Available as of Camel 2.0
The XMLSecurity DataFormat facilitates encryption and decryption of XML payloads at the Document, Element and Element Content levels (including simultaneous multi-node encryption/decryption using XPATH).
The encrytion capability is based on formats supported using the Apache XML Security (Santaurio) project. Encryption/Decryption is "currently" supported using Triple-DES and AES (128, 192 and 256) encryption formats. Additional formats can be easily added later as needed. (Note: The support currently offered is for symmetric encryption. This means the same keyset is needed at both ends of the communication to encrypt/decrypt payloads).
The capability allows Camel users to encrypt/decrypt payloads while being dispatched or received along a route.
Option |
Default |
Description |
---|---|---|
secureTag |
null |
The XPATH reference to the XML Element selected for encryption/decryption. |
secureTagContents |
false |
A boolean value to specify whether the XML Element is to be encrypted or the contents of the XML Element. |
passPhrase |
null |
A byte array that is used as passPhrase to encrypt/decrypt content. The passPhrase has to be |
xmlCipherAlgorithm |
null |
The cipher algorithm to be used for encryption/decryption. |
In order to encrypt the payload, the marshal processor needs to be applied on the route followed by the secureXML() tag.
In order to decrypt the payload, the unmarshal processor needs to be applied on the route followed by the secureXML() tag.
Given below are several examples of how marshalling could be performaed at the Document, Element and Content levels.
from("direct:start"). marshal().secureXML(). unmarshal().secureXML(). to("direct:end"); |
String tagXPATH = "//cheesesites/italy/cheese"; boolean secureTagContent = true; ... from("direct:start"). marshal().secureXML(tagXPATH , secureTagContent ). unmarshal().secureXML(tagXPATH , secureTagContent). to("direct:end"); |
String tagXPATH = "//cheesesites/*/cheese"; boolean secureTagContent = true; .... from("direct:start"). marshal().secureXML(tagXPATH , secureTagContent ). unmarshal().secureXML(tagXPATH , secureTagContent). to("direct:end"); |
String tagXPATH = "//cheesesites/italy/cheese"; boolean secureTagContent = true; .... String passPhrase = "Just another 24 Byte key"; from("direct:start"). marshal().secureXML(tagXPATH , secureTagContent , passPhrase). unmarshal().secureXML(tagXPATH , secureTagContent, passPhrase). to("direct:end"); |
import org.apache.xml.security.encryption.XMLCipher; .... String tagXPATH = "//cheesesites/italy/cheese"; boolean secureTagContent = true; String passPhrase = "Just another 24 Byte key"; String algorithm= XMLCipher.TRIPLEDES; from("direct:start"). marshal().secureXML(tagXPATH , secureTagContent , passPhrase, algorithm). unmarshal().secureXML(tagXPATH , secureTagContent, passPhrase, algorithm). to("direct:end"); |
This data format is provided in the camel-xmlsecurity component.