You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@camel.apache.org by bu...@apache.org on 2013/07/16 16:18:37 UTC
svn commit: r869690 - in /websites/production/camel/content:
cache/main.pageCache netty-http.html
Author: buildbot
Date: Tue Jul 16 14:18:37 2013
New Revision: 869690
Log:
Production update by buildbot for camel
Modified:
websites/production/camel/content/cache/main.pageCache
websites/production/camel/content/netty-http.html
Modified: websites/production/camel/content/cache/main.pageCache
==============================================================================
Binary files - no diff available.
Modified: websites/production/camel/content/netty-http.html
==============================================================================
--- websites/production/camel/content/netty-http.html (original)
+++ websites/production/camel/content/netty-http.html Tue Jul 16 14:18:37 2013
@@ -126,7 +126,13 @@ netty-http:http://localhost:8080[?option
Notice that some options from <a shape="rect" href="netty.html" title="Netty">Netty</a> is not applicable when using this <a shape="rect" href="netty-http.html" title="Netty HTTP">Netty HTTP</a> component, such as options related to UDP transport.</td></tr></table></div>
<div class="confluenceTableSmall"><div class="table-wrap">
-<table class="confluenceTable"><tbody><tr><th colspan="1" rowspan="1" class="confluenceTh"> Name </th><th colspan="1" rowspan="1" class="confluenceTh"> Default Value </th><th colspan="1" rowspan="1" class="confluenceTh"> Description </th></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"> <tt>chunked</tt> </td><td colspan="1" rowspan="1" class="confluenceTd"> <tt>true</tt> </td><td colspan="1" rowspan="1" class="confluenceTd"> Allow using chunked transfer if the client supports it from the HTTP headers. </td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"> <tt>compression</tt> </td><td colspan="1" rowspan="1" class="confluenceTd"> <tt>false</tt> </td><td colspan="1" rowspan="1" class="confluenceTd"> Allow using gzip/deflate for compression if the client supports it from the HTTP headers. </td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"> <tt>headerFilterStrategy</tt> </td><td colspan="1" rowspan="1" class="confluenceTd"> </td><td colspan="1" rowspa
n="1" class="confluenceTd"> To use a custom <tt>org.apache.camel.spi.HeaderFilterStrategy</tt> to filter headers. </td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"> <tt>httpMethodRestrict</tt> </td><td colspan="1" rowspan="1" class="confluenceTd"> </td><td colspan="1" rowspan="1" class="confluenceTd"> To disable HTTP methods on the Netty HTTP consumer. You can specify multiple separated by comma. </td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"> <tt>mapHeaders</tt> </td><td colspan="1" rowspan="1" class="confluenceTd"> <tt>true</tt> </td><td colspan="1" rowspan="1" class="confluenceTd"> If this option is enabled, then during binding from Netty to Camel <a shape="rect" href="message.html" title="Message">Message</a> then the headers will be mapped as well (eg added as header to the Camel <a shape="rect" href="message.html" title="Message">Message</a> as well). You can turn off this option to disable this. The headers can still be accessed from the <tt
>org.apache.camel.component.netty.http.NettyHttpMessage</tt> message with the method <tt>getHttpRequest()</tt> that returns the Netty HTTP request <tt>org.jboss.netty.handler.codec.http.HttpRequest</tt> instance. </td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"> <tt>matchOnUriPrefix</tt> </td><td colspan="1" rowspan="1" class="confluenceTd"> <tt>false</tt> </td><td colspan="1" rowspan="1" class="confluenceTd"> Whether or not Camel should try to find a target consumer by matching the URI prefix if no exact match is found. See further below for more details. </td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"> <tt>nettyHttpBinding</tt> </td><td colspan="1" rowspan="1" class="confluenceTd"> </td><td colspan="1" rowspan="1" class="confluenceTd"> To use a custom <tt>org.apache.camel.component.netty.http.NettyHttpBinding</tt> for binding to/from Netty and Camel Message API. </td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"> <tt>bridgeEndpoint</tt
> </td><td colspan="1" rowspan="1" class="confluenceTd"> <tt>false</tt> </td><td colspan="1" rowspan="1" class="confluenceTd"> If the option is <tt>true</tt>, the producer will ignore the <tt>Exchange.HTTP_URI</tt> header, and use the endpoint's URI for request. You may also set the <tt>throwExceptionOnFailure</tt> to be <tt>false</tt> to let the producer send all the fault response back. </td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"> <tt>throwExceptionOnFailure</tt> </td><td colspan="1" rowspan="1" class="confluenceTd"> <tt>true</tt> </td><td colspan="1" rowspan="1" class="confluenceTd"> Option to disable throwing the <tt>HttpOperationFailedException</tt> in case of failed responses from the remote server. This allows you to get all responses regardles of the HTTP status code. </td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"> <tt>traceEnabled</tt> </td><td colspan="1" rowspan="1" class="confluenceTd"> <tt>false</tt> </td><td colspan="1" rowspan="1" cl
ass="confluenceTd"> Specifies whether to enable HTTP TRACE for this Netty HTTP consumer. By default TRACE is turned off. </td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"> <tt>transferException</tt> </td><td colspan="1" rowspan="1" class="confluenceTd"> <tt>false</tt> </td><td colspan="1" rowspan="1" class="confluenceTd"> If enabled and an <a shape="rect" href="exchange.html" title="Exchange">Exchange</a> failed processing on the consumer side, and if the caused Exception was send back serialized in the response as a <tt>application/x-java-serialized-object</tt> content type. On the producer side the exception will be deserialized and thrown as is, instead of the <tt>HttpOperationFailedException</tt>. The caused exception is required to be serialized. </td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"> <tt>urlDecodeHeaders</tt> </td><td colspan="1" rowspan="1" class="confluenceTd"> <tt>true</tt> </td><td colspan="1" rowspan="1" class="confluenceTd"> If this
option is enabled, then during binding from Netty to Camel <a shape="rect" href="message.html" title="Message">Message</a> then the header values will be URL decoded (eg %20 will be a space character. Notice this option is used by the default <tt>org.apache.camel.component.netty.http.NettyHttpBinding</tt> and therefore if you implement a custom <tt>org.apache.camel.component.netty.http.NettyHttpBinding</tt> then you would need to decode the headers accordingly to this option. </td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"> <tt>nettySharedHttpServer</tt> </td><td colspan="1" rowspan="1" class="confluenceTd"> <tt>null</tt> </td><td colspan="1" rowspan="1" class="confluenceTd"> To use a shared <a shape="rect" href="netty-http.html" title="Netty HTTP">Netty HTTP</a> server. See <a shape="rect" href="netty-http-server-example.html" title="Netty HTTP Server Example">Netty HTTP Server Example</a> for more details. </td></tr><tr><td colspan="1" rowspan="1" class="confluenceT
d"> <tt>disableStreamCache</tt> </td><td colspan="1" rowspan="1" class="confluenceTd"> <tt>false</tt> </td><td colspan="1" rowspan="1" class="confluenceTd"> Determines whether or not the raw input stream from Netty <tt>HttpRequest#getContent()</tt> is cached or not (Camel will read the stream into a in light-weight memory based Stream caching) cache. By default Camel will cache the Netty input stream to support reading it multiple times to ensure it Camel can retrieve all data from the stream. However you can set this option to <tt>true</tt> when you for example need to access the raw stream, such as streaming it directly to a file or other persistent store. Mind that if you enable this option, then you cannot read the Netty stream multiple times out of the box, and you would need manually to reset the reader index on the Netty raw stream. </td></tr></tbody></table>
+<table class="confluenceTable"><tbody><tr><th colspan="1" rowspan="1" class="confluenceTh"> Name </th><th colspan="1" rowspan="1" class="confluenceTh"> Default Value </th><th colspan="1" rowspan="1" class="confluenceTh"> Description </th></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"> <tt>chunked</tt> </td><td colspan="1" rowspan="1" class="confluenceTd"> <tt>true</tt> </td><td colspan="1" rowspan="1" class="confluenceTd"> Allow using chunked transfer if the client supports it from the HTTP headers. </td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"> <tt>compression</tt> </td><td colspan="1" rowspan="1" class="confluenceTd"> <tt>false</tt> </td><td colspan="1" rowspan="1" class="confluenceTd"> Allow using gzip/deflate for compression if the client supports it from the HTTP headers. </td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"> <tt>headerFilterStrategy</tt> </td><td colspan="1" rowspan="1" class="confluenceTd"> </td><td colspan="1" rowspa
n="1" class="confluenceTd"> To use a custom <tt>org.apache.camel.spi.HeaderFilterStrategy</tt> to filter headers. </td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"> <tt>httpMethodRestrict</tt> </td><td colspan="1" rowspan="1" class="confluenceTd"> </td><td colspan="1" rowspan="1" class="confluenceTd"> To disable HTTP methods on the Netty HTTP consumer. You can specify multiple separated by comma. </td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"> <tt>mapHeaders</tt> </td><td colspan="1" rowspan="1" class="confluenceTd"> <tt>true</tt> </td><td colspan="1" rowspan="1" class="confluenceTd"> If this option is enabled, then during binding from Netty to Camel <a shape="rect" href="message.html" title="Message">Message</a> then the headers will be mapped as well (eg added as header to the Camel <a shape="rect" href="message.html" title="Message">Message</a> as well). You can turn off this option to disable this. The headers can still be accessed from the <tt
>org.apache.camel.component.netty.http.NettyHttpMessage</tt> message with the method <tt>getHttpRequest()</tt> that returns the Netty HTTP request <tt>org.jboss.netty.handler.codec.http.HttpRequest</tt> instance. </td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"> <tt>matchOnUriPrefix</tt> </td><td colspan="1" rowspan="1" class="confluenceTd"> <tt>false</tt> </td><td colspan="1" rowspan="1" class="confluenceTd"> Whether or not Camel should try to find a target consumer by matching the URI prefix if no exact match is found. See further below for more details. </td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"> <tt>nettyHttpBinding</tt> </td><td colspan="1" rowspan="1" class="confluenceTd"> </td><td colspan="1" rowspan="1" class="confluenceTd"> To use a custom <tt>org.apache.camel.component.netty.http.NettyHttpBinding</tt> for binding to/from Netty and Camel Message API. </td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"> <tt>bridgeEndpoint</tt
> </td><td colspan="1" rowspan="1" class="confluenceTd"> <tt>false</tt> </td><td colspan="1" rowspan="1" class="confluenceTd"> If the option is <tt>true</tt>, the producer will ignore the <tt>Exchange.HTTP_URI</tt> header, and use the endpoint's URI for request. You may also set the <tt>throwExceptionOnFailure</tt> to be <tt>false</tt> to let the producer send all the fault response back. </td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"> <tt>throwExceptionOnFailure</tt> </td><td colspan="1" rowspan="1" class="confluenceTd"> <tt>true</tt> </td><td colspan="1" rowspan="1" class="confluenceTd"> Option to disable throwing the <tt>HttpOperationFailedException</tt> in case of failed responses from the remote server. This allows you to get all responses regardles of the HTTP status code. </td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"> <tt>traceEnabled</tt> </td><td colspan="1" rowspan="1" class="confluenceTd"> <tt>false</tt> </td><td colspan="1" rowspan="1" cl
ass="confluenceTd"> Specifies whether to enable HTTP TRACE for this Netty HTTP consumer. By default TRACE is turned off. </td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"> <tt>transferException</tt> </td><td colspan="1" rowspan="1" class="confluenceTd"> <tt>false</tt> </td><td colspan="1" rowspan="1" class="confluenceTd"> If enabled and an <a shape="rect" href="exchange.html" title="Exchange">Exchange</a> failed processing on the consumer side, and if the caused Exception was send back serialized in the response as a <tt>application/x-java-serialized-object</tt> content type. On the producer side the exception will be deserialized and thrown as is, instead of the <tt>HttpOperationFailedException</tt>. The caused exception is required to be serialized. </td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"> <tt>urlDecodeHeaders</tt> </td><td colspan="1" rowspan="1" class="confluenceTd"> <tt>true</tt> </td><td colspan="1" rowspan="1" class="confluenceTd"> If this
option is enabled, then during binding from Netty to Camel <a shape="rect" href="message.html" title="Message">Message</a> then the header values will be URL decoded (eg %20 will be a space character. Notice this option is used by the default <tt>org.apache.camel.component.netty.http.NettyHttpBinding</tt> and therefore if you implement a custom <tt>org.apache.camel.component.netty.http.NettyHttpBinding</tt> then you would need to decode the headers accordingly to this option. </td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"> <tt>nettySharedHttpServer</tt> </td><td colspan="1" rowspan="1" class="confluenceTd"> <tt>null</tt> </td><td colspan="1" rowspan="1" class="confluenceTd"> To use a shared <a shape="rect" href="netty-http.html" title="Netty HTTP">Netty HTTP</a> server. See <a shape="rect" href="netty-http-server-example.html" title="Netty HTTP Server Example">Netty HTTP Server Example</a> for more details. </td></tr><tr><td colspan="1" rowspan="1" class="confluenceT
d"> <tt>disableStreamCache</tt> </td><td colspan="1" rowspan="1" class="confluenceTd"> <tt>false</tt> </td><td colspan="1" rowspan="1" class="confluenceTd"> Determines whether or not the raw input stream from Netty <tt>HttpRequest#getContent()</tt> is cached or not (Camel will read the stream into a in light-weight memory based Stream caching) cache. By default Camel will cache the Netty input stream to support reading it multiple times to ensure it Camel can retrieve all data from the stream. However you can set this option to <tt>true</tt> when you for example need to access the raw stream, such as streaming it directly to a file or other persistent store. Mind that if you enable this option, then you cannot read the Netty stream multiple times out of the box, and you would need manually to reset the reader index on the Netty raw stream. </td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"> <tt>securityConfiguration</tt> </td><td colspan="1" rowspan="1" class="confluence
Td"> <tt>null</tt> </td><td colspan="1" rowspan="1" class="confluenceTd"> <b>Consumer only</b>. Refers to a <tt>org.apache.camel.component.netty.http.NettyHttpSecurityConfiguration</tt> for configuring secure web resources. </td></tr></tbody></table>
+</div>
+</div>
+
+<p>The <tt>NettyHttpSecurityConfiguration</tt> has the following options:</p>
+<div class="confluenceTableSmall"><div class="table-wrap">
+<table class="confluenceTable"><tbody><tr><th colspan="1" rowspan="1" class="confluenceTh"> Name </th><th colspan="1" rowspan="1" class="confluenceTh"> Default Value </th><th colspan="1" rowspan="1" class="confluenceTh"> Description </th></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"> <tt>authenticate</tt> </td><td colspan="1" rowspan="1" class="confluenceTd"> <tt>true</tt> </td><td colspan="1" rowspan="1" class="confluenceTd"> Whether authentication is enabled. Can be used to quickly turn this off. </td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"> <tt>constraint</tt> </td><td colspan="1" rowspan="1" class="confluenceTd"> <tt>Basic</tt> </td><td colspan="1" rowspan="1" class="confluenceTd"> The constraint supported. Currently only <tt>Basic</tt> is implemented and supported. </td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"> <tt>realm</tt> </td><td colspan="1" rowspan="1" class="confluenceTd"> <tt>null</tt> </td><td colspan="1" rowspan="1" class
="confluenceTd"> The name of the JAAS security realm. This option is mandatory. </td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"> <tt>securityConstraint</tt> </td><td colspan="1" rowspan="1" class="confluenceTd"> <tt>null</tt> </td><td colspan="1" rowspan="1" class="confluenceTd"> Allows to plugin a security constraint mapper where you can define ACL to web resources. </td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"> <tt>securityAuthenticator</tt> </td><td colspan="1" rowspan="1" class="confluenceTd"> <tt>null</tt> </td><td colspan="1" rowspan="1" class="confluenceTd"> Allows to plugin a authenticator that performs the authentication. If none has been configured then the <tt>org.apache.camel.component.netty.http.JAASSecurityAuthenticator</tt> is used by default. </td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"> <tt>loginDeniedLoggingLevel</tt> </td><td colspan="1" rowspan="1" class="confluenceTd"> <tt>DEBUG</tt> </td><td colspan="1" rowspan=
"1" class="confluenceTd"> Logging level used when a login attempt failed, which allows to see more details why the login failed. </td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"> <tt>roleClassName</tt> </td><td colspan="1" rowspan="1" class="confluenceTd"> <tt>null</tt> </td><td colspan="1" rowspan="1" class="confluenceTd"> To specify FQN class names of <tt>Principal</tt> implementations that contains user roles. If none has been specified, then the <a shape="rect" href="netty-http.html" title="Netty HTTP">Netty HTTP</a> component will by default assume a <tt>Principal</tt> is role based if its FQN classname has the lower-case word <tt>role</tt> in its classname. You can specify multiple class names separated by comma. </td></tr></tbody></table>
</div>
</div>
@@ -282,6 +288,64 @@ from("netty-http:http://0.0.0.0:{{port}}
<p>See the <a shape="rect" href="netty-http-server-example.html" title="Netty HTTP Server Example">Netty HTTP Server Example</a> for more details and example how to do that.</p>
+<h3><a shape="rect" name="NettyHTTP-UsingHTTPBasicAuthentication"></a>Using HTTP Basic Authentication</h3>
+
+<p>The <a shape="rect" href="netty-http.html" title="Netty HTTP">Netty HTTP</a> consumer supports HTTP basic authentication by specifying the security realm name to use, as shown below</p>
+<div class="code panel" style="border-width: 1px;"><div class="codeContent panelContent">
+<script class="theme: Default; brush: java; gutter: false" type="syntaxhighlighter"><![CDATA[
+<route>
+ <from uri="netty-http:http://0.0.0.0:{{port}}/foo?securityConfiguration.realm=karaf"/>
+ ...
+</route>
+]]></script>
+</div></div>
+
+<p>The realm name is mandatory to enable basic authentication. By default the JAAS based authenticator is used, which will use the realm name specified (karaf in the example above) and use the JAAS realm and the JAAS {{LoginModule}}s of this realm for authentication.</p>
+
+<p>End user of Apache Karaf / ServiceMix has a karaf realm out of the box, and hence why the example above would work out of the box in these containers.</p>
+
+<h4><a shape="rect" name="NettyHTTP-SpecifyingACLonwebresources"></a>Specifying ACL on web resources</h4>
+
+<p>The <tt>org.apache.camel.component.netty.http.SecurityConstraint</tt> allows to define constrains on web resources. And the <tt>org.apache.camel.component.netty.http.SecurityConstraintMapping</tt> is provided out of the box, allowing to easily define inclusions and exclusions with roles.</p>
+
+<p>For example as shown below in the XML DSL, we define the constraint bean:</p>
+<div class="code panel" style="border-width: 1px;"><div class="codeContent panelContent">
+<script class="theme: Default; brush: xml; gutter: false" type="syntaxhighlighter"><![CDATA[
+ <bean id="constraint" class="org.apache.camel.component.netty.http.SecurityConstraintMapping">
+ <!-- inclusions defines url -> roles restrictions -->
+ <!-- a * should be used for any role accepted (or even no roles) -->
+ <property name="inclusions">
+ <map>
+ <entry key="/foo/*" value="*"/>
+ <entry key="/foo/admin/*" value="admin"/>
+ <entry key="/foo/guest/*" value="admin,guest"/>
+ </map>
+ </property>
+ <!-- exclusions is used to define public urls, which requires no authentication -->
+ <property name="exclusions">
+ <set>
+ <value>/foo/public/*</value>
+ </set>
+ </property>
+ </bean>
+]]></script>
+</div></div>
+
+<p>The constraint above is define so that</p>
+<ul class="alternate" type="square"><li>access to /foo/* is restricted and any roles is accepted (also if user has no roles)</li><li>access to /foo/admin/* requires the admin role</li><li>access to /foo/gues/* requires the admin or guest role</li><li>access to /foo/public/* is an exclusion which means no authentication is needed, and is therefore public for everyone without logging in</li></ul>
+
+
+<p>To use this constraint we just need to refer to the bean id as shown below:</p>
+<div class="code panel" style="border-width: 1px;"><div class="codeContent panelContent">
+<script class="theme: Default; brush: xml; gutter: false" type="syntaxhighlighter"><![CDATA[
+<route>
+ <from uri="netty-http:http://0.0.0.0:{{port}}/foo?matchOnUriPrefix=true&amp;securityConfiguration.realm=karaf&amp;securityConfiguration.securityConstraint=#constraint"/>
+ ...
+</route>
+]]></script>
+</div></div>
+
+
<h3><a shape="rect" name="NettyHTTP-SeeAlso"></a>See Also</h3>
<ul><li><a shape="rect" href="configuring-camel.html" title="Configuring Camel">Configuring Camel</a></li><li><a shape="rect" href="component.html" title="Component">Component</a></li><li><a shape="rect" href="endpoint.html" title="Endpoint">Endpoint</a></li><li><a shape="rect" href="getting-started.html" title="Getting Started">Getting Started</a></li></ul>