camel-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Willem Jiang (JIRA)" <>
Subject [jira] Assigned: (CAMEL-2796) camel-spring-security: provide reference to the policy when authorization fails
Date Tue, 08 Jun 2010 00:53:52 GMT


Willem Jiang reassigned CAMEL-2796:

    Assignee: Willem Jiang

> camel-spring-security: provide reference to the policy when authorization fails
> -------------------------------------------------------------------------------
>                 Key: CAMEL-2796
>                 URL:
>             Project: Apache Camel
>          Issue Type: Improvement
>    Affects Versions: 2.3.0
>            Reporter: Paul Mietz Egli
>            Assignee: Willem Jiang
> While it is possible to set up different policies to enforce authorization rules on Camel
routes with the new camel-spring-security plugin, there is currently no way to tell which
policy was being enforced when a is thrown.
 It would be very helpful to have a reference to the policy ID in the CamelAuthorizationException
or in the headers so we can use it in the onException handlers.
> For example, let's say you have two policies:
>   <authorizationPolicy id="user" access="ROLE_USER" authenticationManager="authenticationManager"
>     xmlns="" />
>   <authorizationPolicy id="admin" access="ROLE_ADMIN" authenticationManager="authenticationManager"
>     xmlns="" />
> You also have two routes which use these policies:
>     <camelContext id="myCamelContext" xmlns="">
>           <onException useOriginalMessage="true">
>             <exception></exception>
>             <handled><constant>true</constant></handled>
>             <to uri="log:auth_error" />
>         </onException>
>         <route>
>             <from uri="direct:adminStart"/>
>             <policy ref="admin">
>                 <to uri="mock:end"/>
>             </policy>
>         </route>
>         <route>
>             <from uri="direct:userStart"/>
>             <policy ref="admin">
>                 <to uri="mock:end"/>
>             </policy>
>         </route>
>     </camelContext>
> Both of these routes will fail with an AccessDeniedException if the user doesn't have
the proper role, but it would be desirable to handle exceptions for the ROLE_ADMIN failure
differently than the ROLE_USER failure, maybe by using a <choice> element in the <onException>
> I know we have the CamelFailureEndpoint header, but this isn't very useful when more
than one route uses the same authorization policy.

This message is automatically generated by JIRA.
You can reply to this email to add a comment to the issue online.

View raw message