使用已配置AD的Guvnor作为端点时，Guvnor执行服务器获取401

Question

我们使用的是：

·随Drools 5.0.x一起提供的Drools Execution Server·Drools Guvnor 5.2配置了active directory

执行服务器和guvnor运行在相同的Tomcat上，并使用相同的端口。

使用执行服务器，您可以为配置文件中的每个包提供一个侦听器。我有两个这样的文件，from-file-system.properties，它们指向手动部署drools二进制包的本地目录。这可以很好地工作。

但我尝试使用-guvnor.properties，它指向5.3Guvnor.properties上的二进制软件包。下面是这个文件：

name=ndipiazza
newInstance=true
# Absolute path of the directory containing pc.drl: placeholder replaced by Ant.
url=http://localhost:9109/drools-guvnor/rest/packages/NDD_Test/binary
poll=10

我得到以下错误：

RuleAgent(ndipiazza) INFO (Mon Jun 18 18:11:32 EDT 2012): Configuring package provider : URLScanner monitoring URLs:  http://localhost:9109/drools-guvnor/rest/packages/NDD_Test/binary
RuleAgent(ndipiazza) WARNING (Mon Jun 18 18:11:34 EDT 2012): Was an error contacting http://localhost:9109/drools-guvnor/rest/packages/NDD_Test/binary. Reponse header: {null=[HTTP/1.1 401 Unauthorized]

某种授权错误很可能与Guvnor 5.2中的active directory配置有关。在早期版本的Guvnor中，这对我们来说工作得很好。

如何解决此问题？

Answer 1

所以我们今天隔离了这个问题。当Drools Server 5.0.x具有任何类型的身份验证时，它不支持URL端点。

我报告了一个错误：https://issues.jboss.org/browse/JBRULES-3554

如果没有这些更改，这将无法工作。

drools-core的org/drools/agent/HttpClientImpl.java

这两种方法需要添加身份验证(标记为START和END NDD)，并明显地切换为您的用户名/密码。

public LastUpdatedPing checkLastUpdated(URL url) throws IOException {
        URLConnection con = url.openConnection();
        HttpURLConnection httpCon = (HttpURLConnection) con;
        try {
// **** START NDD ***** 
            BASE64Encoder enc = new sun.misc.BASE64Encoder();
            String userpassword = "ad-user" + ":" + "ad-password";
            String encodedAuthorization = enc.encode( userpassword.getBytes() );
            httpCon.setRequestProperty("Authorization", "Basic "+
                  encodedAuthorization);
            // **** END NDD *****             



            httpCon.setRequestMethod( "HEAD" );            


            String lm = httpCon.getHeaderField( "lastModified" );
            LastUpdatedPing ping = new LastUpdatedPing();

            ping.responseMessage = httpCon.getHeaderFields().toString();

            if ( lm != null ) {
                ping.lastUpdated = Long.parseLong( lm );
            } else {
                long httpLM = httpCon.getLastModified();
                if ( httpLM > 0 ) {
                    ping.lastUpdated = httpLM;
                }
            }

            return ping;
        } finally {
            httpCon.disconnect();
        }

    }

    public Package fetchPackage(URL url) throws IOException,
                                        ClassNotFoundException {
        URLConnection con = url.openConnection();
        HttpURLConnection httpCon = (HttpURLConnection) con;
        try {

            // **** START NDD ***** 
            BASE64Encoder enc = new sun.misc.BASE64Encoder();
            String userpassword = "ad-user" + ":" + "ad-password";
            String encodedAuthorization = enc.encode( userpassword.getBytes() );
            httpCon.setRequestProperty("Authorization", "Basic "+
                  encodedAuthorization);
            // **** END NDD *****             




            httpCon.setRequestMethod( "GET" );

            Object o = DroolsStreamUtils.streamIn( httpCon.getInputStream() );

            if ( o instanceof KnowledgePackageImp ) {
                return ((KnowledgePackageImp) o).pkg;
            } else {
                return (Package) o;
            }
        } finally {
            httpCon.disconnect();
        }
    }

谜团解开了。