Red Hat Summit 红帽全球峰会支持控制台(Console)开发人员开始试用联系人

128.3. 控制对 Camel 路由的访问

需要 Spring Security AuthenticationManagerAccessDecisionManager 来使用此组件。以下是如何使用 Spring Security 命名空间在 Spring XML 中配置这些对象的示例: 

<beans xmlns="http://www.springframework.org/schema/beans"
   xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
   xmlns:spring-security="http://www.springframework.org/schema/security"
   xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
    http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security.xsd">

   <bean id="accessDecisionManager" class="org.springframework.security.access.vote.AffirmativeBased">
      <property name="allowIfAllAbstainDecisions" value="true"/>
      <property name="decisionVoters">
         <list>
            <bean class="org.springframework.security.access.vote.RoleVoter"/>
         </list>
      </property>
   </bean>

   <spring-security:authentication-manager alias="authenticationManager">
      <spring-security:authentication-provider user-service-ref="userDetailsService"/>
   </spring-security:authentication-manager>

   <spring-security:user-service id="userDetailsService">
      <spring-security:user name="jim" password="jimspassword" authorities="ROLE_USER, ROLE_ADMIN"/>
      <spring-security:user name="bob" password="bobspassword" authorities="ROLE_USER"/>
   </spring-security:user-service>

</beans>

现在设置了底层的安全对象,我们可以使用它们配置授权策略,并使用该策略控制对路由的访问: 

<beans xmlns="http://www.springframework.org/schema/beans"
   xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
   xmlns:spring-security="http://www.springframework.org/schema/security"
   xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
    http://camel.apache.org/schema/spring http://camel.apache.org/schema/spring/camel-spring.xsd
    http://camel.apache.org/schema/spring-security http://camel.apache.org/schema/spring-security/camel-spring-security.xsd
    http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security.xsd">

    <!-- import the Spring security configuration  -->
    <import resource= "classpath:org/apache/camel/component/spring/security/commonSecurity.xml"/>

    <authorizationPolicy id="admin" access="ROLE_ADMIN"
      authenticationManager="authenticationManager"
      accessDecisionManager="accessDecisionManager"
      xmlns="http://camel.apache.org/schema/spring-security"/>

    <camelContext id="myCamelContext" xmlns="http://camel.apache.org/schema/spring">
      <route>
         <from uri="direct:start"/>
         <!-- The exchange should be authenticated with the role -->
         <!-- of ADMIN before it is send to mock:endpoint -->
         <policy ref="admin">
            <to uri="mock:end"/>
         </policy>
      </route>
    </camelContext>
</beans>

在本例中,仅在以下情况下执行端点 mock:end

  • admin SpringSecurityAuthorizationPolicy 可以找到 Spring Security Authentication 对象,如下所示:

    • 可以被验证或可以进行身份验证
    • 包含 ROLE_ADMIN 授权
Red Hat logoGithubRedditYoutubeTwitter

学习

尝试、购买和销售

社区

关于红帽文档

通过我们的产品和服务,以及可以信赖的内容,帮助红帽用户创新并实现他们的目标。

让开源更具包容性

红帽致力于替换我们的代码、文档和 Web 属性中存在问题的语言。欲了解更多详情,请参阅红帽博客.

關於紅帽

我们提供强化的解决方案,使企业能够更轻松地跨平台和环境(从核心数据中心到网络边缘)工作。

© 2024 Red Hat, Inc.