camel-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Claus Ibsen <claus.ib...@gmail.com>
Subject Re: [HEADS UP] - Configuring passwords in Camel endpoints is now easier with new RAW syntax
Date Mon, 25 Mar 2013 16:37:59 GMT
On Mon, Mar 25, 2013 at 5:20 PM, Raul Kripalani <raul@evosent.com> wrote:
> Sounds good and much simpler to read than yet another bracket-y expression.
> Great addition!
>
> Just being persnickety, is it possible to escape RAW() itself? That is,
> would "RAW(RAW())" evaluate to "RAW()"?
>

Well if we didn't have the existing syntax from camel-jasypt with
ENC(stuff here).
Then we would have a bit more free hands. But we can still change it,
but I kinda like it to be similar/consistent.

The parsing is easier if we have a known start and end token. And the
tokens should be unique so they do not clash with a value an end user
would normally use. So opted for RAW(.

Currently the code does not allow escaping itself. Not sure if there
is such a use-case where people want to configure an option on an
endpoint with a value of RAW() or RAW(abc) or what ever.

We could allow escaping but it would just complicate the parsing
process a little bit more, as it would need to detect the escaped
start token. And be able to pair the end tokens etc.

Again, is there really an real life use-case where people want to
configure a value of RAW(stuff) as the value as_is ?


Though I wonder if we should have a different end token that was more
unique than an ) sign. That makes the parsing easier as well, as ) can
be common to use. eg today we detect the end token as a ) sign
followed by a & sign to denote a new parameter. Or if we reached the
end of the line.

There could potential be a situation where you have a password that is
++secre)&123

Which you configure as:
password=RAW(++secre)&123)&binary=true

Now we have 2 end tokens, eg at
e)&1
3)&b

So we would need to improve the parser, to know that the end token, is
the last )& before a new parameter key is given with eg binary=true.

Using a more unique end token fixes this caveat. We could have
RAW(value)RAW, eg so it would be
password=RAW(++secre)&123)RAW&binary=true


Though not sure if its so "nice".

Any thoughts?


> Thanks,
>
> *Raúl Kripalani*
> Enterprise Architect, Open Source Integration specialist, Program
> Manager | Apache
> Camel Committer
> http://about.me/raulkripalani | http://www.linkedin.com/in/raulkripalani
> http://blog.raulkr.net | twitter: @raulvk
>
> On Mon, Mar 25, 2013 at 4:03 PM, Claus Ibsen <claus.ibsen@gmail.com> wrote:
>
>> Hi
>>
>> Configuring passwords directly in the Camel endpoint uris can be a bit
>> more tricky if the password contains signs such as + & or other
>> symbols.
>>
>> As those symbols would be URI decimal encoded.
>>
>> So inspired by our camel-jasypt component
>> http://camel.apache.org/jasypt
>>
>> Which allows to use an ENC(secret stuff here) syntax to encrypt some
>> content in the uris, eg also for passwords etc.
>>
>> We now have a new RAW(value) syntax as well for endpoint URI options.
>>
>> So if you have the password
>> se+re?t&23
>>
>> Then you can tell Camel to use the value as is as shown below:
>> .to("ftp:joe@myftpserver.com?password=RAW(se+re?t&23)&binary=true"
>>
>> You can see more details here:
>>
>> https://cwiki.apache.org/confluence/display/CAMEL/How+do+I+configure+endpoints
>>
>>
>> I wanted to use the same syntax as we already use, eg for
>> camel-jasypt, and hence went for RAW(value).
>> And I didn't want to introduce a syntax that was to similar to
>> property placeholders, using some kind of [[ ]] tokens.  And hence
>> settled for RAW(value).
>>
>> All the tests passes with this change.
>> And there is also a new ftp unit test where we use a password that
>> would fail in earlier Camel releases.
>>
>> And it should be possible to backport the change to Camel 2.10 branch,
>> if the community thinks its a good idea. Which it could be as this is
>> already a problem for people today to set their passwords in Camel
>> 2.10, eg as reported here:
>> https://issues.apache.org/jira/browse/CAMEL-6176
>>
>> For now the commit is on trunk for the upcoming Camel 2.11 release.
>>
>>
>>
>> --
>> Claus Ibsen
>> -----------------
>> Red Hat, Inc.
>> FuseSource is now part of Red Hat
>> Email: cibsen@redhat.com
>> Web: http://fusesource.com
>> Twitter: davsclaus
>> Blog: http://davsclaus.com
>> Author of Camel in Action: http://www.manning.com/ibsen
>>



-- 
Claus Ibsen
-----------------
Red Hat, Inc.
FuseSource is now part of Red Hat
Email: cibsen@redhat.com
Web: http://fusesource.com
Twitter: davsclaus
Blog: http://davsclaus.com
Author of Camel in Action: http://www.manning.com/ibsen

Mime
View raw message