Hi Jervis
I'm planing to work on Spring security and Camel integration[1] in the
coming up few week.
If everything goes well, I think you can try out the basic security
implementation with Role based authorization then we can try to
integrate the Drools part.
[1] https://issues.apache.org/activemq/browse/CAMEL-2579
Willem
Claus Ibsen wrote:
Hi
Sounds great with Drools integration with Camel.
No there is not a general security module in Camel.
Its something that we will work on and provide in the future.
At present time its not on the roadmap short term.
Each individual camel component often have their own security settings
which you leverage, such as Jetty etc.
On Thu, Apr 1, 2010 at 11:04 AM, jliu <[email protected]> wrote:
Hi,
I am currently working on Drools (http://www.jboss.org/drools) Camel
integration. One requirement popped up is to provide a secured access to
Drools KnowledgeSession . For those who is not familiar with Drools, Drools
KnowledgeSession is defined as a Camel process or endpoint. Basically this
means an authentication framework and an authorization framework that can be
used to provide service level and method level security. The authorization
part needs to support both role-based authorization and rule-based
authorization. So for example, with this security in place, I can say "only
admin type user can access Drools KnowledgeSession " or "only admin type
user can call insertFact on Drools KnowledgeSession ". I can also say "If
the current user has called fireAllRules on Drools KnowledgeSession more
than an average of 5 times in the last minute, then reject the next
invocation, as its possible fraud".
An example of camle route with authorization may look like below (Please
note, this is not a valid configuration, just used to illustrate the idea):
Service level security:
a camel route without authorization:
<camel:route>
<camel:from uri="direct:executor" />
<camel:process ref="DroolsBatchExecutorProcessor"/>
<camel:to uri="direct:xstreamTransformerResult" />
</camel:route>
a camel route with simple role based authorization using role mappings
stored in property files:
<camel:route>
<camel:from uri="direct:executor" />
<camel:process ref="DroolsBatchExecutorProcessor"
authorization-module="role-based-using-property-file" rolesAllowed="admin=,
analysis"/>
<camel:to uri="direct:xstreamTransformerResult" />
</camel:route>
a camel route with rule based authorization using Drools:
<camel:route>
<camel:from uri="direct:executor" />
<camel:process ref="DroolsBatchExecutorProcessor"
authorization-module="rule-based-using-drools"/>
<camel:to uri="direct:xstreamTransformerResult" />
</camel:route>
Method level security:
TBD
Does such feature exist in Camel or will be supported in the future?
Thanks,
Jervis Liu
--
View this message in context:
http://old.nabble.com/Camel-security-tp28106100p28106100.html
Sent from the Camel - Users mailing list archive at Nabble.com.
