This Confluence has been LDAP enabled, if you are an ASF Committer, please use your LDAP Credentials to login. Any problems file an INFRA jira ticket please.

  Apache ServiceMix NMR #usernavbar() #printableicon() #pdficon() #feedicon()  
When you contribute content to this Wiki, you grant a license to the ASF for inclusion in ASF works (as per the Apache Software License).
  5. Security

Versions Compared


  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Migration of unmigrated content due to installation of a new plugin
Wiki Markup


5. Security

The NMR provides a security layer that allows authentication of users and authorizing endpoint access.


The authentication service is exposed in OSGi and can be used by any bundle by retrieving the service from the registry.

Code Block



 * Interface for the authentication service.
public interface AuthenticationService {

     * Authenticate a user given its name and credentials.
     * Upon sucessfull completion, the subject should be populated
     * with the user known principals, including, but not limited to
     * a UserPrincipal and the GroupPrincipal that this user belongs
     * to.
     * @param subject the subject to populate
     * @param domain the security domain to use
     * @param user the user name
     * @param credentials the user credntials
     * @throws GeneralSecurityException if the user can not be authenticated
    void authenticate(Subject subject, String domain, String user, Object credentials) throws GeneralSecurityException;


The default implementation of this service delegates to JAAS, leveraging ServiceMix Kernel JAAS support. This means that new JAAS realms can be deployed along with your application at runtime.


The authentication feature is provided by the AuthenticationService which is also registered in the OSGi registry.

Code Block

import java.util.Set;

import javax.xml.namespace.QName;

 * The AuthorizationService interface allows the NMR to retrieve the
 * Access Control List for a given combination of endpoint / operation.
 * This is used to secure access to a given endpoint. 
public interface AuthorizationService {

     * Retrieve the Access Control List for a given endpoint and operation.
     * The endpoint is identified by its ID (usually a combination of
     * service QName and endpoint in the JBI case).
     * @param endpoint the endpoint identifier
     * @param operation the operation invoked or null
     * @return a set of GroupPrincipal allowed to invoke the endpoint / operation
    Set<GroupPrincipal> getAcls(String endpoint, QName operation);



Access to endpoints in the NMR can be checked against some authorizations entries that can be easily deployed at runtime. The NMR will check the target endpoint against the authorized roles for the user (if any user has been authenticated) and reject the exchange is no endpoint matches the security rules.

The default implementation looks for these entries in the OSGi registry, so that you can also deploy your authorization entries along with your endpoints.

Here is a simple xml configuration file that contains and export the default authorization entry:

Code Block
<beans xmlns=""
    <osgi:service interface="">
        <bean class="">
            <property name="endpoint" value="*" />
            <property name="rank" value="-2147483648" />
            <property name="roles" value="*" />
            <property name="type" value="Set" />








The regexp pattern used to match against the target endpoint. "*" is a special value to match all endpoints



(no default)

The QName of the operation that need to match the exchange operation


Add, Set, Remove


The logical operation to perform with this entry


Comma separated list of string


List or roles authorized to access the matching endpoints / operations




The rank, or order, associated with this entry


Multiple entries can be deployed and some of them can be conflicting or have wildcards to match several endpoints. Therefore, the need to order them when resolving the list of roles authorized is important. This is what the rank and type properties do. When computing the list of roles, the entries are sorted from the smallest rank to the greatest rank and for each of these entries, the type is used to compute the new list of roles with respect to the previously computed list and the list associated to the entry.

  • Add: add the list of roles on this entry to the list of authorized roles
  • Set: the list of authorized roles becomes the the list configured on this entry
  • Remove: remove the roles on this entry from the list of authorized roles


Wiki Markup