camel-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From conflue...@apache.org
Subject [CONF] Apache Camel > Spring Security Example
Date Wed, 15 May 2013 10:10:01 GMT
<html>
<head>
    <base href="https://cwiki.apache.org/confluence">
            <link rel="stylesheet" href="/confluence/s/2042/9/1/_/styles/combined.css?spaceKey=CAMEL&amp;forWysiwyg=true"
type="text/css">
    </head>
<body style="background: white;" bgcolor="white" class="email-body">
<div id="pageContent">
<div id="notificationFormat">
<div class="wiki-content">
<div class="email">
    <h2><a href="https://cwiki.apache.org/confluence/display/CAMEL/Spring+Security+Example">Spring
Security Example</a></h2>
    <h4>Page <b>edited</b> by             <a href="https://cwiki.apache.org/confluence/display/~bvahdat">Babak
Vahdat</a>
    </h4>
        <br/>
                         <h4>Changes (1)</h4>
                                 
    
<div id="page-diffs">
                    <table class="diff" cellpadding="0" cellspacing="0">
    
            <tr><td class="diff-snipped" >...<br></td></tr>
            <tr><td class="diff-unchanged" >{code} <br> &quot;http://localhost:8080/camel/user&quot;
is for the authenticated user whose role is ROLE_USER <br></td></tr>
            <tr><td class="diff-changed-lines" ><span class="diff-changed-words">&quot;http://localhost:8080/camel/admi<span
class="diff-deleted-chars"style="color:#999;background-color:#fdd;text-decoration:line-through;">m</span><span
class="diff-added-chars"style="background-color: #dfd;">n</span>&quot;</span>
is for the authenticated user whose role is ROLE_ADMIN <br></td></tr>
            <tr><td class="diff-unchanged" >{code} <br> <br></td></tr>
            <tr><td class="diff-snipped" >...<br></td></tr>
    
            </table>
    </div>                            <h4>Full Content</h4>
                    <div class="notificationGreySide">
        <h2><a name="SpringSecurityExample-SpringSecurityExample"></a>Spring
Security Example</h2>

<p>This example shows you how to leverage the <a href="http://static.springsource.org/spring-security/site/index.html"
class="external-link" rel="nofollow">Spring Security</a> already provides authentication
mechanism and authoriationPolicy which is provided in <a href="/confluence/display/CAMEL/Spring+Security"
title="Spring Security">camel-spring-security</a> module to implement a role based
authorization application. </p>

<p>This example consumes messages from a servlet endpoint which is secured by Spring
Security with http basic authentication, there are two service:</p>
<div class="code panel" style="border-width: 1px;"><div class="codeContent panelContent">
<pre class="code-java">
 <span class="code-quote">"http:<span class="code-comment">//localhost:8080/camel/user"</span>
is <span class="code-keyword">for</span> the authenticated user whose role is
ROLE_USER
</span> <span class="code-quote">"http:<span class="code-comment">//localhost:8080/camel/admin"</span>
is <span class="code-keyword">for</span> the authenticated user whose role is
ROLE_ADMIN</span>
</pre>
</div></div>

<p>You will need to compile this example first:</p>
<div class="code panel" style="border-width: 1px;"><div class="codeContent panelContent">
<pre class="code-java">
  cd $CAMEL_HOME/examples/camel-example-spring-security
  mvn clean install
</pre>
</div></div>

<p>To run the example, you need to start up the server by typing</p>
<div class="code panel" style="border-width: 1px;"><div class="codeContent panelContent">
<pre class="code-java">
  mvn jetty:run
</pre>
</div></div>
<p>To stop the server hit ctrl + c</p>

<p>Then you can use the script in the client directory to send the request and check
the response, or use browser to access upper service with the user/password ("jim/jimspassword"
with the admin and user role  or "rob/robspassword" with user role).</p>

<p>Here is the camel route configuration:</p>

<div class="code panel" style="border-width: 1px;"><div class="codeContent panelContent">
<pre class="code-xml">&lt;beans xmlns=<span class="code-quote">"http://www.springframework.org/schema/beans"</span>
       <span class="code-keyword">xmlns:xsi</span>=<span class="code-quote">"http://www.w3.org/2001/XMLSchema-instance"</span>
       <span class="code-keyword">xmlns:spring-security</span>=<span class="code-quote">"http://www.springframework.org/schema/security"</span>
       xsi:schemaLocation="
         http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
         http://camel.apache.org/schema/spring http://camel.apache.org/schema/spring/camel-spring.xsd
         http://camel.apache.org/schema/spring-security http://camel.apache.org/schema/spring-security/camel-spring-security.xsd
         http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security.xsd"&gt;

  <span class="code-tag">&lt;spring-security:http realm=<span class="code-quote">"User
Restrict Realm"</span>&gt;</span>
    <span class="code-tag">&lt;spring-security:intercept-url pattern=<span class="code-quote">"/camel/**"</span>
access=<span class="code-quote">"ROLE_USER"</span>/&gt;</span>
    <span class="code-tag">&lt;spring-security:http-basic/&gt;</span>
    <span class="code-tag">&lt;spring-security:remember-me/&gt;</span>
  <span class="code-tag">&lt;/spring-security:http&gt;</span>

    <span class="code-tag"><span class="code-comment">&lt;!--  set up the
user configuration here --&gt;</span></span>
  <span class="code-tag">&lt;spring-security:authentication-manager alias=<span
class="code-quote">"authenticationManager"</span>&gt;</span>
    <span class="code-tag">&lt;spring-security:authentication-provider user-service-ref=<span
class="code-quote">"userDetailsService"</span>/&gt;</span>
  <span class="code-tag">&lt;/spring-security:authentication-manager&gt;</span>

  <span class="code-tag">&lt;spring-security:user-service id=<span class="code-quote">"userDetailsService"</span>&gt;</span>
    <span class="code-tag">&lt;spring-security:user name=<span class="code-quote">"jim"</span>
password=<span class="code-quote">"jimspassword"</span> authorities=<span class="code-quote">"ROLE_USER,
ROLE_ADMIN"</span>/&gt;</span>
    <span class="code-tag">&lt;spring-security:user name=<span class="code-quote">"bob"</span>
password=<span class="code-quote">"bobspassword"</span> authorities=<span class="code-quote">"ROLE_USER"</span>/&gt;</span>
  <span class="code-tag">&lt;/spring-security:user-service&gt;</span>

  <span class="code-tag">&lt;bean id=<span class="code-quote">"accessDecisionManager"</span>
class=<span class="code-quote">"org.springframework.security.access.vote.AffirmativeBased"</span>&gt;</span>
    <span class="code-tag">&lt;property name=<span class="code-quote">"allowIfAllAbstainDecisions"</span>
value=<span class="code-quote">"true"</span>/&gt;</span>
    <span class="code-tag">&lt;property name=<span class="code-quote">"decisionVoters"</span>&gt;</span>
      <span class="code-tag">&lt;list&gt;</span>
        <span class="code-tag">&lt;bean class=<span class="code-quote">"org.springframework.security.access.vote.RoleVoter"</span>/&gt;</span>
      <span class="code-tag">&lt;/list&gt;</span>
    <span class="code-tag">&lt;/property&gt;</span>
  <span class="code-tag">&lt;/bean&gt;</span>

  <span class="code-tag"><span class="code-comment">&lt;!-- The Policy for
checking the authentication role of ADMIN --&gt;</span></span>
  &lt;authorizationPolicy id=<span class="code-quote">"admin"</span> access=<span
class="code-quote">"ROLE_ADMIN"</span>
                       authenticationManager=<span class="code-quote">"authenticationManager"</span>
                       accessDecisionManager=<span class="code-quote">"accessDecisionManager"</span>
                       xmlns=<span class="code-quote">"http://camel.apache.org/schema/spring-security"</span>/&gt;

  <span class="code-tag"><span class="code-comment">&lt;!-- The Policy for
checking the authentication role of USER --&gt;</span></span>
  &lt;authorizationPolicy id=<span class="code-quote">"user"</span> access=<span
class="code-quote">"ROLE_USER"</span>
                       xmlns=<span class="code-quote">"http://camel.apache.org/schema/spring-security"</span>/&gt;

  <span class="code-tag">&lt;camelContext id=<span class="code-quote">"myCamelContext"</span>
xmlns=<span class="code-quote">"http://camel.apache.org/schema/spring"</span>&gt;</span>
    <span class="code-tag"><span class="code-comment">&lt;!-- Catch the authorization
exception and set the Access Denied message back --&gt;</span></span>
    <span class="code-tag">&lt;onException&gt;</span>
      <span class="code-tag">&lt;exception&gt;</span>org.apache.camel.CamelAuthorizationException<span
class="code-tag">&lt;/exception&gt;</span>
      <span class="code-tag">&lt;handled&gt;</span>
        <span class="code-tag">&lt;constant&gt;</span>true<span class="code-tag">&lt;/constant&gt;</span>
      <span class="code-tag">&lt;/handled&gt;</span>
      <span class="code-tag">&lt;transform&gt;</span>
        <span class="code-tag">&lt;simple&gt;</span>Access Denied with
the Policy of ${exception.policyId} !<span class="code-tag">&lt;/simple&gt;</span>
      <span class="code-tag">&lt;/transform&gt;</span>
    <span class="code-tag">&lt;/onException&gt;</span>

    <span class="code-tag">&lt;route&gt;</span>
      <span class="code-tag">&lt;from uri=<span class="code-quote">"servlet:///user"</span>/&gt;</span>
      <span class="code-tag"><span class="code-comment">&lt;!-- wrap the route
in the policy which enforces security check --&gt;</span></span>
      <span class="code-tag">&lt;policy ref=<span class="code-quote">"user"</span>&gt;</span>
        <span class="code-tag">&lt;transform&gt;</span>
          <span class="code-tag">&lt;simple&gt;</span>Normal user can
access this service<span class="code-tag">&lt;/simple&gt;</span>
        <span class="code-tag">&lt;/transform&gt;</span>
      <span class="code-tag">&lt;/policy&gt;</span>
    <span class="code-tag">&lt;/route&gt;</span>

    <span class="code-tag">&lt;route&gt;</span>
      <span class="code-tag">&lt;from uri=<span class="code-quote">"servlet:///admin"</span>/&gt;</span>
      <span class="code-tag"><span class="code-comment">&lt;!-- wrap the route
in the policy which enforces security check --&gt;</span></span>
      <span class="code-tag">&lt;policy ref=<span class="code-quote">"admin"</span>&gt;</span>
        <span class="code-tag">&lt;transform&gt;</span>
          <span class="code-tag">&lt;simple&gt;</span>Call the admin operation
OK<span class="code-tag">&lt;/simple&gt;</span>
        <span class="code-tag">&lt;/transform&gt;</span>
      <span class="code-tag">&lt;/policy&gt;</span>
    <span class="code-tag">&lt;/route&gt;</span>

  <span class="code-tag">&lt;/camelContext&gt;</span>

<span class="code-tag">&lt;/beans&gt;</span>
</pre>
</div></div>

<p>You can find how to configure the camel-servlet with http basic authentication by
check the files in <a href="https://svn.apache.org/repos/asf/camel/trunk/examples/camel-example-spring-security/src/main/webapp/WEB-INF"
class="external-link" rel="nofollow">WEB-INF</a> </p>
    </div>
        <div id="commentsSection" class="wiki-content pageSection">
        <div style="float: right;">
            <a href="https://cwiki.apache.org/confluence/users/viewnotifications.action"
class="grey">Change Notification Preferences</a>
        </div>
        <a href="https://cwiki.apache.org/confluence/display/CAMEL/Spring+Security+Example">View
Online</a>
        |
        <a href="https://cwiki.apache.org/confluence/pages/diffpagesbyversion.action?pageId=17268800&revisedVersion=4&originalVersion=3">View
Changes</a>
                |
        <a href="https://cwiki.apache.org/confluence/display/CAMEL/Spring+Security+Example?showComments=true&amp;showCommentArea=true#addcomment">Add
Comment</a>
            </div>
</div>
</div>
</div>
</div>
</body>
</html>

Mime
View raw message