| <?xml version="1.0" encoding="UTF-8"?> |
| <!-- |
| Licensed to the Apache Software Foundation (ASF) under one or more |
| contributor license agreements. See the NOTICE file distributed with |
| this work for additional information regarding copyright ownership. |
| The ASF licenses this file to You under the Apache License, Version 2.0 |
| (the "License"); you may not use this file except in compliance with |
| the License. You may obtain a copy of the License at |
| |
| http://www.apache.org/licenses/LICENSE-2.0 |
| |
| Unless required by applicable law or agreed to in writing, software |
| distributed under the License is distributed on an "AS IS" BASIS, |
| WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| See the License for the specific language governing permissions and |
| limitations under the License. |
| --> |
| <!-- START SNIPPET: example --> |
| <beans xmlns="http://www.springframework.org/schema/beans" |
| xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" |
| xmlns:spring-security="http://www.springframework.org/schema/security" |
| xsi:schemaLocation="http://www.springframework.org/schema/beans |
| http://www.springframework.org/schema/beans/spring-beans.xsd |
| http://camel.apache.org/schema/spring |
| http://camel.apache.org/schema/spring/camel-spring.xsd |
| http://camel.apache.org/schema/spring-security |
| http://camel.apache.org/schema/spring-security/camel-spring-security.xsd |
| http://www.springframework.org/schema/security |
| http://www.springframework.org/schema/security/spring-security.xsd"> |
| |
| <import resource="classpath:org/apache/camel/example/spring/security/common-security.xml"/> |
| |
| <bean id="accessDecisionManager" class="org.springframework.security.access.vote.AffirmativeBased"> |
| <property name="allowIfAllAbstainDecisions" value="true"/> |
| <property name="decisionVoters"> |
| <list> |
| <bean class="org.springframework.security.access.vote.RoleVoter"/> |
| </list> |
| </property> |
| </bean> |
| |
| <!-- The Policy for checking the authentication role of ADMIN --> |
| <authorizationPolicy id="admin" access="ROLE_ADMIN" |
| authenticationManager="authenticationManager" |
| accessDecisionManager="accessDecisionManager" |
| xmlns="http://camel.apache.org/schema/spring-security"/> |
| |
| <!-- The Policy for checking the authentication role of USER --> |
| <authorizationPolicy id="user" access="ROLE_USER" |
| xmlns="http://camel.apache.org/schema/spring-security"/> |
| |
| <camelContext id="myCamelContext" xmlns="http://camel.apache.org/schema/spring"> |
| <!-- Catch the authorization exception and set the Access Denied message back --> |
| <onException> |
| <exception>org.apache.camel.CamelAuthorizationException</exception> |
| <handled> |
| <constant>true</constant> |
| </handled> |
| <transform> |
| <simple>Access Denied with the Policy of ${exception.policyId} !</simple> |
| </transform> |
| </onException> |
| |
| <route> |
| <from uri="servlet:///user"/> |
| <!-- wrap the route in the policy which enforces security check --> |
| <policy ref="user"> |
| <transform> |
| <simple>Normal user can access this service</simple> |
| </transform> |
| </policy> |
| </route> |
| <route> |
| <from uri="servlet:///admin"/> |
| <!-- wrap the route in the policy which enforces security check --> |
| <policy ref="admin"> |
| <transform> |
| <simple>Call the admin operation OK</simple> |
| </transform> |
| </policy> |
| </route> |
| </camelContext> |
| |
| </beans> |
| <!-- END SNIPPET: example --> |