camel-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Claus Ibsen <claus.ib...@gmail.com>
Subject Re: Camel security
Date Thu, 01 Apr 2010 10:49:32 GMT
Hi

Sounds great with Drools integration with Camel.

No there is not a general security module in Camel.
Its something that we will work on and provide in the future.
At present time its not on the roadmap short term.

Each individual camel component often have their own security settings
which you leverage, such as Jetty etc.



On Thu, Apr 1, 2010 at 11:04 AM, jliu <jervisliu@gmail.com> wrote:
>
> Hi,
>
> I am currently working on Drools (http://www.jboss.org/drools) Camel
> integration. One requirement popped up is to provide a secured access to
> Drools KnowledgeSession . For those who is not familiar with Drools, Drools
> KnowledgeSession is defined as a Camel process or endpoint. Basically this
> means an authentication framework and an authorization framework that can be
> used to provide service level and method level security. The authorization
> part needs to support both role-based authorization and rule-based
> authorization. So for example, with this security in place, I can say "only
> admin type user can access Drools KnowledgeSession " or  "only admin type
> user can call insertFact on Drools KnowledgeSession ".  I can also say "If
> the current user has called fireAllRules on Drools KnowledgeSession more
> than an average of 5 times in the last minute, then reject the next
> invocation, as its possible fraud".
>
> An example of camle route with authorization may look like below (Please
> note, this is not a valid configuration, just used to illustrate the idea):
>
> Service level security:
>
> a camel route without authorization:
> <camel:route>
>     <camel:from uri="direct:executor" />
>     <camel:process ref="DroolsBatchExecutorProcessor"/>
>     <camel:to uri="direct:xstreamTransformerResult" />
> </camel:route>
>
> a camel route with simple role based authorization using role mappings
> stored in property files:
> <camel:route>
>    <camel:from uri="direct:executor" />
>    <camel:process ref="DroolsBatchExecutorProcessor"
> authorization-module="role-based-using-property-file" rolesAllowed="admin=,
> analysis"/>
>    <camel:to uri="direct:xstreamTransformerResult" />
> </camel:route>
>
>  a camel route with rule based authorization using Drools:
> <camel:route>
>     <camel:from uri="direct:executor" />
>     <camel:process ref="DroolsBatchExecutorProcessor"
> authorization-module="rule-based-using-drools"/>
>     <camel:to uri="direct:xstreamTransformerResult" />
> </camel:route>
>
> Method level security:
> TBD
>
> Does such feature exist in Camel or will be supported in the future?
>
> Thanks,
>
> Jervis Liu
> --
> View this message in context: http://old.nabble.com/Camel-security-tp28106100p28106100.html
> Sent from the Camel - Users mailing list archive at Nabble.com.
>
>



-- 
Claus Ibsen
Apache Camel Committer

Author of Camel in Action: http://www.manning.com/ibsen/
Open Source Integration: http://fusesource.com
Blog: http://davsclaus.blogspot.com/
Twitter: http://twitter.com/davsclaus

Mime
View raw message