camel-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From David Valeri <dval...@apache.org>
Subject Re: [jira] [Commented] (CAMEL-3750) Provide a common mechanism to facilitate configuration of TLS across Camel components
Date Sun, 03 Apr 2011 20:20:42 GMT
Yes.  They should be in the patch under the Camel Spring component.  Let me
know if you find them to be missing as that indicates something is amiss
with my workspace.

David Valeri
-------------------
Twitter: DavidValeri
Blog: http://davidvaleri.wordpress.com/
FuseSource: http://fusesource.com

On Sat, Apr 2, 2011 at 9:04 PM, Johan Edstrom <seijoed@gmail.com> wrote:

> Do you have NamespaceHandlers for this as well?
>
> On Apr 2, 2011, at 3:46 PM, David Valeri (JIRA) wrote:
>
> >
> >    [
> https://issues.apache.org/jira/browse/CAMEL-3750?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13015082#comment-13015082]
> >
> > David Valeri commented on CAMEL-3750:
> > -------------------------------------
> >
> > Claus, thanks for taking a look and providing the feedback.
> >
> > I'll refactor the resource loading, add some OSGi based unit tests, and
> split the patch as requested.  I'm guessing it will take me a week or two to
> find the time to to make these changes.
> >
> >> Provide a common mechanism to facilitate configuration of TLS across
> Camel components
> >>
> -------------------------------------------------------------------------------------
> >>
> >>                Key: CAMEL-3750
> >>                URL: https://issues.apache.org/jira/browse/CAMEL-3750
> >>            Project: Camel
> >>         Issue Type: New Feature
> >>         Components: camel-core, camel-http, camel-jetty
> >>           Reporter: David Valeri
> >>            Fix For: Future
> >>
> >>        Attachments: CAMEL-3750.patch
> >>
> >>
> >> CXF provides a nice Spring Namespace handler for configuring TLS options
> on the Jetty transport.  Configuring these options using XML in Spring or
> through a simplified set of utility classes decreases the learning curve for
> users by sheltering them from the horrors of JSSE.
> >> There are a large number of components in Camel that deal with socket
> communication at some level, but they all require users to learn the
> specific low level configuration capabilities of the library on which the
> component is based in order to configure custom TLS options.
> >> It would be convenient if users didn't need to learn the advanced
> networking configuration options for each component.
> >> This enhancement suggests a similar Spring Namespace handler and utility
> classes that allow for simplified configuration of an SSLContext as well as
> adding provisions to some of the Camel components in order to accept this
> new configuration mechanism.  The initial components to support the new
> configuration mechanism are the http, http4, and Jetty components.  Other
> components would follow.
> >> An example usage is below.
> >> Programmatic configuration:
> >> {code}
> >> KeyStoreParameters ksp = new KeyStoreParameters();
> >>
> ksp.setResource(this.getClass().getClassLoader().getResource("jsse/localhost.ks").toString());
> >> ksp.setPassword(pwd);
> >>
> >> KeyManagersParameters kmp = new KeyManagersParameters();
> >> kmp.setKeyPassword(pwd);
> >> kmp.setKeyStore(ksp);
> >> TrustManagersParameters tmp = new TrustManagersParameters();
> >> tmp.setKeyStore(ksp);
> >>
> >> SSLContextParameters sslContextParameters = new SSLContextParameters();
> >> sslContextParameters.setKeyManagers(kmp);
> >> sslContextParameters.setTrustManagers(tmp);
> >> {code}
> >> XML Configuration:
> >> {code:XML}
> >> <SSLContextParameters id="sslContextParameters"
> secureSocketProtocol="TLS">
> >>  <keyManagers
> >>      keyPassword="password">
> >>    <keyStore resource="./localhost.jks" password="password"/>
> >>  </keyManagers>
> >>  <secureSocketProtocolsFilter>
> >>    <include>TLS.*</include>
> >>  </secureSocketProtocolsFilter>
> >> </SSLContextParameters>
> >> {code}
> >> Usage in a route:
> >> {code}
> >> from("jetty:
> https://localhost:443/hello?sslContextParametersRef=sslContextParameters
> ").process(proc);
> >> {code}
> >
> > --
> > This message is automatically generated by JIRA.
> > For more information on JIRA, see:
> http://www.atlassian.com/software/jira
>
>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message