You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@camel.apache.org by Claus Ibsen <cl...@gmail.com> on 2013/03/25 17:03:20 UTC

[HEADS UP] - Configuring passwords in Camel endpoints is now easier with new RAW syntax

Hi

Configuring passwords directly in the Camel endpoint uris can be a bit
more tricky if the password contains signs such as + & or other
symbols.

As those symbols would be URI decimal encoded.

So inspired by our camel-jasypt component
http://camel.apache.org/jasypt

Which allows to use an ENC(secret stuff here) syntax to encrypt some
content in the uris, eg also for passwords etc.

We now have a new RAW(value) syntax as well for endpoint URI options.

So if you have the password
se+re?t&23

Then you can tell Camel to use the value as is as shown below:
.to("ftp:joe@myftpserver.com?password=RAW(se+re?t&23)&binary=true"

You can see more details here:
https://cwiki.apache.org/confluence/display/CAMEL/How+do+I+configure+endpoints


I wanted to use the same syntax as we already use, eg for
camel-jasypt, and hence went for RAW(value).
And I didn't want to introduce a syntax that was to similar to
property placeholders, using some kind of [[ ]] tokens.  And hence
settled for RAW(value).

All the tests passes with this change.
And there is also a new ftp unit test where we use a password that
would fail in earlier Camel releases.

And it should be possible to backport the change to Camel 2.10 branch,
if the community thinks its a good idea. Which it could be as this is
already a problem for people today to set their passwords in Camel
2.10, eg as reported here:
https://issues.apache.org/jira/browse/CAMEL-6176

For now the commit is on trunk for the upcoming Camel 2.11 release.



-- 
Claus Ibsen
-----------------
Red Hat, Inc.
FuseSource is now part of Red Hat
Email: cibsen@redhat.com
Web: http://fusesource.com
Twitter: davsclaus
Blog: http://davsclaus.com
Author of Camel in Action: http://www.manning.com/ibsen

Re: [HEADS UP] - Configuring passwords in Camel endpoints is now easier with new RAW syntax

Posted by Claus Ibsen <cl...@gmail.com>.

On Mon, Mar 25, 2013 at 6:13 PM, Donald Whytock <dw...@gmail.com> wrote:
> In addition to passwords, can it be used in the name portion of the
> address?  There were issues with the FTP and email components where
> the user name the host was expecting had an "@" in it, as in
> blah@host.com was actually expected as the name, with the whole
> address being blah@host.com@host.com.  The URI class parser doesn't
> like that.
>
> So, would RAW(blah@host.com)@host.com work?
>
> Don

The @ in the name portion has been fixed recently.

No the RAW(value) is currently only for uri parameters. I didn't want
at first to "risk" side-effects if it was parsing the entire URI.

In the future we may want to expand on this and allow the RAW anywhere
in the URI. But for now people have most problems with URI parameters.

-- 
Claus Ibsen
-----------------
Red Hat, Inc.
FuseSource is now part of Red Hat
Email: cibsen@redhat.com
Web: http://fusesource.com
Twitter: davsclaus
Blog: http://davsclaus.com
Author of Camel in Action: http://www.manning.com/ibsen

Re: [HEADS UP] - Configuring passwords in Camel endpoints is now easier with new RAW syntax

Posted by Donald Whytock <dw...@gmail.com>.

Claus says the issue is fixed now, but there was a workaround before,
at least in Java...you could fetch the config object from the endpoint
and set username and password directly before using the endpoint.  Of
course, that doesn't help you in XML.

Don

On Mon, Mar 25, 2013 at 2:14 PM, Daniel Gredler
<dg...@dhlglobalmail.com> wrote:
> This would be nice! We ran into this exact scenario about a year ago; a
> data center wanted us to use their FTP proxy server by specifying
> user@host.com as the FTP username, which results in an endpoint URL that
> looks like user@host.com@proxyhost. In the end they just had to make an
> exception for our application and punch a small hole in their
> firewall...
>
>
> -----Original Message-----
> From: Donald Whytock [mailto:dwhytock@gmail.com]
> Sent: Monday, March 25, 2013 1:14 PM
> To: dev@camel.apache.org
> Subject: Re: [HEADS UP] - Configuring passwords in Camel endpoints is
> now easier with new RAW syntax
>
> In addition to passwords, can it be used in the name portion of the
> address?  There were issues with the FTP and email components where the
> user name the host was expecting had an "@" in it, as in blah@host.com
> was actually expected as the name, with the whole address being
> blah@host.com@host.com.  The URI class parser doesn't like that.
>
> So, would RAW(blah@host.com)@host.com work?
>
> Don

RE: [HEADS UP] - Configuring passwords in Camel endpoints is now easier with new RAW syntax

Posted by Daniel Gredler <dg...@dhlglobalmail.com>.

This would be nice! We ran into this exact scenario about a year ago; a
data center wanted us to use their FTP proxy server by specifying
user@host.com as the FTP username, which results in an endpoint URL that
looks like user@host.com@proxyhost. In the end they just had to make an
exception for our application and punch a small hole in their
firewall...


-----Original Message-----
From: Donald Whytock [mailto:dwhytock@gmail.com] 
Sent: Monday, March 25, 2013 1:14 PM
To: dev@camel.apache.org
Subject: Re: [HEADS UP] - Configuring passwords in Camel endpoints is
now easier with new RAW syntax

In addition to passwords, can it be used in the name portion of the
address?  There were issues with the FTP and email components where the
user name the host was expecting had an "@" in it, as in blah@host.com
was actually expected as the name, with the whole address being
blah@host.com@host.com.  The URI class parser doesn't like that.

So, would RAW(blah@host.com)@host.com work?

Don

Re: [HEADS UP] - Configuring passwords in Camel endpoints is now easier with new RAW syntax

Posted by Donald Whytock <dw...@gmail.com>.

In addition to passwords, can it be used in the name portion of the
address?  There were issues with the FTP and email components where
the user name the host was expecting had an "@" in it, as in
blah@host.com was actually expected as the name, with the whole
address being blah@host.com@host.com.  The URI class parser doesn't
like that.

So, would RAW(blah@host.com)@host.com work?

Don

Re: [HEADS UP] - Configuring passwords in Camel endpoints is now easier with new RAW syntax

Posted by Claus Ibsen <cl...@gmail.com>.

On Mon, Mar 25, 2013 at 5:20 PM, Raul Kripalani <ra...@evosent.com> wrote:
> Sounds good and much simpler to read than yet another bracket-y expression.
> Great addition!
>
> Just being persnickety, is it possible to escape RAW() itself? That is,
> would "RAW(RAW())" evaluate to "RAW()"?
>

Well if we didn't have the existing syntax from camel-jasypt with
ENC(stuff here).
Then we would have a bit more free hands. But we can still change it,
but I kinda like it to be similar/consistent.

The parsing is easier if we have a known start and end token. And the
tokens should be unique so they do not clash with a value an end user
would normally use. So opted for RAW(.

Currently the code does not allow escaping itself. Not sure if there
is such a use-case where people want to configure an option on an
endpoint with a value of RAW() or RAW(abc) or what ever.

We could allow escaping but it would just complicate the parsing
process a little bit more, as it would need to detect the escaped
start token. And be able to pair the end tokens etc.

Again, is there really an real life use-case where people want to
configure a value of RAW(stuff) as the value as_is ?

Though I wonder if we should have a different end token that was more
unique than an ) sign. That makes the parsing easier as well, as ) can
be common to use. eg today we detect the end token as a ) sign
followed by a & sign to denote a new parameter. Or if we reached the
end of the line.

There could potential be a situation where you have a password that is
++secre)&123

Which you configure as:
password=RAW(++secre)&123)&binary=true

Now we have 2 end tokens, eg at
e)&1
3)&b

So we would need to improve the parser, to know that the end token, is
the last )& before a new parameter key is given with eg binary=true.

Using a more unique end token fixes this caveat. We could have
RAW(value)RAW, eg so it would be
password=RAW(++secre)&123)RAW&binary=true

Though not sure if its so "nice".

Any thoughts?

> Thanks,
>
> *Raúl Kripalani*
> Enterprise Architect, Open Source Integration specialist, Program
> Manager | Apache
> Camel Committer
> http://about.me/raulkripalani | http://www.linkedin.com/in/raulkripalani
> http://blog.raulkr.net | twitter: @raulvk
>
> On Mon, Mar 25, 2013 at 4:03 PM, Claus Ibsen <cl...@gmail.com> wrote:
>
>> Hi
>>
>> Configuring passwords directly in the Camel endpoint uris can be a bit
>> more tricky if the password contains signs such as + & or other
>> symbols.
>>
>> As those symbols would be URI decimal encoded.
>>
>> So inspired by our camel-jasypt component
>> http://camel.apache.org/jasypt
>>
>> Which allows to use an ENC(secret stuff here) syntax to encrypt some
>> content in the uris, eg also for passwords etc.
>>
>> We now have a new RAW(value) syntax as well for endpoint URI options.
>>
>> So if you have the password
>> se+re?t&23
>>
>> Then you can tell Camel to use the value as is as shown below:
>> .to("ftp:joe@myftpserver.com?password=RAW(se+re?t&23)&binary=true"
>>
>> You can see more details here:
>>
>> https://cwiki.apache.org/confluence/display/CAMEL/How+do+I+configure+endpoints
>>
>>
>> I wanted to use the same syntax as we already use, eg for
>> camel-jasypt, and hence went for RAW(value).
>> And I didn't want to introduce a syntax that was to similar to
>> property placeholders, using some kind of [[ ]] tokens.  And hence
>> settled for RAW(value).
>>
>> All the tests passes with this change.
>> And there is also a new ftp unit test where we use a password that
>> would fail in earlier Camel releases.
>>
>> And it should be possible to backport the change to Camel 2.10 branch,
>> if the community thinks its a good idea. Which it could be as this is
>> already a problem for people today to set their passwords in Camel
>> 2.10, eg as reported here:
>> https://issues.apache.org/jira/browse/CAMEL-6176
>>
>> For now the commit is on trunk for the upcoming Camel 2.11 release.
>>
>>
>>
>> --
>> Claus Ibsen
>> -----------------
>> Red Hat, Inc.
>> FuseSource is now part of Red Hat
>> Email: cibsen@redhat.com
>> Web: http://fusesource.com
>> Twitter: davsclaus
>> Blog: http://davsclaus.com
>> Author of Camel in Action: http://www.manning.com/ibsen
>>

-- 
Claus Ibsen
-----------------
Red Hat, Inc.
FuseSource is now part of Red Hat
Email: cibsen@redhat.com
Web: http://fusesource.com
Twitter: davsclaus
Blog: http://davsclaus.com
Author of Camel in Action: http://www.manning.com/ibsen

Re: [HEADS UP] - Configuring passwords in Camel endpoints is now easier with new RAW syntax

Posted by Raul Kripalani <ra...@evosent.com>.

Sounds good and much simpler to read than yet another bracket-y expression.
Great addition!

Just being persnickety, is it possible to escape RAW() itself? That is,
would "RAW(RAW())" evaluate to "RAW()"?

Thanks,

*Raúl Kripalani*
Enterprise Architect, Open Source Integration specialist, Program
Manager | Apache
Camel Committer
http://about.me/raulkripalani | http://www.linkedin.com/in/raulkripalani
http://blog.raulkr.net | twitter: @raulvk

On Mon, Mar 25, 2013 at 4:03 PM, Claus Ibsen <cl...@gmail.com> wrote:

> Hi
>
> Configuring passwords directly in the Camel endpoint uris can be a bit
> more tricky if the password contains signs such as + & or other
> symbols.
>
> As those symbols would be URI decimal encoded.
>
> So inspired by our camel-jasypt component
> http://camel.apache.org/jasypt
>
> Which allows to use an ENC(secret stuff here) syntax to encrypt some
> content in the uris, eg also for passwords etc.
>
> We now have a new RAW(value) syntax as well for endpoint URI options.
>
> So if you have the password
> se+re?t&23
>
> Then you can tell Camel to use the value as is as shown below:
> .to("ftp:joe@myftpserver.com?password=RAW(se+re?t&23)&binary=true"
>
> You can see more details here:
>
> https://cwiki.apache.org/confluence/display/CAMEL/How+do+I+configure+endpoints
>
>
> I wanted to use the same syntax as we already use, eg for
> camel-jasypt, and hence went for RAW(value).
> And I didn't want to introduce a syntax that was to similar to
> property placeholders, using some kind of [[ ]] tokens.  And hence
> settled for RAW(value).
>
> All the tests passes with this change.
> And there is also a new ftp unit test where we use a password that
> would fail in earlier Camel releases.
>
> And it should be possible to backport the change to Camel 2.10 branch,
> if the community thinks its a good idea. Which it could be as this is
> already a problem for people today to set their passwords in Camel
> 2.10, eg as reported here:
> https://issues.apache.org/jira/browse/CAMEL-6176
>
> For now the commit is on trunk for the upcoming Camel 2.11 release.
>
>
>
> --
> Claus Ibsen
> -----------------
> Red Hat, Inc.
> FuseSource is now part of Red Hat
> Email: cibsen@redhat.com
> Web: http://fusesource.com
> Twitter: davsclaus
> Blog: http://davsclaus.com
> Author of Camel in Action: http://www.manning.com/ibsen
>

Re: [HEADS UP] - Configuring passwords in Camel endpoints is now easier with new RAW syntax

Posted by Willem Jiang <wi...@gmail.com>.

Camel doesn’t check the options which are not used setup the http endpoint, can you just set the option without encoding?

--  
Willem Jiang

Red Hat, Inc.
Web: http://www.redhat.com
Blog: http://willemjiang.blogspot.com (English)
http://jnn.iteye.com (Chinese)
Twitter: willemjiang  
Weibo: 姜宁willem



On June 10, 2015 at 1:35:06 PM, thomas.eapen@yahoo.co.in (thomas.eapen@yahoo.co.in) wrote:
> I am using camel 2.14.
>  
>  
> http://someurl?q=*:*&facet=true&facet.query={!key=%22[*%20TO%20NOW-30]%22}dt_created:[*%20TO%20NOW-30DAY]&facet.query={!key=%22[NOW-30DAY%20TO%20NOW-15DAY]%22}dt_created:[NOW-30DAY%20TO%20NOW-15DAY]&facet.query={!key=%22[NOW-15DAY%20TO%20NOW-7DAY]%22}dt_created:[NOW-15DAY%20TO%20NOW-7DAY]&facet.query={!key=%22[NOW-7DAY%20TO%20NOW-1DAY]%22}dt_created:[NOW-7DAY%20TO%20NOW-1DAY]&facet.query=RAW({!key=%22[NOW-1DAY%20TO%20NOW]%22}dt_created:[NOW-1DAY%20TO%20NOW+1DAY])&fq=nm_task_type:(OTM_QUERY  
> OR OTM_CLIENT_QUERY)&rows=0
>  
>  
> Camel Route firing above url:
>  
>  
>  
>  
> ${property[inputSearchParameter.url]}
>  
>  
>  
> RAW keyword is not getting removed.
> Is this a issue with the same key being repeated - facet.query?
>  
>  
>  
>  
>  
>  
>  
>  
> --
> View this message in context: http://camel.465427.n5.nabble.com/HEADS-UP-Configuring-passwords-in-Camel-endpoints-is-now-easier-with-new-RAW-syntax-tp5729782p5768040.html  
> Sent from the Camel Development mailing list archive at Nabble.com.
>

Re: [HEADS UP] - Configuring passwords in Camel endpoints is now easier with new RAW syntax

Posted by "thomas.eapen@yahoo.co.in" <th...@yahoo.co.in>.

I am using camel 2.14.


http://someurl?q=*:*&facet=true&facet.query={!key=%22[*%20TO%20NOW-30]%22}dt_created:[*%20TO%20NOW-30DAY]&facet.query={!key=%22[NOW-30DAY%20TO%20NOW-15DAY]%22}dt_created:[NOW-30DAY%20TO%20NOW-15DAY]&facet.query={!key=%22[NOW-15DAY%20TO%20NOW-7DAY]%22}dt_created:[NOW-15DAY%20TO%20NOW-7DAY]&facet.query={!key=%22[NOW-7DAY%20TO%20NOW-1DAY]%22}dt_created:[NOW-7DAY%20TO%20NOW-1DAY]&facet.query=RAW({!key=%22[NOW-1DAY%20TO%20NOW]%22}dt_created:[NOW-1DAY%20TO%20NOW+1DAY])&fq=nm_task_type:(OTM_QUERY
OR OTM_CLIENT_QUERY)&rows=0


Camel Route firing above url:
<route id="httpexecutor">
			<from uri="direct:httpexecutor" />
			<process ref="httpPreprocessor" />
			<recipientList>
				<simple>${property[inputSearchParameter.url]}</simple>
			</recipientList>
</route>

RAW keyword is not getting removed.
Is this a issue with the same key being repeated - facet.query?








--
View this message in context: http://camel.465427.n5.nabble.com/HEADS-UP-Configuring-passwords-in-Camel-endpoints-is-now-easier-with-new-RAW-syntax-tp5729782p5768040.html
Sent from the Camel Development mailing list archive at Nabble.com.

Re: [HEADS UP] - Configuring passwords in Camel endpoints is now easier with new RAW syntax

Posted by Willem Jiang <wi...@gmail.com>.

Which version of Camel are you using now?


--  
Willem Jiang

Red Hat, Inc.
Web: http://www.redhat.com
Blog: http://willemjiang.blogspot.com (English)
http://jnn.iteye.com (Chinese)
Twitter: willemjiang  
Weibo: 姜宁willem



On June 9, 2015 at 3:31:59 AM, thomas.eapen@yahoo.co.in (thomas.eapen@yahoo.co.in) wrote:
> RAW does not work for recipientlist uri's.
> I am trying to hit a http endpoint via recipientlist and the url has a +
> symbol.
> If if i use RAW() it does not work
>  
>  
>  
> --
> View this message in context: http://camel.465427.n5.nabble.com/HEADS-UP-Configuring-passwords-in-Camel-endpoints-is-now-easier-with-new-RAW-syntax-tp5729782p5767989.html  
> Sent from the Camel Development mailing list archive at Nabble.com.
>

Re: [HEADS UP] - Configuring passwords in Camel endpoints is now easier with new RAW syntax

Posted by "thomas.eapen@yahoo.co.in" <th...@yahoo.co.in>.

RAW does not work for recipientlist uri's.
I am trying to hit a http endpoint via recipientlist and the url has a +
symbol.
If if i use RAW() it does not work



--
View this message in context: http://camel.465427.n5.nabble.com/HEADS-UP-Configuring-passwords-in-Camel-endpoints-is-now-easier-with-new-RAW-syntax-tp5729782p5767989.html
Sent from the Camel Development mailing list archive at Nabble.com.

Re: [HEADS UP] - Configuring passwords in Camel endpoints is now easier with new RAW syntax

Posted by Charles Moulliard <ch...@gmail.com>.

Amazing new feature !!


On Mon, Mar 25, 2013 at 5:03 PM, Claus Ibsen <cl...@gmail.com> wrote:

> Hi
>
> Configuring passwords directly in the Camel endpoint uris can be a bit
> more tricky if the password contains signs such as + & or other
> symbols.
>
> As those symbols would be URI decimal encoded.
>
> So inspired by our camel-jasypt component
> http://camel.apache.org/jasypt
>
> Which allows to use an ENC(secret stuff here) syntax to encrypt some
> content in the uris, eg also for passwords etc.
>
> We now have a new RAW(value) syntax as well for endpoint URI options.
>
> So if you have the password
> se+re?t&23
>
> Then you can tell Camel to use the value as is as shown below:
> .to("ftp:joe@myftpserver.com?password=RAW(se+re?t&23)&binary=true"
>
> You can see more details here:
>
> https://cwiki.apache.org/confluence/display/CAMEL/How+do+I+configure+endpoints
>
>
> I wanted to use the same syntax as we already use, eg for
> camel-jasypt, and hence went for RAW(value).
> And I didn't want to introduce a syntax that was to similar to
> property placeholders, using some kind of [[ ]] tokens.  And hence
> settled for RAW(value).
>
> All the tests passes with this change.
> And there is also a new ftp unit test where we use a password that
> would fail in earlier Camel releases.
>
> And it should be possible to backport the change to Camel 2.10 branch,
> if the community thinks its a good idea. Which it could be as this is
> already a problem for people today to set their passwords in Camel
> 2.10, eg as reported here:
> https://issues.apache.org/jira/browse/CAMEL-6176
>
> For now the commit is on trunk for the upcoming Camel 2.11 release.
>
>
>
> --
> Claus Ibsen
> -----------------
> Red Hat, Inc.
> FuseSource is now part of Red Hat
> Email: cibsen@redhat.com
> Web: http://fusesource.com
> Twitter: davsclaus
> Blog: http://davsclaus.com
> Author of Camel in Action: http://www.manning.com/ibsen
>



-- 
Charles Moulliard
Apache Committer / Sr. Enterprise Architect (RedHat)
Twitter : @cmoulliard | Blog : http://cmoulliard.blogspot.com