Shiro SecurityPage edited by Ashwin KarpeChanges (2)
Full ContentShiro Security ComponentAvailable as of Camel 2.5 The shiro-security component in Camel is a security focused component, based on the Apache Shiro security project. Apache Shiro is a powerful and flexible open-source security framework that cleanly handles authentication, authorization, enterprise session management and cryptography. The objective of the Apache Shiro project is to provide the most robust and comprehensive application security framework available while also being very easy to understand and extremely simple to use. This camel shiro-security component allows authentication and authorization support to be applied to different segments of a camel route. Shiro security is applied on a route using a Camel Policy. A Policy in Camel utilizes a strategy pattern for applying interceptors on Camel Processors. It offering the ability to apply cross-cutting concerns (for example. security, transactions etc) on sections/segments of a camel route. Maven users will need to add the following dependency to their pom.xml for this component: <dependency> <groupId>org.apache.camel</groupId> <artifactId>camel-shiro-security</artifactId> <version>x.x.x</version> <!-- use the same version as your Camel core version --> </dependency>
The consumer mode supports both one-way and request-response based operations. Usage SamplesA UDP Netty endpoint using Request-Reply and serialized object payloadRouteBuilder builder = new RouteBuilder() { public void configure() { from("netty:udp://localhost:5155?sync=true") .process(new Processor() { public void process(Exchange exchange) throws Exception { Poetry poetry = (Poetry) exchange.getIn().getBody(); poetry.setPoet("Dr. Sarojini Naidu"); exchange.getOut().setBody(poetry); } } } }; A TCP based Netty consumer endpoint using One-way communicationRouteBuilder builder = new RouteBuilder() { public void configure() { from("netty:tcp://localhost:5150") .to("mock:result"); } }; An SSL/TCP based Netty consumer endpoint using Request-Reply communicationJndiRegistry registry = new JndiRegistry(createJndiContext()); registry.bind("password", "changeit"); registry.bind("ksf", new File("src/test/resources/keystore.jks")); registry.bind("tsf", new File("src/test/resources/keystore.jks")); context.createRegistry(registry); context.addRoutes(new RouteBuilder() { public void configure() { String netty_ssl_endpoint = "netty:tcp://localhost:5150sync=true&ssl=true&passphrase=#password" + "&keyStoreFile=#ksf&trustStoreFile=#tsf"; String return_string = "When You Go Home, Tell Them Of Us And Say," + "For Your Tomorrow, We Gave Our Today."; from(netty_ssl_endpoint) .process(new Processor() { public void process(Exchange exchange) throws Exception { exchange.getOut().setBody(return_string); } } } }); Using Multiple CodecsIn certain cases it may be necessary to add chains of encoders and decoders to the netty pipeline. To add multpile codecs to a camel netty endpoint the 'encoders' and 'decoders' uri parameters should be used. Like the 'encoder' and 'decoder' parameters they are used to supply references (to lists of ChannelUpstreamHandlers and ChannelDownstreamHandlers) that should be added to the pipeline. Note that if encoders is specified then the encoder param will be ignored, similarly for decoders and the decoder param. The lists of codecs need to be added to the Camel's registry so they can be resolved when the endpoint is created. LengthFieldBasedFrameDecoder lengthDecoder = new LengthFieldBasedFrameDecoder(1048576, 0, 4, 0, 4); StringDecoder stringDecoder = new StringDecoder(); registry.bind("length-decoder", lengthDecoder); registry.bind("string-decoder", stringDecoder); LengthFieldPrepender lengthEncoder = new LengthFieldPrepender(4); StringEncoder stringEncoder = new StringEncoder(); registry.bind("length-encoder", lengthEncoder); registry.bind("string-encoder", stringEncoder); List<ChannelUpstreamHandler> decoders = new ArrayList<ChannelUpstreamHandler>(); decoders.add(lengthDecoder); decoders.add(stringDecoder); List<ChannelDownstreamHandler> encoders = new ArrayList<ChannelDownstreamHandler>(); encoders.add(lengthEncoder); encoders.add(stringEncoder); registry.bind("encoders", encoders); registry.bind("decoders", decoders); Spring's native collections support can be used to specify the codec lists in an application context <util:list id="decoders" list-class="java.util.LinkedList"> <bean class="org.jboss.netty.handler.codec.frame.LengthFieldBasedFrameDecoder"> <constructor-arg value="1048576"/> <constructor-arg value="0"/> <constructor-arg value="4"/> <constructor-arg value="0"/> <constructor-arg value="4"/> </bean> <bean class="org.jboss.netty.handler.codec.string.StringDecoder"/> </util:list> <util:list id="encoders" list-class="java.util.LinkedList"> <bean class="org.jboss.netty.handler.codec.frame.LengthFieldPrepender"> <constructor-arg value="4"/> </bean> <bean class="org.jboss.netty.handler.codec.string.StringEncoder"/> </util:list> <bean id="length-encoder" class="org.jboss.netty.handler.codec.frame.LengthFieldPrepender"> <constructor-arg value="4"/> </bean> <bean id="string-encoder" class="org.jboss.netty.handler.codec.string.StringEncoder"/> <bean id="length-decoder" class="org.jboss.netty.handler.codec.frame.LengthFieldBasedFrameDecoder"> <constructor-arg value="1048576"/> <constructor-arg value="0"/> <constructor-arg value="4"/> <constructor-arg value="0"/> <constructor-arg value="4"/> </bean> <bean id="string-decoder" class="org.jboss.netty.handler.codec.string.StringDecoder"/> </beans> The bean names can then be used in netty endpoint definitions either as a comma separated list or contained in a List e.g. from("direct:multiple-codec").to("netty:tcp://localhost:5150?encoders=#encoders&sync=false"); from("netty:tcp://localhost:5150?decoders=#length-decoder,#string-decoder&sync=false").to("mock:multiple-codec"); } }; } } or via spring. <camelContext id="multiple-netty-codecs-context" xmlns="http://camel.apache.org/schema/spring"> <route> <from uri="direct:multiple-codec"/> <to uri="netty:tcp://localhost:5150?encoders=#encoders&sync=false"/> </route> <route> <from uri="netty:tcp://localhost:5150?decoders=#length-decoder,#string-decoder&sync=false"/> <to uri="mock:multiple-codec"/> </route> </camelContext> Closing Channel When CompleteWhen acting as a server you sometimes want to close the channel when, for example, a client conversion is finished. However you can also instruct Camel on a per message basis as follows. from("netty:tcp://localhost:8080").process(new Processor() { public void process(Exchange exchange) throws Exception { String body = exchange.getIn().getBody(String.class); exchange.getOut().setBody("Bye " + body); // some condition which determines if we should close if (close) { exchange.getOut().setHeader(NettyConstants.NETTY_CLOSE_CHANNEL_WHEN_COMPLETE, true); } } }); See Also
Change Notification Preferences
View Online
|
View Changes
|
Add Comment
|
- [CONF] Apache Camel > Shiro Security confluence
- [CONF] Apache Camel > Shiro Security confluence
- [CONF] Apache Camel > Shiro Security confluence
- [CONF] Apache Camel > Shiro Security confluence