Hiya Guillaume,
Some thoughts inlined...
Guillaume Nodet wrote:
Securing messages is not handled yet, but can be done using
WS-Security on soap enabled transports (servicemix-jms and
servicemix-http binding components). Is there a need to secure
messages within the bus ?
Could there be a situation where multiple users are using the bus and
they all have different levels of access? And also in that situation
could there be a message broadcast where only certain users have access
to the information? If so I think there may be some need for encrypted
messages.
Securing services seems to be the most difficult part. The JMS specs
only mention the use of the subject property on a NormalizedMessage
http://java.sun.com/integration/1.0/docs/sdk/api/javax/jbi/messaging/NormalizedMessage.html#setSecuritySubject(javax.security.auth.Subject).
The main problem is how to set / use this information and how
informations about service authorizations.
Such security informations may be embedded in the service unit /
service assemblies deployment, or may be configured separately on the
container. When a component sends a jbi exchange, the container
could check the authorizations for the destination endpoint (or
service, interface ?).
However, I do not have any clue on how this information will be
provided by binding components when an external message comes in. HTTP
transport could leverage HTTP authentication, but what about the other
transports ?
I think I see two ways we could set the SecuritySubject:
- At the configuration level, i.e. configuring the username/password in
the BC configuration
- The API of the Binding Component - say we have a BC which access a
service on the bus that needs the SecuritySubject. When the user
interacts with the API of the BC, they would need to provide their
security information. The BC would then be responsible for setting the
Subject on the NormalizedMessage
- Another option would be to do some sort of ThreadLocal type thing. If
a BC doesn't have a way to set the security info, we could always create
a custom API along the likes of
"SecurityContext.setCurrentSubject(subject)".
I also have been doing some thinking about WS-Security/Policy
integration. WS-Security is easy enough to hook in, we just need to wire
in XFire to listen for requests then pass on the messages to the bus.
I'm guess we can use the ws-sec security tokens and put those on the bus
as well? XFire But there is the whole problem that ws-sec just sucks and
is too damn slow, so I don't really like pushing it as a good option.
Also, it'd be really cool to just to write the policy or policy
fragments and have the endpoint in servicemix enforce that. So we can
require security or RM or whatever else real easily. Guess I need to get
off my arse and do some WS-Policy integration with XFire.
- Dan
--
Dan Diephouse
Envoi Solutions
http://envoisolutions.com
http://netzooid.com/blog
