0 Replies Latest reply on Jul 25, 2009 1:04 AM by Mark Torres

    Rule-based security and drools agent

    Mark Torres Newbie

      I'm trying to use rule-based security along with drools:rule-agent. My rule agent is configured as follows:

      <drools:rule-agent name="securityRules"
                auto-create="true" />

      We set new-instance to false so that the rulebase picks up the changes automatically. However we're still having issues with permissions not working correctly.

      I did some peeking and in RuleBasedPermissionResolver, the creation of the statefulsession has false on the keepReference parameter.

      if (getSecurityRules() != null)
               getSecurityContext().setGlobalResolver(new SeamGlobalResolver(getSecurityContext().getGlobalResolver()));

      According to drools documentation, when set to true, which is the default, the rulebase maintains a weak reference to the working memory. So I was thinking its ok to just leave it blank. We overrode the RuleBasedPermissionResolver to

           protected void initSecurityContext() {
                if (getSecurityRules()!=null){
                     //set a stateful session that is referred to by the rulebase.
                     //this is for agent-based deployment.
                   getSecurityContext().setGlobalResolver(new SeamGlobalResolver(getSecurityContext().getGlobalResolver()));

      and it started working correctly.

      Is there any reason that RuleBasedPermissionResolver had it to false? Will it make sense to make this configurable via


      as a feature of seam security?

      Thanks for your input.