Child pages
  • Spring Security Example
Skip to end of metadata
Go to start of metadata

Spring Security Example

The camel-spring-security module provides authentication and authorization capabilities via Spring Security. This example shows you how to use this functionality to implement a role based authorization application.

This example consumes messages from a servlet endpoint which is secured by Spring Security with http basic authentication, there are two services:

 "http://localhost:8080/camel/user" is for the authenticated user whose role is ROLE_USER
 "http://localhost:8080/camel/admin" is for the authenticated user whose role is ROLE_ADMIN

You will need to compile this example first:

  cd $CAMEL_HOME/examples/camel-example-spring-security
  mvn clean install

To run the example, you need to start up the server by typing

  mvn jetty:run

To stop the server hit ctrl + c

Then you can use the script in the client directory to send the request and check the response, or use browser to access upper service with the user/password ("jim/jimspassword" with the admin and user role or "rob/robspassword" with user role).

Here is the camel route configuration:

Error rendering macro 'code': Invalid value specified for parameter 'java.lang.NullPointerException'
<beans xmlns="http://www.springframework.org/schema/beans"
       xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
       xmlns:spring-security="http://www.springframework.org/schema/security"
       xsi:schemaLocation="
         http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
         http://camel.apache.org/schema/spring http://camel.apache.org/schema/spring/camel-spring.xsd
         http://camel.apache.org/schema/spring-security http://camel.apache.org/schema/spring-security/camel-spring-security.xsd
         http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security.xsd">

  <spring-security:http realm="User Restrict Realm">
    <spring-security:intercept-url pattern="/camel/**"
                                   access="hasRole('ROLE_USER') or hasRole('ROLE_ADMIN')"/>
    <spring-security:http-basic/>
    <spring-security:remember-me/>
  </spring-security:http>

    <!--  set up the user configuration here -->
  <spring-security:authentication-manager alias="authenticationManager">
    <spring-security:authentication-provider user-service-ref="userDetailsService"/>
  </spring-security:authentication-manager>

  <spring-security:user-service id="userDetailsService">
    <spring-security:user name="jim" password="jimspassword" authorities="ROLE_USER, ROLE_ADMIN"/>
    <spring-security:user name="bob" password="bobspassword" authorities="ROLE_USER"/>
  </spring-security:user-service>

  <bean id="accessDecisionManager" class="org.springframework.security.access.vote.AffirmativeBased">
    <constructor-arg>
      <bean class="org.springframework.security.access.vote.RoleVoter"/>
    </constructor-arg>
    <property name="allowIfAllAbstainDecisions" value="true"/>
  </bean>

  <!-- The Policy for checking the authentication role of ADMIN -->
  <authorizationPolicy id="admin" access="ROLE_ADMIN"
                       authenticationManager="authenticationManager"
                       accessDecisionManager="accessDecisionManager"
                       xmlns="http://camel.apache.org/schema/spring-security"/>

  <!-- The Policy for checking the authentication role of USER -->
  <authorizationPolicy id="user" access="ROLE_USER"
                       xmlns="http://camel.apache.org/schema/spring-security"/>

  <camelContext id="myCamelContext" xmlns="http://camel.apache.org/schema/spring">
    <!-- Catch the authorization exception and set the Access Denied message back -->
    <onException>
      <exception>org.apache.camel.CamelAuthorizationException</exception>
      <handled>
        <constant>true</constant>
      </handled>
      <transform>
        <simple>Access Denied with the Policy of ${exception.policyId} !</simple>
      </transform>
    </onException>

    <route>
      <from uri="servlet:user"/>
      <!-- wrap the route in the policy which enforces security check -->
      <policy ref="user">
        <transform>
          <simple>Normal user can access this service</simple>
        </transform>
      </policy>
    </route>

    <route>
      <from uri="servlet:admin"/>
      <!-- wrap the route in the policy which enforces security check -->
      <policy ref="admin">
        <transform>
          <simple>Call the admin operation OK</simple>
        </transform>
      </policy>
    </route>

  </camelContext>

</beans>

You can find how to configure the camel-servlet with http basic authentication by check the files in WEB-INF

  • No labels

0 Comments