You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@camel.apache.org by ac...@apache.org on 2020/04/12 19:39:47 UTC
[camel] branch master updated: Added Blueprint examples for SSL and
basic auth
This is an automated email from the ASF dual-hosted git repository.
acosentino pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/camel.git
The following commit(s) were added to refs/heads/master by this push:
new 9174a79 Added Blueprint examples for SSL and basic auth
new b74c720 Merge pull request #3735 from catshout/patch-1
9174a79 is described below
commit 9174a797dfee1b843bc8b69534a1998facb53a11
Author: catshout <ca...@mailbox.org>
AuthorDate: Sun Apr 12 18:49:16 2020 +0200
Added Blueprint examples for SSL and basic auth
I've added 2 dedicated examples for a Blueprint XML definition of
1. SSL context parameters
2. Security parameters for basic authentication
---
.../camel-jetty/src/main/docs/jetty-component.adoc | 98 ++++++++++++++++++++++
1 file changed, 98 insertions(+)
diff --git a/components/camel-jetty/src/main/docs/jetty-component.adoc b/components/camel-jetty/src/main/docs/jetty-component.adoc
index 430af4f..701788f 100644
--- a/components/camel-jetty/src/main/docs/jetty-component.adoc
+++ b/components/camel-jetty/src/main/docs/jetty-component.adoc
@@ -312,6 +312,39 @@ Spring DSL based configuration of endpoint
<to uri="jetty:https://127.0.0.1/mail/?sslContextParameters=#sslContextParameters"/>
----
+[[HTTP-Blueprintbasedconfigurationofendpoint]]
+Blueprint based configuration of endpoint
+
+Global configuration of sslContextParameters in a dedicated Blueprint XML file
+
+[source,xml]
+----
+<blueprint xmlns="http://www.osgi.org/xmlns/blueprint/v1.0.0"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="http://www.osgi.org/xmlns/blueprint/v1.0.0 https://www.osgi.org/xmlns/blueprint/v1.0.0/blueprint.xsd">
+
+ <sslContextParameters id="sslContextParameters" xmlns="http://camel.apache.org/schema/blueprint">
+ <keyManagers keyPassword="keyPassword">
+ <keyStore resource="etc/keystore.p12" password="keystorePassword"/>
+ </keyManagers>
+ </sslContextParameters>
+
+ <service ref="sslContextParameters" auto-export="all-classes"/>
+</blueprint>
+----
+
+Use of the global configuration in other Blueprint XML files with route definitions
+
+[source,xml]
+----
+...
+<reference id="sslContextParameters" interface="org.apache.camel.support.jsse.SSLContextParameters" ext:proxy-method="classes" />
+
+ <camelContext xmlns="http://camel.apache.org/schema/blueprint">
+ <route id="WEBISP001">
+ <from uri="jetty:https://0.0.0.0/path?sslContextParameters=#sslContextParameters"/>
+...
+----
[[Jetty-ConfiguringJettyDirectly]]
Configuring Jetty Directly
@@ -565,6 +598,71 @@ from("jetty:http://0.0.0.0:9080/myservice?handlers=securityHandler")
If you need more handlers, set the `handlers` option equal to a
comma-separated list of bean IDs.
+Blueprint based definition of basic authentication (based on Jetty 9):
+
+[source,xml]
+----
+<blueprint xmlns="http://www.osgi.org/xmlns/blueprint/v1.0.0"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="http://www.osgi.org/xmlns/blueprint/v1.0.0 https://www.osgi.org/xmlns/blueprint/v1.0.0/blueprint.xsd"
+ xmlns:ext="http://aries.apache.org/blueprint/xmlns/blueprint-ext/v1.0.0">
+
+ <bean id="constraint" class="org.eclipse.jetty.util.security.Constraint">
+ <property name="name" value="BASIC"/>
+ <property name="authenticate" value="true"/>
+ <property name="roles">
+ <list>
+ <value>rolename1</value>
+ </list>
+ </property>
+ </bean>
+
+ <bean id="constraintMapping" class="org.eclipse.jetty.security.ConstraintMapping">
+ <property name="constraint" ref="constraint"/>
+ <property name="pathSpec" value="/path"/>
+ </bean>
+
+ <bean id="securityHandler" class="org.eclipse.jetty.security.ConstraintSecurityHandler">
+ <property name="loginService">
+ <bean class="org.eclipse.jetty.security.HashLoginService">
+ <property name="config" value="/opt/apache-karaf/etc/roles.properties"/>
+ <property name="hotReload" value="true"/>
+ </bean>
+ </property>
+ <property name="authenticator">
+ <bean class="org.eclipse.jetty.security.authentication.BasicAuthenticator"/>
+ </property>
+ <property name="constraintMappings">
+ <list>
+ <ref component-id="constraintMapping"/>
+ </list>
+ </property>
+ </bean>
+
+ <camelContext xmlns="http://camel.apache.org/schema/blueprint">
+
+ <route>
+ <from uri="jetty:http://0.0.0.0/path?handlers=securityHandler"/>
+...
+----
+
+The roles.properties files contains
+
+[source,text]
+----
+username1=password1,rolename1
+username2=password2,rolename1
+----
+
+This file is located in the etc folder and will be reloaded when changed. The endpoint
+
+[source,text]
+----
+http://0.0.0.0/path
+----
+
+is now secured with basic authentication, only username1 with password1 and username2 with password2 are able to access the endpoint.
+
== How to return a custom HTTP 500 reply message
You may want to return a custom reply message when something goes wrong,