Este contenido no está disponible en el idioma seleccionado.
Chapter 7. Security
Security in JBoss EAP is a vast topic. Both JBoss EAP and Camel have well documented, standardised methods of securing configuration, endpoints and payloads.
7.1. JAX-RS Security Copiar enlaceEnlace copiado en el portapapeles!
The following topics explain how to secure JAX-RS endpoints.
7.2. JAX-WS Security Copiar enlaceEnlace copiado en el portapapeles!
The following topics explain how to secure JAX-WS endpoints.
7.3. JMS Security Copiar enlaceEnlace copiado en el portapapeles!
The following topics explain how to secure JMS endpoints.
Additionally, you can use Camel’s notion of Route Policies to integrate with the JBoss EAP security system.
7.4. Route Policy Copiar enlaceEnlace copiado en el portapapeles!
Camel supports the notion of RoutePolicies, which can be used to integrate with the JBoss EAP security system. There are currently two supported scenarios for security integration.
7.4.1. Camel calls into JavaEE Copiar enlaceEnlace copiado en el portapapeles!
When a camel route calls into a secured JavaEE component, it acts as a client and must provide appropriate credentials associated with the call.
You can decorate the route with a ClientAuthorizationPolicy
as follows:
This does not do any authentication and authorization, as a part of the camel message processing. Instead, it associates the credentials that come with the Camel Exchange with the call into the EJB3 layer.
The client that calls the message consumer must provide appropriate credentials in the AUTHENTICATION header like this:
ProducerTemplate producer = camelctx.createProducerTemplate(); Subject subject = new Subject(); subject.getPrincipals().add(new DomainPrincipal(domain)); subject.getPrincipals().add(new EncodedUsernamePasswordPrincipal(username, password)); producer.requestBodyAndHeader("direct:start", "Kermit", Exchange.AUTHENTICATION, subject, String.class);
ProducerTemplate producer = camelctx.createProducerTemplate();
Subject subject = new Subject();
subject.getPrincipals().add(new DomainPrincipal(domain));
subject.getPrincipals().add(new EncodedUsernamePasswordPrincipal(username, password));
producer.requestBodyAndHeader("direct:start", "Kermit", Exchange.AUTHENTICATION, subject, String.class);
Authentication and authorization will happen in the JavaEE layer.
7.4.2. Securing a Camel Route Copiar enlaceEnlace copiado en el portapapeles!
In order to secure a Camel Route, you can associate a DomainAuthorizationPolicy
with the route. This policy requires a successful authentication against the given security domain and authorization for "Role2".
Again, the client that calls the message consumer must provide appropriate credentials in the AUTHENTICATION header like this:
ProducerTemplate producer = camelctx.createProducerTemplate(); Subject subject = new Subject(); subject.getPrincipals().add(new DomainPrincipal(domain)); subject.getPrincipals().add(new EncodedUsernamePasswordPrincipal(username, password)); producer.requestBodyAndHeader("direct:start", "Kermit", Exchange.AUTHENTICATION, subject, String.class);
ProducerTemplate producer = camelctx.createProducerTemplate();
Subject subject = new Subject();
subject.getPrincipals().add(new DomainPrincipal(domain));
subject.getPrincipals().add(new EncodedUsernamePasswordPrincipal(username, password));
producer.requestBodyAndHeader("direct:start", "Kermit", Exchange.AUTHENTICATION, subject, String.class);