camel-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Willem jiang <willem.ji...@gmail.com>
Subject Re: Jetty proxy routes confused behavior.
Date Wed, 07 Nov 2012 01:46:56 GMT
As the servlet is called from the web container which should take care of the transport security
issue.
It makes sense that you can do the security setup through the WebContainer like Jetty or Tomcat.

-- 
Willem Jiang

Red Hat, Inc.
FuseSource is now part of Red Hat
Web: http://www.fusesource.com | http://www.redhat.com
Blog: http://willemjiang.blogspot.com (http://willemjiang.blogspot.com/) (English)
          http://jnn.javaeye.com (http://jnn.javaeye.com/) (Chinese)
Twitter: willemjiang 
Weibo: willemjiang





On Wednesday, November 7, 2012 at 3:07 AM, dvsridhar wrote:

> William,
> With your suggestion I was able to stood up the spring-security oauth for
> http proxy routes. However, I just learnt that camel-servlet component
> doesn't have support Camel JSSE Utility
> (http://camel.apache.org/camel-configuration-utilities.html). *We have a
> requirement to support FIPS140 and NIST compliance for SSL transport layer
> and we use RSA JsafeJCE crypto jars for strong encryption. For this
> compliance to work, I need to override the default cipher suites and supply
> the following cipher suites SSL_RSA_WITH_AES_128_CBC_SHA and
> SSL_RSA_WITH_AES_256_CBC_SHA.*(http://publib.boulder.ibm.com/infocenter/wmqv7/v7r0/index.jsp?topic=%2Fcom.ibm.mq.csqzaw.doc%2Fja34740_.htm)

> 
> 
> *I really don't know what to do here. 
> camel-jetty doesn't work with spring security, but it supports JSSE.
> camel-http4 only produce to http endpoints.
> camel-servlet can consume http content but doesn't work with JSSE.
> *
> Looks like I have to change my direction completely and only use CXF for
> security (oauth) and FIPS compliance. But the part I hate the most with this
> approach is for a simple REST URL http redirect use case I have to stand up
> dummy RestImplmentation which makes a no sense for a proxy layer.
> 
> *For example:*
> 
> <camel:camelContext>
> <camel:route>
> <camel:from uri="cxfrs://bean://vendorConsumer"/>
> 
> <camel:removeHeader headerName="Content-Length" /> 
> <camel:to uri="cxfrs://bean://vendorProducer"/> 
> </camel:route>
> </camel:camelContext>
> 
> <cxf:rsServer id="vendorConsumer" address="/Vendor"
> <b> serviceClass="com.xyz.rest.resource.impl.VendorRSImpl" *
> loggingFeatureEnabled="true">
> <cxf:extensionMappings>
> <entry key="json" value="application/json"/>
> <entry key="xml" value="application/xml"/>
> </cxf:extensionMappings> 
> </cxf:rsServer>
> 
> <cxf:rsClient id="vendorProducer" address="http://myhost:7001/FDX/Vendor" 
> serviceClass="com.xyz.rest.resource.api.VendorRS" inheritHeaders="true"
> loggingFeatureEnabled="true" >
> </cxf:rsClient>
> 
> To make this route work I have to stand this dummy implementation
> "com.xyz.rest.resource.impl.VendorRSImpl", where as my actual service
> provider is present at a different URL("http://myhost:7001/FDX/Vendor").
> 
> /In the above configuration "com.ams.momapi.rest.resource.api.VendorRS" is a
> JAX_RS based REST interface and com.xyz.rest.resource.impl.VendorRSImpl is
> the dummy implementation./
> 
> What would be recommendation for this. Any help appreciated.
> 
> Thanks,
> Sridhar
> 
> 
> 
> --
> View this message in context: http://camel.465427.n5.nabble.com/Jetty-proxy-routes-confused-behavior-tp5721076p5722250.html
> Sent from the Camel - Users mailing list archive at Nabble.com (http://Nabble.com).




Mime
View raw message