camel-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
Subject [CONF] Apache Camel > Security
Date Fri, 29 Oct 2010 20:36:00 GMT
    <base href="">
            <link rel="stylesheet" href="/confluence/s/1810/9/1/_/styles/combined.css?spaceKey=CAMEL&amp;forWysiwyg=true"
<body style="background: white;" bgcolor="white" class="email-body">
<div id="pageContent">
<div id="notificationFormat">
<div class="wiki-content">
<div class="email">
    <h2><a href="">Security</a></h2>
    <h4>Page <b>edited</b> by             <a href="">Richard
        <div id="versionComment">
        Added Spring-WS<br />
                         <h4>Changes (1)</h4>
<div id="page-diffs">
            <table class="diff" cellpadding="0" cellspacing="0">
            <tr><td class="diff-snipped" >...<br></td></tr>
            <tr><td class="diff-unchanged" >* [Jetty]  - HTTP Basic Authentication
support <br>* [CXF]    - HTTP Basic Authentication &amp; WS-Security support using
the CXF Bus driven interceptor chain <br></td></tr>
            <tr><td class="diff-added-lines" style="background-color: #dfd;">*
[Spring Web Services]   - HTTP Basic Authentication &amp; WS-Security support <br></td></tr>
            <tr><td class="diff-unchanged" >* [Netty]  - SSL support <br>*
[MINA]   - SSL support <br></td></tr>
            <tr><td class="diff-snipped" >...<br></td></tr>
</div>                            <h4>Full Content</h4>
                    <div class="notificationGreySide">
        <h2><a name="Security-Security"></a>Security </h2>

<p>Camel offers several forms &amp; levels of security capabilities that can be
utilized on camel routes. These various forms of security may be used in conjunction with
each other or separately.</p>

<p>The broad categories offered are</p>

	<li>Route Security - Authentication and Authorization services to proceed on a route
or route segment</li>
	<li>Payload Security - Data Formats that offer encryption/decryption services at the
payload level</li>
	<li>Endpoint Security - Security offered by components that can be utilized by endpointUri
associated with the component</li>
	<li>Configuration Security - Security offered by encrypting sensitive information from
configuration files</li>

<h3><a name="Security-RouteSecurityAuthenticationandAuthorizationServices"></a>Route
Security - Authentication and Authorization Services</h3>

<p>Camel offers Policy driven security capabilities that may be wired into routes or
route segments. A Policy in Camel utilizes a strategy pattern for applying interceptors on
Camel Processors. It offering the ability to apply cross-cutting concerns (for example. security,
transactions etc) on sections/segments of a camel route.</p>

<p>The components offering authentication and authorization Services utilizing Route
Policies are</p>
	<li><a href="/confluence/display/CAMEL/Shiro+Security" title="Shiro Security">Shiro
	<li><a href="/confluence/display/CAMEL/Spring+Security" title="Spring Security">Spring

<h3><a name="Security-PayloadSecurityDataFormatsandProducers%2FConsumersofferingencryption%2Fdecryptionservices"></a>Payload
Security - Data Formats and Producers/Consumers offering encryption/decryption services</h3>

<p>Camel offers encryption/decryption services to secure payloads or selectively apply
encryption/decryption capabilities on portions/sections of a payload. </p>

<p>These capabilites are offered by the following components</p>
	<li><a href="/confluence/display/CAMEL/XMLSecurity+DataFormat" title="XMLSecurity
DataFormat">XMLSecurity DataFormat</a></li>
	<li><a href="/confluence/display/CAMEL/Crypto" title="Crypto">Crypto</a></li>

<h3><a name="Security-EndpointSecurity"></a>Endpoint Security</h3>

<p>Some components in camel offer an ability to secure their endpoints (using interceptors
etc) and therefore ensure that they offer the ability to secure payloads as well as provide
authentication/authorization capabilities at endpoints created using the components.</p>

<p>Some such components are</p>

	<li><a href="/confluence/display/CAMEL/Jetty" title="Jetty">Jetty</a> 
- HTTP Basic Authentication support</li>
	<li><a href="/confluence/display/CAMEL/CXF" title="CXF">CXF</a>    - HTTP
Basic Authentication &amp; WS-Security support using the CXF Bus driven interceptor chain</li>
	<li><a href="/confluence/display/CAMEL/Spring+Web+Services" title="Spring Web Services">Spring
Web Services</a>   - HTTP Basic Authentication &amp; WS-Security support</li>
	<li><a href="/confluence/display/CAMEL/Netty" title="Netty">Netty</a> 
- SSL support</li>
	<li><a href="/confluence/display/CAMEL/MINA" title="MINA">MINA</a>   -
SSL support</li>
	<li><a href="/confluence/display/CAMEL/Cometd" title="Cometd">Cometd</a>
- SSL support</li>
	<li><a href="/confluence/display/CAMEL/JMS" title="JMS">JMS</a>    - JAAS
and SSL based security for client &lt;--&gt; broker communication</li>

<h3><a name="Security-ConfigurationSecurity"></a>Configuration Security</h3>
<p><b>Available as of Camel 2.5</b></p>

<p>Camel offers the <a href="/confluence/display/CAMEL/Properties" title="Properties">Properties</a>
component to externalize configuration values to properties files. Those values could contain
sensitive information such as usernames and passwords. Those values can be encrypted and automatic
decrypted by Camel. </p>

	<li><a href="/confluence/display/CAMEL/Jasypt" title="Jasypt">Jasypt</a></li>

        <div id="commentsSection" class="wiki-content pageSection">
        <div style="float: right;">
            <a href=""
class="grey">Change Notification Preferences</a>
        <a href="">View Online</a>
        <a href="">View
        <a href=";showCommentArea=true#addcomment">Add

View raw message