You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@camel.apache.org by dvsridhar <da...@cgifederal.com> on 2012/04/04 04:57:19 UTC
Camel Restful services security
Hi,
We are trying to understand the possible security options for Camel REST Ful
services. Since Camel uses CXF, is it accurate to assume that what ever CXF
JAXRS supports
(http://cxf.apache.org/docs/secure-jax-rs-services.html#SecureJAX-RSServices-Authorization)
that's what Camel offers. Does Camel provide any other additional security
mechanisms to secure restful services end points.
As part of this page (http://camel.apache.org/security.html) camel supports
various security mechanism. Which are all options apply for Camel Restful
services?
Do we have any documentation around this topic (role camel in securing
restful services).
I appreciate all your help.
Thanks,
Sridhar
--
View this message in context: http://camel.465427.n5.nabble.com/Camel-Restful-services-security-tp5616832p5616832.html
Sent from the Camel - Users mailing list archive at Nabble.com.
Re: Camel Restful services security
Posted by Sergey Beryozkin <sb...@gmail.com>.
On 04/04/12 17:49, dvsridhar wrote:
> Willem,
> Thank you very much for you response.
>
> Can we use Shiro security for cxfrs based restful services. From the
> following link
> (http://cxf.apache.org/docs/secure-jax-rs-services.html#SecureJAX-RSServices-Authorization)
> i can see CXF security is primarily based on Spring Security.
>
It is not, using Spring Security is one way to enforce the
authentication & authorization requirements of the individual CXF
endpoints, CXF ships few other utility interceptors for making it easy
to manage this security aspect of web services...
Sergey
>> Yes, you can leverage the security feature of CXF RS service in Camel.
>> If you want to some addition work on the route, you may need take the
>> security context from the camel-cxfrs endpoint,
>> and pass it to the other camel endpoint that you may want to interact
>> with other camel-security components.
>
> Do you have any example link that can show your suggestion..
>
> Thanks,
> Sridhar
>
> --
> View this message in context: http://camel.465427.n5.nabble.com/Camel-Restful-services-security-tp5616832p5617988.html
> Sent from the Camel - Users mailing list archive at Nabble.com.
--
Sergey Beryozkin
Talend Community Coders
http://coders.talend.com/
Blog: http://sberyozkin.blogspot.com
Re: Camel Restful services security
Posted by Willem Jiang <wi...@gmail.com>.
On 4/4/12 10:49 PM, dvsridhar wrote:
> Willem,
> Thank you very much for you response.
>
> Can we use Shiro security for cxfrs based restful services. From the
> following link
> (http://cxf.apache.org/docs/secure-jax-rs-services.html#SecureJAX-RSServices-Authorization)
> i can see CXF security is primarily based on Spring Security.
>
>> Yes, you can leverage the security feature of CXF RS service in Camel.
>> If you want to some addition work on the route, you may need take the
>> security context from the camel-cxfrs endpoint,
>> and pass it to the other camel endpoint that you may want to interact
>> with other camel-security components.
>
> Do you have any example link that can show your suggestion..
camel-spring-secuirty is leveraging the camel policy to check the
security context of spring.
You can find the example here[1]
[1]http://camel.apache.org/spring-security-example.html
>
> Thanks,
> Sridhar
>
> --
> View this message in context: http://camel.465427.n5.nabble.com/Camel-Restful-services-security-tp5616832p5617988.html
> Sent from the Camel - Users mailing list archive at Nabble.com.
> .
>
--
Willem
----------------------------------
FuseSource
Web: http://www.fusesource.com
Blog: http://willemjiang.blogspot.com (English)
http://jnn.javaeye.com (Chinese)
Twitter: willemjiang
Weibo: willemjiang
Re: Camel Restful services security
Posted by dvsridhar <da...@cgifederal.com>.
Willem,
Thank you very much for you response.
Can we use Shiro security for cxfrs based restful services. From the
following link
(http://cxf.apache.org/docs/secure-jax-rs-services.html#SecureJAX-RSServices-Authorization)
i can see CXF security is primarily based on Spring Security.
> Yes, you can leverage the security feature of CXF RS service in Camel.
> If you want to some addition work on the route, you may need take the
> security context from the camel-cxfrs endpoint,
> and pass it to the other camel endpoint that you may want to interact
> with other camel-security components.
Do you have any example link that can show your suggestion..
Thanks,
Sridhar
--
View this message in context: http://camel.465427.n5.nabble.com/Camel-Restful-services-security-tp5616832p5617988.html
Sent from the Camel - Users mailing list archive at Nabble.com.
Re: Camel Restful services security
Posted by Willem Jiang <wi...@gmail.com>.
Hi,
Yes, you can leverage the security feature of CXF RS service in Camel.
If you want to some addition work on the route, you may need take the
security context from the camel-cxfrs endpoint,
and pass it to the other camel endpoint that you may want to interact
with other camel-security components.
On Wed Apr 4 10:57:19 2012, dvsridhar wrote:
> Hi,
>
> We are trying to understand the possible security options for Camel REST Ful
> services. Since Camel uses CXF, is it accurate to assume that what ever CXF
> JAXRS supports
> (http://cxf.apache.org/docs/secure-jax-rs-services.html#SecureJAX-RSServices-Authorization)
> that's what Camel offers. Does Camel provide any other additional security
> mechanisms to secure restful services end points.
>
> As part of this page (http://camel.apache.org/security.html) camel supports
> various security mechanism. Which are all options apply for Camel Restful
> services?
>
> Do we have any documentation around this topic (role camel in securing
> restful services).
>
> I appreciate all your help.
>
> Thanks,
> Sridhar
>
>
> --
> View this message in context: http://camel.465427.n5.nabble.com/Camel-Restful-services-security-tp5616832p5616832.html
> Sent from the Camel - Users mailing list archive at Nabble.com.
>
--
Willem
----------------------------------
FuseSource
Web: http://www.fusesource.com
Blog: http://willemjiang.blogspot.com (English)
http://jnn.javaeye.com (Chinese)
Twitter: willemjiang
Weibo: willemjiang
Re: Camel Restful services security
Posted by dvsridhar <da...@cgifederal.com>.
Sergey,
Thank you very much to for your reply.
> Camel has plenty of HTTP-centric components so please review which one
> fits most for your project and then proceed from there, example, if it
> is a cxfrs one then the CXF based docs will help, restlets - check their
> docs, jetty - the jetty ones, etc
We are leaning to towards CXFRS just stay compliant to JAX-RS standards (it
can also support webservices) . Restlets are good but i read some where it
needs native annotations and *coming to jetty I am not sure how best i could
use that for restful services*.
I found the following link for restful services using jetty
(http://www.andrejkoelewijn.com/wp/2010/06/13/a-composite-rest-service-using-camel/).
I think the latest camel-cxfrs component provides much more cleaner
integration.
Can you think of any other use case where jetty can be used effectively in
the context of restful services?
Thanks,
Sridhar
--
View this message in context: http://camel.465427.n5.nabble.com/Camel-Restful-services-security-tp5616832p5617964.html
Sent from the Camel - Users mailing list archive at Nabble.com.
Re: Camel Restful services security
Posted by Sergey Beryozkin <sb...@gmail.com>.
Hi
On 04/04/12 05:57, dvsridhar wrote:
> Hi,
>
> We are trying to understand the possible security options for Camel REST Ful
> services. Since Camel uses CXF, is it accurate to assume that what ever CXF
> JAXRS supports
> (http://cxf.apache.org/docs/secure-jax-rs-services.html#SecureJAX-RSServices-Authorization)
> that's what Camel offers. Does Camel provide any other additional security
> mechanisms to secure restful services end points.
>
This documentation you linked to applies to cxfrs component only,
> As part of this page (http://camel.apache.org/security.html) camel supports
> various security mechanism. Which are all options apply for Camel Restful
> services?
>
> Do we have any documentation around this topic (role camel in securing
> restful services).
>
Camel has plenty of HTTP-centric components so please review which one
fits most for your project and then proceed from there, example, if it
is a cxfrs one then the CXF based docs will help, restlets - check their
docs, jetty - the jetty ones, etc
HTH, Sergey
> I appreciate all your help.
>
> Thanks,
> Sridhar
>
>
> --
> View this message in context: http://camel.465427.n5.nabble.com/Camel-Restful-services-security-tp5616832p5616832.html
> Sent from the Camel - Users mailing list archive at Nabble.com.
--
Sergey Beryozkin
Talend Community Coders
http://coders.talend.com/
Blog: http://sberyozkin.blogspot.com