camel-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Willem Jiang <willem.ji...@gmail.com>
Subject Re: Camel security
Date Thu, 01 Apr 2010 14:20:09 GMT
Hi Jervis

I'm planing to work on Spring security and Camel integration[1] in the 
coming up few week.
If everything goes well, I think you can try out the basic security 
implementation with Role based authorization then we can try to 
integrate the Drools part.

[1] https://issues.apache.org/activemq/browse/CAMEL-2579

Willem

Claus Ibsen wrote:
> Hi
> 
> Sounds great with Drools integration with Camel.
> 
> No there is not a general security module in Camel.
> Its something that we will work on and provide in the future.
> At present time its not on the roadmap short term.
> 
> Each individual camel component often have their own security settings
> which you leverage, such as Jetty etc.
> 
> 
> 
> On Thu, Apr 1, 2010 at 11:04 AM, jliu <jervisliu@gmail.com> wrote:
>> Hi,
>>
>> I am currently working on Drools (http://www.jboss.org/drools) Camel
>> integration. One requirement popped up is to provide a secured access to
>> Drools KnowledgeSession . For those who is not familiar with Drools, Drools
>> KnowledgeSession is defined as a Camel process or endpoint. Basically this
>> means an authentication framework and an authorization framework that can be
>> used to provide service level and method level security. The authorization
>> part needs to support both role-based authorization and rule-based
>> authorization. So for example, with this security in place, I can say "only
>> admin type user can access Drools KnowledgeSession " or  "only admin type
>> user can call insertFact on Drools KnowledgeSession ".  I can also say "If
>> the current user has called fireAllRules on Drools KnowledgeSession more
>> than an average of 5 times in the last minute, then reject the next
>> invocation, as its possible fraud".
>>
>> An example of camle route with authorization may look like below (Please
>> note, this is not a valid configuration, just used to illustrate the idea):
>>
>> Service level security:
>>
>> a camel route without authorization:
>> <camel:route>
>>     <camel:from uri="direct:executor" />
>>     <camel:process ref="DroolsBatchExecutorProcessor"/>
>>     <camel:to uri="direct:xstreamTransformerResult" />
>> </camel:route>
>>
>> a camel route with simple role based authorization using role mappings
>> stored in property files:
>> <camel:route>
>>    <camel:from uri="direct:executor" />
>>    <camel:process ref="DroolsBatchExecutorProcessor"
>> authorization-module="role-based-using-property-file" rolesAllowed="admin=,
>> analysis"/>
>>    <camel:to uri="direct:xstreamTransformerResult" />
>> </camel:route>
>>
>>  a camel route with rule based authorization using Drools:
>> <camel:route>
>>     <camel:from uri="direct:executor" />
>>     <camel:process ref="DroolsBatchExecutorProcessor"
>> authorization-module="rule-based-using-drools"/>
>>     <camel:to uri="direct:xstreamTransformerResult" />
>> </camel:route>
>>
>> Method level security:
>> TBD
>>
>> Does such feature exist in Camel or will be supported in the future?
>>
>> Thanks,
>>
>> Jervis Liu
>> --
>> View this message in context: http://old.nabble.com/Camel-security-tp28106100p28106100.html
>> Sent from the Camel - Users mailing list archive at Nabble.com.
>>
>>
> 
> 
> 


Mime
View raw message