1.jar
      asm-1.5.3.jar drools-core-3.0.5.jar log4j-1.2.12.jar
      asm-attrs-1.5.3.jar ehcache-1.2.4.jar logkit-1.0.1.jar
      avalon-framework-4.1.3.jar el-api-1.1.11.jar mail-1.4.jar
      cglib-2.1_3.jar el-ri-1.1.11.jar myfaces-api-1.1.5.jar
      christws-common-0.0.1.jar hibernate3-3.2.3.GA.jar myfaces-impl-1.1.5.jar
      colt-1.2.0.jar hibernate-annotations-3.2.1.GA.jar oro-2.0.8.jar
      commons-beanutils-1.7.0.jar hibernate-entitymanager-3.2.1.GA.jar persistence-api-1.0.jar
      commons-codec-1.3.jar janino-2.4.3.jar poi-2.5.1-final-20040804.jar
      commons-collections-3.2.jar javassist-3.4.ga.jar postgresql-8.1-407.jdbc3.jar
      commons-digester-1.8.jar jboss-ejb3-all-1.2.1.GA.jar richfaces-3.0.1.jar
      commons-el-1.0.jar jboss-seam-1.2.1.GA.jar spring-2.0.1.jar
      commons-fileupload-1.1.1.jar jboss-seam-debug-1.2.1.GA.jar stringtemplate-2.3b6.jar
      commons-io-1.1.jar jboss-seam-mail-1.2.1.GA.jar tagHandlers-0.9.jar
      commons-jci-core-1.0.jar jboss-seam-remoting-1.2.1.GA.jar tomahawk-1.1.6.jar
      commons-jci-eclipse- jboss-seam-ui-1.2.1.GA.jar tomahawk-sandbox-1.1.6.jar
      commons-jci-fam-1.0.jar jbpm-3.1.4.jar trove-1.0.2.jar
      commons-jci-janino-1.0.jar jcaptcha-all-1.0-RC-2.0.1.jar xercesImpl-2.8.1.jar
      commons-lang-2.2.jar jenia4faces-1.2.1.jar xml-apis-1.0.b2.jar
      commons-logging-1.1.jar jgroups-all- xpp3-
      commons-logging-api-1.0.4.jar joda-time-1.4.jar xstream-1.1.3.jar
      commons-validator-1.3.1.jar jsf-comp-facelets-deployment-0.1.1.jar

      Contents of log4j.xml in my war's WEB-INF/classes directory:
      <?xml version="1.0" encoding="UTF-8"?>
      <!DOCTYPE log4j:configuration SYSTEM "log4j.dtd">
      <log4j:configuration xmlns:log4j="http://jakarta.apache.org/log4j/" debug="false">
       <appender name="CONSOLE" class="org.apache.log4j.ConsoleAppender">
       <errorHandler class="org.jboss.logging.util.OnlyOnceErrorHandler"/>
       <param name="Target" value="System.out"/>
       <layout class="org.apache.log4j.PatternLayout">
       <param name="ConversionPattern" value="%d{HH:mm:ss,SSS} %-5p [%c{1}] %m%n"/>
       <priority value="INFO"/>
       <appender-ref ref="CONSOLE"/>

      package mydomainPermissions;
      import java.security.Principal;
      import org.jboss.seam.security.PermissionCheck;
      import org.jboss.seam.security.Role;
      rule TestRule
       activation-group "permissions"
       check: PermissionCheck(name == "test", action == "test", granted == false)
       Role(name == "user")

      Any Ideas?

        • 1. Re: Seam security with drools logging not working
          Andrew Apprentice

          In seam 1.2.1 in RuleBase.java there is the following code:

          packageDescr = new DrlParser().parse(drlReader);

          It never checks to see if the parser had any errors and therefore does not log them. Even worse, DrlParser is not a local variable to even have a look at using a debugger, and the Drools code from JBoss doesn't have line numbers enabled for debugging.

          Unless I am missing something, it doesn't look like there is any way to get error messages from the rules engine for compiler rules. Is that true?

          • 2. Re: Seam security with drools logging not working
            Gavin King Master

            OK, I added logging of errors to CVS, please try it out, I dont have time today.

            • 3. Re: Seam security with drools logging not working
              Andrew Apprentice


              I am no longer sure if this is a seam problem after all, but a problem with drools.

              In rules 3.0.6 (the only source I could get my hands on),

              The Rule.isValid() has:

              if ( this.consequence == null || !isSemanticallyValid() ) {

              but nowhere in the code is the consequence set, so it is always null, and thus always invalid.

              The only time setConsequence is called is from PackageCompilationData from reload() and write(String, byte[]).

              These are only called by AbstractRuleBase.mergePackage(Package, Package) and PackageStore.write(String, byte[])

              I am not familiar with drools, but does anyone have an idea, or is this indeed a bug in drools 3.0.6?

              • 4. Re: Seam security with drools logging not working
                Andrew Apprentice

                Okay, found the issue. I used maven to build my war, and I built the dependencies that pulled the jars from maven central. It appears those are incompatible with the Seam setup.

                What I had from maven:

                If I install into maven the jars from seam 1.2.1:

                It works. Sorry for the rabbit trail. Hopefully at one point all the seam jars will be hosted on maven with a seam archetype.