exec and relay actions triggered by event processing rules call local engine and arbitrary URL respectively. However these calls are not accompanied by appropriate access tokens, resulting in these features useless in many cases (unless the called engine endpoint or URL is open to public).
Remedy
Let these actions be accompanied with appropriate tokens, like relay.event action in which a valid TransCell Access Token is automatically issued and attached upon action invocation.
The tokens can be generated using the event subject & roles information.
SawamiWataru
commented
6 years ago
Problem
exec and relay actions triggered by event processing rules call local engine and arbitrary URL respectively. However these calls are not accompanied by appropriate access tokens, resulting in these features useless in many cases (unless the called engine endpoint or URL is open to public).
Remedy
Let these actions be accompanied with appropriate tokens, like relay.event action in which a valid TransCell Access Token is automatically issued and attached upon action invocation.
The tokens can be generated using the event subject & roles information.
https://github.com/personium/personium-core/blob/master/src/main/java/io/personium/core/rule/action/ExecAction.java https://github.com/personium/personium-core/blob/master/src/main/java/io/personium/core/rule/action/RelayAction.java https://github.com/personium/personium-core/blob/master/src/main/java/io/personium/core/rule/action/RelayEventAction.java