| { |
| "component": { |
| "kind": "component", |
| "name": "xmlsecurity-verify", |
| "title": "XML Security Verify", |
| "description": "Verify XML payloads using the XML signature specification.", |
| "deprecated": false, |
| "firstVersion": "2.12.0", |
| "label": "security,transformation", |
| "javaType": "org.apache.camel.component.xmlsecurity.XmlVerifierComponent", |
| "supportLevel": "Stable", |
| "groupId": "org.apache.camel.springboot", |
| "artifactId": "camel-xmlsecurity-starter", |
| "version": "3.11.0-SNAPSHOT", |
| "scheme": "xmlsecurity-verify", |
| "extendsScheme": "", |
| "syntax": "xmlsecurity-verify:name", |
| "async": false, |
| "api": false, |
| "consumerOnly": false, |
| "producerOnly": true, |
| "lenientProperties": false |
| }, |
| "componentProperties": { |
| "baseUri": { "kind": "property", "displayName": "Base Uri", "group": "producer", "label": "producer", "required": false, "type": "string", "javaType": "java.lang.String", "deprecated": false, "autowired": false, "secret": false, "configurationClass": "org.apache.camel.component.xmlsecurity.processor.XmlVerifierConfiguration", "configurationField": "verifierConfiguration", "description": "You can set a base URI which is used in the URI dereferencing. Relative URIs are then concatenated with the base URI." }, |
| "clearHeaders": { "kind": "property", "displayName": "Clear Headers", "group": "producer", "label": "producer", "required": false, "type": "boolean", "javaType": "java.lang.Boolean", "deprecated": false, "autowired": false, "secret": false, "defaultValue": "true", "configurationClass": "org.apache.camel.component.xmlsecurity.processor.XmlVerifierConfiguration", "configurationField": "verifierConfiguration", "description": "Determines if the XML signature specific headers be cleared after signing and verification. Defaults to true." }, |
| "cryptoContextProperties": { "kind": "property", "displayName": "Crypto Context Properties", "group": "producer", "label": "producer", "required": false, "type": "object", "javaType": "java.util.Map<java.lang.String, java.lang.Object>", "deprecated": false, "autowired": false, "secret": false, "configurationClass": "org.apache.camel.component.xmlsecurity.processor.XmlVerifierConfiguration", "configurationField": "verifierConfiguration", "description": "Sets the crypto context properties. See {link XMLCryptoContext#setProperty(String, Object)}. Possible properties are defined in XMLSignContext an XMLValidateContext (see Supported Properties). The following properties are set by default to the value Boolean#TRUE for the XML validation. If you want to switch these features off you must set the property value to Boolean#FALSE. org.jcp.xml.dsig.validateManifests javax.xml.crypto.dsig.cacheReference" }, |
| "disallowDoctypeDecl": { "kind": "property", "displayName": "Disallow Doctype Decl", "group": "producer", "label": "producer", "required": false, "type": "boolean", "javaType": "java.lang.Boolean", "deprecated": false, "autowired": false, "secret": false, "defaultValue": "true", "configurationClass": "org.apache.camel.component.xmlsecurity.processor.XmlVerifierConfiguration", "configurationField": "verifierConfiguration", "description": "Disallows that the incoming XML document contains DTD DOCTYPE declaration. The default value is Boolean#TRUE." }, |
| "keySelector": { "kind": "property", "displayName": "Key Selector", "group": "producer", "label": "", "required": false, "type": "object", "javaType": "javax.xml.crypto.KeySelector", "deprecated": false, "autowired": false, "secret": false, "configurationClass": "org.apache.camel.component.xmlsecurity.processor.XmlVerifierConfiguration", "configurationField": "verifierConfiguration", "description": "Provides the key for validating the XML signature." }, |
| "lazyStartProducer": { "kind": "property", "displayName": "Lazy Start Producer", "group": "producer", "label": "producer", "required": false, "type": "boolean", "javaType": "boolean", "deprecated": false, "autowired": false, "secret": false, "defaultValue": false, "description": "Whether the producer should be started lazy (on the first message). By starting lazy you can use this to allow CamelContext and routes to startup in situations where a producer may otherwise fail during starting and cause the route to fail being started. By deferring this startup to be lazy then the startup failure can be handled during routing messages via Camel's routing error handlers. Beware that when the first message is processed then creating and starting the producer may take a little time and prolong the total processing time of the processing." }, |
| "omitXmlDeclaration": { "kind": "property", "displayName": "Omit Xml Declaration", "group": "producer", "label": "producer", "required": false, "type": "boolean", "javaType": "java.lang.Boolean", "deprecated": false, "autowired": false, "secret": false, "defaultValue": "false", "configurationClass": "org.apache.camel.component.xmlsecurity.processor.XmlVerifierConfiguration", "configurationField": "verifierConfiguration", "description": "Indicator whether the XML declaration in the outgoing message body should be omitted. Default value is false. Can be overwritten by the header XmlSignatureConstants#HEADER_OMIT_XML_DECLARATION." }, |
| "outputNodeSearch": { "kind": "property", "displayName": "Output Node Search", "group": "producer", "label": "", "required": false, "type": "object", "javaType": "java.lang.Object", "deprecated": false, "autowired": false, "secret": false, "configurationClass": "org.apache.camel.component.xmlsecurity.processor.XmlVerifierConfiguration", "configurationField": "verifierConfiguration", "description": "Sets the output node search value for determining the node from the XML signature document which shall be set to the output message body. The class of the value depends on the type of the output node search. The output node search is forwarded to XmlSignature2Message." }, |
| "outputNodeSearchType": { "kind": "property", "displayName": "Output Node Search Type", "group": "producer", "label": "", "required": false, "type": "string", "javaType": "java.lang.String", "deprecated": false, "autowired": false, "secret": false, "defaultValue": "Default", "configurationClass": "org.apache.camel.component.xmlsecurity.processor.XmlVerifierConfiguration", "configurationField": "verifierConfiguration", "description": "Determines the search type for determining the output node which is serialized into the output message bodyF. See setOutputNodeSearch(Object). The supported default search types you can find in DefaultXmlSignature2Message." }, |
| "outputXmlEncoding": { "kind": "property", "displayName": "Output Xml Encoding", "group": "producer", "label": "producer", "required": false, "type": "string", "javaType": "java.lang.String", "deprecated": false, "autowired": false, "secret": false, "configurationClass": "org.apache.camel.component.xmlsecurity.processor.XmlVerifierConfiguration", "configurationField": "verifierConfiguration", "description": "The character encoding of the resulting signed XML document. If null then the encoding of the original XML document is used." }, |
| "removeSignatureElements": { "kind": "property", "displayName": "Remove Signature Elements", "group": "producer", "label": "", "required": false, "type": "boolean", "javaType": "java.lang.Boolean", "deprecated": false, "autowired": false, "secret": false, "defaultValue": "false", "configurationClass": "org.apache.camel.component.xmlsecurity.processor.XmlVerifierConfiguration", "configurationField": "verifierConfiguration", "description": "Indicator whether the XML signature elements (elements with local name Signature and namesapce http:\/\/www.w3.org\/2000\/09\/xmldsig#) shall be removed from the document set to the output message. Normally, this is only necessary, if the XML signature is enveloped. The default value is Boolean#FALSE. This parameter is forwarded to XmlSignature2Message. This indicator has no effect if the output node search is of type DefaultXmlSignature2Message#OUTPUT_NODE_SEARCH_TYPE_DEFAULT.F" }, |
| "schemaResourceUri": { "kind": "property", "displayName": "Schema Resource Uri", "group": "producer", "label": "producer", "required": false, "type": "string", "javaType": "java.lang.String", "deprecated": false, "autowired": false, "secret": false, "configurationClass": "org.apache.camel.component.xmlsecurity.processor.XmlVerifierConfiguration", "configurationField": "verifierConfiguration", "description": "Classpath to the XML Schema. Must be specified in the detached XML Signature case for determining the ID attributes, might be set in the enveloped and enveloping case. If set, then the XML document is validated with the specified XML schema. The schema resource URI can be overwritten by the header XmlSignatureConstants#HEADER_SCHEMA_RESOURCE_URI." }, |
| "secureValidation": { "kind": "property", "displayName": "Secure Validation", "group": "producer", "label": "", "required": false, "type": "boolean", "javaType": "java.lang.Boolean", "deprecated": false, "autowired": false, "secret": false, "defaultValue": "true", "configurationClass": "org.apache.camel.component.xmlsecurity.processor.XmlVerifierConfiguration", "configurationField": "verifierConfiguration", "description": "Enables secure validation. If true then secure validation is enabled." }, |
| "validationFailedHandler": { "kind": "property", "displayName": "Validation Failed Handler", "group": "producer", "label": "", "required": false, "type": "object", "javaType": "org.apache.camel.component.xmlsecurity.api.ValidationFailedHandler", "deprecated": false, "autowired": false, "secret": false, "configurationClass": "org.apache.camel.component.xmlsecurity.processor.XmlVerifierConfiguration", "configurationField": "verifierConfiguration", "description": "Handles the different validation failed situations. The default implementation throws specific exceptions for the different situations (All exceptions have the package name org.apache.camel.component.xmlsecurity.api and are a sub-class of XmlSignatureInvalidException. If the signature value validation fails, a XmlSignatureInvalidValueException is thrown. If a reference validation fails, a XmlSignatureInvalidContentHashException is thrown. For more detailed information, see the JavaDoc." }, |
| "xmlSignature2Message": { "kind": "property", "displayName": "Xml Signature2 Message", "group": "producer", "label": "", "required": false, "type": "object", "javaType": "org.apache.camel.component.xmlsecurity.api.XmlSignature2Message", "deprecated": false, "autowired": false, "secret": false, "configurationClass": "org.apache.camel.component.xmlsecurity.processor.XmlVerifierConfiguration", "configurationField": "verifierConfiguration", "description": "Bean which maps the XML signature to the output-message after the validation. How this mapping should be done can be configured by the options outputNodeSearchType, outputNodeSearch, and removeSignatureElements. The default implementation offers three possibilities which are related to the three output node search types Default, ElementName, and XPath. The default implementation determines a node which is then serialized and set to the body of the output message If the search type is ElementName then the output node (which must be in this case an element) is determined by the local name and namespace defined in the search value (see option outputNodeSearch). If the search type is XPath then the output node is determined by the XPath specified in the search value (in this case the output node can be of type Element, TextNode or Document). If the output node search type is Default then the following rules apply: In the enveloped XML signature case (there is a reference with URI= and transform http:\/\/www.w3.org\/2000\/09\/xmldsig#enveloped-signature), the incoming XML document without the Signature element is set to the output message body. In the non-enveloped XML signature case, the message body is determined from a referenced Object; this is explained in more detail in chapter Output Node Determination in Enveloping XML Signature Case." }, |
| "xmlSignatureChecker": { "kind": "property", "displayName": "Xml Signature Checker", "group": "producer", "label": "", "required": false, "type": "object", "javaType": "org.apache.camel.component.xmlsecurity.api.XmlSignatureChecker", "deprecated": false, "autowired": false, "secret": false, "configurationClass": "org.apache.camel.component.xmlsecurity.processor.XmlVerifierConfiguration", "configurationField": "verifierConfiguration", "description": "This interface allows the application to check the XML signature before the validation is executed. This step is recommended in http:\/\/www.w3.org\/TR\/xmldsig-bestpractices\/#check-what-is-signed" }, |
| "autowiredEnabled": { "kind": "property", "displayName": "Autowired Enabled", "group": "advanced", "label": "advanced", "required": false, "type": "boolean", "javaType": "boolean", "deprecated": false, "autowired": false, "secret": false, "defaultValue": true, "description": "Whether autowiring is enabled. This is used for automatic autowiring options (the option must be marked as autowired) by looking up in the registry to find if there is a single instance of matching type, which then gets configured on the component. This can be used for automatic configuring JDBC data sources, JMS connection factories, AWS Clients, etc." }, |
| "uriDereferencer": { "kind": "property", "displayName": "Uri Dereferencer", "group": "advanced", "label": "advanced", "required": false, "type": "object", "javaType": "javax.xml.crypto.URIDereferencer", "deprecated": false, "autowired": false, "secret": false, "configurationClass": "org.apache.camel.component.xmlsecurity.processor.XmlVerifierConfiguration", "configurationField": "verifierConfiguration", "description": "If you want to restrict the remote access via reference URIs, you can set an own dereferencer. Optional parameter. If not set the provider default dereferencer is used which can resolve URI fragments, HTTP, file and XPpointer URIs. Attention: The implementation is provider dependent!" }, |
| "verifierConfiguration": { "kind": "property", "displayName": "Verifier Configuration", "group": "advanced", "label": "advanced", "required": false, "type": "object", "javaType": "org.apache.camel.component.xmlsecurity.processor.XmlVerifierConfiguration", "deprecated": false, "autowired": false, "secret": false, "description": "To use a shared XmlVerifierConfiguration configuration to use as base for configuring endpoints." } |
| }, |
| "properties": { |
| "name": { "kind": "path", "displayName": "Name", "group": "producer", "label": "", "required": true, "type": "string", "javaType": "java.lang.String", "deprecated": false, "deprecationNote": "", "autowired": false, "secret": false, "description": "The name part in the URI can be chosen by the user to distinguish between different verify endpoints within the camel context." }, |
| "baseUri": { "kind": "parameter", "displayName": "Base Uri", "group": "producer", "label": "producer", "required": false, "type": "string", "javaType": "java.lang.String", "deprecated": false, "autowired": false, "secret": false, "configurationClass": "org.apache.camel.component.xmlsecurity.processor.XmlVerifierConfiguration", "configurationField": "configuration", "description": "You can set a base URI which is used in the URI dereferencing. Relative URIs are then concatenated with the base URI." }, |
| "clearHeaders": { "kind": "parameter", "displayName": "Clear Headers", "group": "producer", "label": "producer", "required": false, "type": "boolean", "javaType": "java.lang.Boolean", "deprecated": false, "autowired": false, "secret": false, "defaultValue": "true", "configurationClass": "org.apache.camel.component.xmlsecurity.processor.XmlVerifierConfiguration", "configurationField": "configuration", "description": "Determines if the XML signature specific headers be cleared after signing and verification. Defaults to true." }, |
| "cryptoContextProperties": { "kind": "parameter", "displayName": "Crypto Context Properties", "group": "producer", "label": "producer", "required": false, "type": "object", "javaType": "java.util.Map<java.lang.String, java.lang.Object>", "deprecated": false, "autowired": false, "secret": false, "configurationClass": "org.apache.camel.component.xmlsecurity.processor.XmlVerifierConfiguration", "configurationField": "configuration", "description": "Sets the crypto context properties. See {link XMLCryptoContext#setProperty(String, Object)}. Possible properties are defined in XMLSignContext an XMLValidateContext (see Supported Properties). The following properties are set by default to the value Boolean#TRUE for the XML validation. If you want to switch these features off you must set the property value to Boolean#FALSE. org.jcp.xml.dsig.validateManifests javax.xml.crypto.dsig.cacheReference" }, |
| "disallowDoctypeDecl": { "kind": "parameter", "displayName": "Disallow Doctype Decl", "group": "producer", "label": "producer", "required": false, "type": "boolean", "javaType": "java.lang.Boolean", "deprecated": false, "autowired": false, "secret": false, "defaultValue": "true", "configurationClass": "org.apache.camel.component.xmlsecurity.processor.XmlVerifierConfiguration", "configurationField": "configuration", "description": "Disallows that the incoming XML document contains DTD DOCTYPE declaration. The default value is Boolean#TRUE." }, |
| "keySelector": { "kind": "parameter", "displayName": "Key Selector", "group": "producer", "label": "", "required": false, "type": "object", "javaType": "javax.xml.crypto.KeySelector", "deprecated": false, "autowired": false, "secret": false, "configurationClass": "org.apache.camel.component.xmlsecurity.processor.XmlVerifierConfiguration", "configurationField": "configuration", "description": "Provides the key for validating the XML signature." }, |
| "lazyStartProducer": { "kind": "parameter", "displayName": "Lazy Start Producer", "group": "producer", "label": "producer", "required": false, "type": "boolean", "javaType": "boolean", "deprecated": false, "autowired": false, "secret": false, "defaultValue": false, "description": "Whether the producer should be started lazy (on the first message). By starting lazy you can use this to allow CamelContext and routes to startup in situations where a producer may otherwise fail during starting and cause the route to fail being started. By deferring this startup to be lazy then the startup failure can be handled during routing messages via Camel's routing error handlers. Beware that when the first message is processed then creating and starting the producer may take a little time and prolong the total processing time of the processing." }, |
| "omitXmlDeclaration": { "kind": "parameter", "displayName": "Omit Xml Declaration", "group": "producer", "label": "producer", "required": false, "type": "boolean", "javaType": "java.lang.Boolean", "deprecated": false, "autowired": false, "secret": false, "defaultValue": "false", "configurationClass": "org.apache.camel.component.xmlsecurity.processor.XmlVerifierConfiguration", "configurationField": "configuration", "description": "Indicator whether the XML declaration in the outgoing message body should be omitted. Default value is false. Can be overwritten by the header XmlSignatureConstants#HEADER_OMIT_XML_DECLARATION." }, |
| "outputNodeSearch": { "kind": "parameter", "displayName": "Output Node Search", "group": "producer", "label": "", "required": false, "type": "object", "javaType": "java.lang.Object", "deprecated": false, "autowired": false, "secret": false, "configurationClass": "org.apache.camel.component.xmlsecurity.processor.XmlVerifierConfiguration", "configurationField": "configuration", "description": "Sets the output node search value for determining the node from the XML signature document which shall be set to the output message body. The class of the value depends on the type of the output node search. The output node search is forwarded to XmlSignature2Message." }, |
| "outputNodeSearchType": { "kind": "parameter", "displayName": "Output Node Search Type", "group": "producer", "label": "", "required": false, "type": "string", "javaType": "java.lang.String", "deprecated": false, "autowired": false, "secret": false, "defaultValue": "Default", "configurationClass": "org.apache.camel.component.xmlsecurity.processor.XmlVerifierConfiguration", "configurationField": "configuration", "description": "Determines the search type for determining the output node which is serialized into the output message bodyF. See setOutputNodeSearch(Object). The supported default search types you can find in DefaultXmlSignature2Message." }, |
| "outputXmlEncoding": { "kind": "parameter", "displayName": "Output Xml Encoding", "group": "producer", "label": "producer", "required": false, "type": "string", "javaType": "java.lang.String", "deprecated": false, "autowired": false, "secret": false, "configurationClass": "org.apache.camel.component.xmlsecurity.processor.XmlVerifierConfiguration", "configurationField": "configuration", "description": "The character encoding of the resulting signed XML document. If null then the encoding of the original XML document is used." }, |
| "removeSignatureElements": { "kind": "parameter", "displayName": "Remove Signature Elements", "group": "producer", "label": "", "required": false, "type": "boolean", "javaType": "java.lang.Boolean", "deprecated": false, "autowired": false, "secret": false, "defaultValue": "false", "configurationClass": "org.apache.camel.component.xmlsecurity.processor.XmlVerifierConfiguration", "configurationField": "configuration", "description": "Indicator whether the XML signature elements (elements with local name Signature and namesapce http:\/\/www.w3.org\/2000\/09\/xmldsig#) shall be removed from the document set to the output message. Normally, this is only necessary, if the XML signature is enveloped. The default value is Boolean#FALSE. This parameter is forwarded to XmlSignature2Message. This indicator has no effect if the output node search is of type DefaultXmlSignature2Message#OUTPUT_NODE_SEARCH_TYPE_DEFAULT.F" }, |
| "schemaResourceUri": { "kind": "parameter", "displayName": "Schema Resource Uri", "group": "producer", "label": "producer", "required": false, "type": "string", "javaType": "java.lang.String", "deprecated": false, "autowired": false, "secret": false, "configurationClass": "org.apache.camel.component.xmlsecurity.processor.XmlVerifierConfiguration", "configurationField": "configuration", "description": "Classpath to the XML Schema. Must be specified in the detached XML Signature case for determining the ID attributes, might be set in the enveloped and enveloping case. If set, then the XML document is validated with the specified XML schema. The schema resource URI can be overwritten by the header XmlSignatureConstants#HEADER_SCHEMA_RESOURCE_URI." }, |
| "secureValidation": { "kind": "parameter", "displayName": "Secure Validation", "group": "producer", "label": "", "required": false, "type": "boolean", "javaType": "java.lang.Boolean", "deprecated": false, "autowired": false, "secret": false, "defaultValue": "true", "configurationClass": "org.apache.camel.component.xmlsecurity.processor.XmlVerifierConfiguration", "configurationField": "configuration", "description": "Enables secure validation. If true then secure validation is enabled." }, |
| "validationFailedHandler": { "kind": "parameter", "displayName": "Validation Failed Handler", "group": "producer", "label": "", "required": false, "type": "object", "javaType": "org.apache.camel.component.xmlsecurity.api.ValidationFailedHandler", "deprecated": false, "autowired": false, "secret": false, "configurationClass": "org.apache.camel.component.xmlsecurity.processor.XmlVerifierConfiguration", "configurationField": "configuration", "description": "Handles the different validation failed situations. The default implementation throws specific exceptions for the different situations (All exceptions have the package name org.apache.camel.component.xmlsecurity.api and are a sub-class of XmlSignatureInvalidException. If the signature value validation fails, a XmlSignatureInvalidValueException is thrown. If a reference validation fails, a XmlSignatureInvalidContentHashException is thrown. For more detailed information, see the JavaDoc." }, |
| "xmlSignature2Message": { "kind": "parameter", "displayName": "Xml Signature2 Message", "group": "producer", "label": "", "required": false, "type": "object", "javaType": "org.apache.camel.component.xmlsecurity.api.XmlSignature2Message", "deprecated": false, "autowired": false, "secret": false, "configurationClass": "org.apache.camel.component.xmlsecurity.processor.XmlVerifierConfiguration", "configurationField": "configuration", "description": "Bean which maps the XML signature to the output-message after the validation. How this mapping should be done can be configured by the options outputNodeSearchType, outputNodeSearch, and removeSignatureElements. The default implementation offers three possibilities which are related to the three output node search types Default, ElementName, and XPath. The default implementation determines a node which is then serialized and set to the body of the output message If the search type is ElementName then the output node (which must be in this case an element) is determined by the local name and namespace defined in the search value (see option outputNodeSearch). If the search type is XPath then the output node is determined by the XPath specified in the search value (in this case the output node can be of type Element, TextNode or Document). If the output node search type is Default then the following rules apply: In the enveloped XML signature case (there is a reference with URI= and transform http:\/\/www.w3.org\/2000\/09\/xmldsig#enveloped-signature), the incoming XML document without the Signature element is set to the output message body. In the non-enveloped XML signature case, the message body is determined from a referenced Object; this is explained in more detail in chapter Output Node Determination in Enveloping XML Signature Case." }, |
| "xmlSignatureChecker": { "kind": "parameter", "displayName": "Xml Signature Checker", "group": "producer", "label": "", "required": false, "type": "object", "javaType": "org.apache.camel.component.xmlsecurity.api.XmlSignatureChecker", "deprecated": false, "autowired": false, "secret": false, "configurationClass": "org.apache.camel.component.xmlsecurity.processor.XmlVerifierConfiguration", "configurationField": "configuration", "description": "This interface allows the application to check the XML signature before the validation is executed. This step is recommended in http:\/\/www.w3.org\/TR\/xmldsig-bestpractices\/#check-what-is-signed" }, |
| "uriDereferencer": { "kind": "parameter", "displayName": "Uri Dereferencer", "group": "advanced", "label": "advanced", "required": false, "type": "object", "javaType": "javax.xml.crypto.URIDereferencer", "deprecated": false, "autowired": false, "secret": false, "configurationClass": "org.apache.camel.component.xmlsecurity.processor.XmlVerifierConfiguration", "configurationField": "configuration", "description": "If you want to restrict the remote access via reference URIs, you can set an own dereferencer. Optional parameter. If not set the provider default dereferencer is used which can resolve URI fragments, HTTP, file and XPpointer URIs. Attention: The implementation is provider dependent!" } |
| } |
| } |
