Return-Path: X-Original-To: apmail-camel-dev-archive@www.apache.org Delivered-To: apmail-camel-dev-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id 60A467EA0 for ; Tue, 20 Sep 2011 15:28:33 +0000 (UTC) Received: (qmail 81246 invoked by uid 500); 20 Sep 2011 15:28:33 -0000 Delivered-To: apmail-camel-dev-archive@camel.apache.org Received: (qmail 81216 invoked by uid 500); 20 Sep 2011 15:28:33 -0000 Mailing-List: contact dev-help@camel.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@camel.apache.org Delivered-To: mailing list dev@camel.apache.org Received: (qmail 81207 invoked by uid 99); 20 Sep 2011 15:28:33 -0000 Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 20 Sep 2011 15:28:33 +0000 X-ASF-Spam-Status: No, hits=-2000.5 required=5.0 tests=ALL_TRUSTED,RP_MATCHES_RCVD X-Spam-Check-By: apache.org Received: from [140.211.11.116] (HELO hel.zones.apache.org) (140.211.11.116) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 20 Sep 2011 15:28:30 +0000 Received: from hel.zones.apache.org (hel.zones.apache.org [140.211.11.116]) by hel.zones.apache.org (Postfix) with ESMTP id E0C4CA4D63 for ; Tue, 20 Sep 2011 15:28:08 +0000 (UTC) Date: Tue, 20 Sep 2011 15:28:08 +0000 (UTC) From: "Ashwin Karpe (JIRA)" To: dev@camel.apache.org Message-ID: <373043476.46494.1316532488917.JavaMail.tomcat@hel.zones.apache.org> In-Reply-To: <434260225.16421.1315816509254.JavaMail.tomcat@hel.zones.apache.org> Subject: [jira] [Commented] (CAMEL-4441) Add Namespace Support to XMLSecurity Component MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-JIRA-FingerPrint: 30527f35849b9dde25b450d4833f0394 X-Virus-Checked: Checked by ClamAV on apache.org [ https://issues.apache.org/jira/browse/CAMEL-4441?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13108776#comment-13108776 ] Ashwin Karpe commented on CAMEL-4441: ------------------------------------- Committed to the Camel trunk as revision r1173190. Thanks to Rich Newcomb for this nice contribution... > Add Namespace Support to XMLSecurity Component > ---------------------------------------------- > > Key: CAMEL-4441 > URL: https://issues.apache.org/jira/browse/CAMEL-4441 > Project: Camel > Issue Type: Improvement > Reporter: Rich Newcomb > Attachments: CAMEL-4441-camel-core.patch, CAMEL-4441-camel-jmx.patch, CAMEL-4441-camel-xmlsecurity.patch, CAMEL-4441-complete-and-final.patch, CAMEL-4441-parent.patch > > > The camel-xmlsecurity data format does not support namespaces when identifying specific nodes to be encrypted or decrypted. The data format will only work for incidental namespace collisions (i.e., when the target XML document has elements that happen to use the same namespace prefix as that used in the secureTag element). > The attached patch resolves this issue by allowing a namespace definition mapping to be included as part of the data format configuration. This enables true namespace matching, even if the prefix values in the data format definition and the target xml document are not equivalent strings. > Below is one example of the updated secureXML API in Java : > {code:xml} > final Map namespaces = new HashMap(); > namespaces.put("cust", "http://cheese.xmlsecurity.camel.apache.org/"); > final KeyStoreParameters tsParameters = new KeyStoreParameters(); > tsParameters.setPassword("password"); > tsParameters.setResource("sender.ts"); > context.addRoutes(new RouteBuilder() { > public void configure() { > from("direct:start") > .marshal().secureXML("//cust:cheesesites/italy", namespaces, true, "recipient", testCypherAlgorithm, XMLCipher.RSA_v1dot5, tsParameters).to("mock:encrypted"); > } > } > {code} > The patch also extends natural XML support to Spring XML route definitions by leveraging the Camel NamespaceAware interface. Thus, a namespace prefix that is defined as part of the camelContext definition can be re-used in context within the data format secureTag attribute of the secureXML element. > For example: > {code:xml} > > > xmlns="http://camel.apache.org/schema/spring" > xmlns:cheese="http://cheese.xmlsecurity.camel.apache.org/"> > > > > secureTag="//cheese:cheesesites/italy" > secureTagContents="true" > xmlCipherAlgorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc" > keyCipherAlgorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5" > recipientKeyAlias="recipient" > keyOrTrustStoreParametersId="trustStoreParams" /> > > ... > {code} > Finally, this patch updates the method used to define TrustStore and KeyStore parameters for asymmetric encryption and decryption. The patch enables the XmlSecuritiy component to use instances of the org.apache.camel.util.jsse.KeyStoreParameters class for this purpose. This is also illustrated in the examples above. The other methods of KeyStore definition are deprecated by the patch. > Minor and related changes provided by the patch include: > * Fixes an error where unit tests were incorrectly skipped (due to security engine not initialized) even when the related crypto algorithms are available. > * Adds a Spring Xml route definition example in the unit tests > * Configures the xmlunit version in the parent.pom and updates camel-jmx to share this configuration -- This message is automatically generated by JIRA. For more information on JIRA, see: http://www.atlassian.com/software/jira