Re: Is security support planned (JAAS, ACEGI, ...)

Wed, 09 Apr 2008 03:48:18 -0700 


James.Strachan wrote:
> 
> On 09/04/2008, cmoulliard <[EMAIL PROTECTED]> wrote:
>>
>>  Guillaume,
>>
>>  I see three kinds of security :
>>
>>  - Secure data transfer using between endpoints. This goal can be
>> achieved
>>  using SSL encyption but How can we achieve this though VM. I'm not sure
>> this
>>  is possible and probably we have to use ssl:// of activemq and not vm://
> 
> If you are passing objects around in memory you probably don't wanna
> use SSL right? So agreed, SSL using ActiveMQ or MINA or HTTPS etc.
> 
>>  - Secure incoming stream*. Stream can be data received from a file, FTP,
>>  HTTP transfer or a queue. In this case, it should be interestin to have
>> an
>>  authentication processor to allow by example to intercept the stream and
>> to
>>  verify if the user sending the data is authorized to provide the data
>>  stream. By example, it could interesting to use something like
>>  from(file://xxxxxx).authenticate(mode). Authenticate will authenticate
>> the
>>  user using the mode defined. Mode could be basic, LDAP, ... whatever you
>>  want. Obviously, the user credentials should be provided though
>> dedicated
>>  fields of the file or message properties
> 
> Sounds good. For HTTP we could use Acegi easily to verify the incoming
> request.
> 
>>  - Authorize client to use services onto the bus. This point is probably
>> out
>>  of scope for Camel but it should be interesting also to have a processor
>>  allowing to verify that the client can use or not a service (like
>>  ftom().authorize()). You can argue that we can achieve this by
>> intercepting
>>  the data transfer and check all the security stuff outside of camel or
>>  servicemix using Tivoli or equivalent solutions.
> 
> Yeah - I guess services could use Spring's security interceptors?
> 
> Good idea since we can use Acegi through Spring with interceptor
> (http://www.acegisecurity.org/guide/springsecurity.html)
> 
> Charles
> -- 
> James
> -------
> http://macstrac.blogspot.com/
> 
> Open Source Integration
> http://open.iona.com
> 
> 

-- 
View this message in context: 
http://www.nabble.com/Is-security-support-planned-%28JAAS%2C-ACEGI%2C-...%29-tp16561887s22882p16584152.html
Sent from the Camel - Users mailing list archive at Nabble.com.























					Reply via email to