Details
-
Bug
-
Resolution: Unresolved
-
Major
-
None
-
5.0.0.FINAL
-
None
Description
There is an issue in
org.drools.agent.HttpClientImpl.checkLastUpdated(URL u)
When the URL passed in is not guest accessible (requires basic authentication), this is not a handled situation in this version of Drools.
So when you try to use Drools Execution Server to connect rulebase in Guvnor >5.2 (has authentication enabled)... it will fail if the rulebase URL is not guest accessible.
These two methods need to have authentication added in (marked by START and END NDD).
public LastUpdatedPing checkLastUpdated(URL url) throws IOException {
URLConnection con = url.openConnection();
HttpURLConnection httpCon = (HttpURLConnection) con;
try {
// **** START NDD *****
BASE64Encoder enc = new sun.misc.BASE64Encoder();
String userpassword = "ad-user" + ":" + "ad-password";
String encodedAuthorization = enc.encode( userpassword.getBytes() );
httpCon.setRequestProperty("Authorization", "Basic "+
encodedAuthorization);
// **** END NDD *****
httpCon.setRequestMethod( "HEAD" );
String lm = httpCon.getHeaderField( "lastModified" );
LastUpdatedPing ping = new LastUpdatedPing();
ping.responseMessage = httpCon.getHeaderFields().toString();
if ( lm != null )
{ ping.lastUpdated = Long.parseLong( lm ); } else {
long httpLM = httpCon.getLastModified();
if ( httpLM > 0 )
}
return ping;
} finally
}
public Package fetchPackage(URL url) throws IOException,
ClassNotFoundException {
URLConnection con = url.openConnection();
HttpURLConnection httpCon = (HttpURLConnection) con;
try {
// **** START NDD *****
BASE64Encoder enc = new sun.misc.BASE64Encoder();
String userpassword = "ad-user" + ":" + "ad-password";
String encodedAuthorization = enc.encode( userpassword.getBytes() );
httpCon.setRequestProperty("Authorization", "Basic "+
encodedAuthorization);
// **** END NDD *****
httpCon.setRequestMethod( "GET" );
Object o = DroolsStreamUtils.streamIn( httpCon.getInputStream() );
if ( o instanceof KnowledgePackageImp ) { return ((KnowledgePackageImp) o).pkg; } else { return (Package) o; }
} finally { httpCon.disconnect(); }
}
Obviously a production scenario would pull those username/password combinations from the .properties file for the rulebase.