On 09/04/2008, cmoulliard <[EMAIL PROTECTED]> wrote: > > Guillaume, > > I see three kinds of security : > > - Secure data transfer using between endpoints. This goal can be achieved > using SSL encyption but How can we achieve this though VM. I'm not sure this > is possible and probably we have to use ssl:// of activemq and not vm://
If you are passing objects around in memory you probably don't wanna use SSL right? So agreed, SSL using ActiveMQ or MINA or HTTPS etc. > - Secure incoming stream*. Stream can be data received from a file, FTP, > HTTP transfer or a queue. In this case, it should be interestin to have an > authentication processor to allow by example to intercept the stream and to > verify if the user sending the data is authorized to provide the data > stream. By example, it could interesting to use something like > from(file://xxxxxx).authenticate(mode). Authenticate will authenticate the > user using the mode defined. Mode could be basic, LDAP, ... whatever you > want. Obviously, the user credentials should be provided though dedicated > fields of the file or message properties Sounds good. For HTTP we could use Acegi easily to verify the incoming request. > - Authorize client to use services onto the bus. This point is probably out > of scope for Camel but it should be interesting also to have a processor > allowing to verify that the client can use or not a service (like > ftom().authorize()). You can argue that we can achieve this by intercepting > the data transfer and check all the security stuff outside of camel or > servicemix using Tivoli or equivalent solutions. Yeah - I guess services could use Spring's security interceptors? -- James ------- http://macstrac.blogspot.com/ Open Source Integration http://open.iona.com
