You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@camel.apache.org by ac...@apache.org on 2020/04/12 19:39:47 UTC

[camel] branch master updated: Added Blueprint examples for SSL and basic auth

This is an automated email from the ASF dual-hosted git repository.

acosentino pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/camel.git


The following commit(s) were added to refs/heads/master by this push:
     new 9174a79  Added Blueprint examples for SSL and basic auth
     new b74c720  Merge pull request #3735 from catshout/patch-1
9174a79 is described below

commit 9174a797dfee1b843bc8b69534a1998facb53a11
Author: catshout <ca...@mailbox.org>
AuthorDate: Sun Apr 12 18:49:16 2020 +0200

    Added Blueprint examples for SSL and basic auth
    
    I've added 2 dedicated examples for a Blueprint XML definition of
    
    1. SSL context parameters
    2. Security parameters for basic authentication
---
 .../camel-jetty/src/main/docs/jetty-component.adoc | 98 ++++++++++++++++++++++
 1 file changed, 98 insertions(+)

diff --git a/components/camel-jetty/src/main/docs/jetty-component.adoc b/components/camel-jetty/src/main/docs/jetty-component.adoc
index 430af4f..701788f 100644
--- a/components/camel-jetty/src/main/docs/jetty-component.adoc
+++ b/components/camel-jetty/src/main/docs/jetty-component.adoc
@@ -312,6 +312,39 @@ Spring DSL based configuration of endpoint
   <to uri="jetty:https://127.0.0.1/mail/?sslContextParameters=#sslContextParameters"/>
 
 ----
+[[HTTP-Blueprintbasedconfigurationofendpoint]]
+Blueprint based configuration of endpoint
+
+Global configuration of sslContextParameters in a dedicated Blueprint XML file
+
+[source,xml]
+----
+<blueprint xmlns="http://www.osgi.org/xmlns/blueprint/v1.0.0"
+  xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+  xsi:schemaLocation="http://www.osgi.org/xmlns/blueprint/v1.0.0 https://www.osgi.org/xmlns/blueprint/v1.0.0/blueprint.xsd">
+
+  <sslContextParameters id="sslContextParameters" xmlns="http://camel.apache.org/schema/blueprint">
+    <keyManagers keyPassword="keyPassword">
+      <keyStore resource="etc/keystore.p12" password="keystorePassword"/>
+      </keyManagers>
+  </sslContextParameters>
+
+  <service ref="sslContextParameters" auto-export="all-classes"/>
+</blueprint>
+----
+
+Use of the global configuration in other Blueprint XML files with route definitions
+
+[source,xml]
+----
+...
+<reference id="sslContextParameters" interface="org.apache.camel.support.jsse.SSLContextParameters" ext:proxy-method="classes" />
+
+  <camelContext xmlns="http://camel.apache.org/schema/blueprint">
+    <route id="WEBISP001">
+     <from uri="jetty:https://0.0.0.0/path?sslContextParameters=#sslContextParameters"/>
+...
+----
 
 [[Jetty-ConfiguringJettyDirectly]]
 Configuring Jetty Directly
@@ -565,6 +598,71 @@ from("jetty:http://0.0.0.0:9080/myservice?handlers=securityHandler")
 If you need more handlers, set the `handlers` option equal to a
 comma-separated list of bean IDs.
 
+Blueprint based definition of basic authentication (based on Jetty 9):
+
+[source,xml]
+----
+<blueprint xmlns="http://www.osgi.org/xmlns/blueprint/v1.0.0"
+  xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+  xsi:schemaLocation="http://www.osgi.org/xmlns/blueprint/v1.0.0 https://www.osgi.org/xmlns/blueprint/v1.0.0/blueprint.xsd"
+  xmlns:ext="http://aries.apache.org/blueprint/xmlns/blueprint-ext/v1.0.0">
+
+  <bean id="constraint" class="org.eclipse.jetty.util.security.Constraint">
+    <property name="name" value="BASIC"/>
+    <property name="authenticate" value="true"/>
+      <property name="roles">
+        <list>
+          <value>rolename1</value>
+        </list>
+      </property>
+  </bean>
+
+  <bean id="constraintMapping" class="org.eclipse.jetty.security.ConstraintMapping">
+    <property name="constraint" ref="constraint"/>
+    <property name="pathSpec" value="/path"/>
+  </bean>
+
+  <bean id="securityHandler" class="org.eclipse.jetty.security.ConstraintSecurityHandler">
+    <property name="loginService">
+      <bean class="org.eclipse.jetty.security.HashLoginService">
+        <property name="config" value="/opt/apache-karaf/etc/roles.properties"/>
+        <property name="hotReload" value="true"/>
+      </bean>
+    </property>
+    <property name="authenticator">
+      <bean class="org.eclipse.jetty.security.authentication.BasicAuthenticator"/>
+    </property>
+    <property name="constraintMappings">
+      <list>
+        <ref component-id="constraintMapping"/>
+      </list>
+    </property>
+  </bean>
+  
+  <camelContext xmlns="http://camel.apache.org/schema/blueprint">
+
+    <route>
+      <from uri="jetty:http://0.0.0.0/path?handlers=securityHandler"/>
+...
+----
+
+The roles.properties files contains
+
+[source,text]
+----
+username1=password1,rolename1
+username2=password2,rolename1
+----
+
+This file is located in the etc folder and will be reloaded when changed. The endpoint
+
+[source,text]
+----
+http://0.0.0.0/path
+----
+
+is now secured with basic authentication, only username1 with password1 and username2 with password2 are able to access the endpoint.
+
 == How to return a custom HTTP 500 reply message
 
 You may want to return a custom reply message when something goes wrong,