| [[Security-Security]] |
| = Security |
| |
| Camel offers several forms & levels of security capabilities that can be |
| utilized on camel routes. These various forms of security may be used in |
| conjunction with each other or separately. |
| |
| The broad categories offered are |
| |
| * Route Security - Authentication and Authorization services to proceed |
| on a route or route segment |
| * Payload Security - Data Formats that offer encryption/decryption |
| services at the payload level |
| * Endpoint Security - Security offered by components that can be |
| utilized by endpointUri associated with the component |
| * Configuration Security - Security offered by encrypting sensitive |
| information from configuration files |
| |
| [[Security-RouteSecurity-AuthenticationandAuthorizationServices]] |
| == Route Security - Authentication and Authorization Services |
| |
| Camel offers Policy driven security capabilities that may be wired into |
| routes or route segments. A Policy in Camel utilizes a strategy pattern |
| for applying interceptors on Camel Processors. It offering the ability |
| to apply cross-cutting concerns (for example. security, transactions |
| etc) on sections/segments of a camel route. |
| |
| The components offering authentication and authorization Services |
| utilizing Route Policies are |
| |
| * xref:components::shiro.adoc[Shiro Security] |
| * xref:components::spring-security.adoc[Spring Security] |
| |
| [[Security-PayloadSecurity-DataFormatsandProducers/Consumersofferingencryption/decryptionservices]] |
| == Payload Security - Data Formats and Producers/Consumers offering encryption/decryption services |
| |
| Camel offers encryption/decryption services to secure payloads or |
| selectively apply encryption/decryption capabilities on |
| portions/sections of a payload. |
| |
| These capabilites are offered by the following components |
| |
| * xref:components::secureXML-dataformat.adoc[XMLSecurity DataFormat] (XML |
| Encryption support) |
| * xref:components::xmlsecurity-component.adoc[XML Security component] (XML |
| Signature support) |
| * xref:components::crypto-dataformat.adoc[Crypto DataFormat] (Encryption + PGP support) |
| * xref:components::crypto-component.adoc[Crypto component] (Signature |
| support) |
| |
| [[Security-EndpointSecurity]] |
| == Endpoint Security |
| |
| Some components in camel offer an ability to secure their endpoints |
| (using interceptors etc) and therefore ensure that they offer the |
| ability to secure payloads as well as provide |
| authentication/authorization capabilities at endpoints created using the |
| components. |
| |
| Some such components are |
| |
| * xref:components::jetty-component.adoc[Jetty] - HTTP Basic Authentication support * SSL |
| support |
| * xref:components::cxf-component.adoc[CXF] - HTTP Basic Authentication & WS-Security support |
| using the CXF Bus driven interceptor chain |
| * xref:components::spring-ws-component.adoc[Spring Web Services] - HTTP Basic |
| Authentication & WS-Security support |
| * xref:components::netty-component.adoc[Netty] - SSL support |
| * xref:components::mina-component.adoc[MINA] - SSL support |
| * xref:components::cometd-component.adoc[Cometd] - SSL support |
| * xref:components::jms-component.adoc[JMS] - JAAS and SSL based security for client <--> |
| broker communication |
| |
| [[Security-ConfigurationSecurity]] |
| == Configuration Security |
| |
| *Since Camel 2.5* |
| |
| Camel offers the xref:components::properties-component.adoc[Properties] component to |
| externalize configuration values to properties files. Those values could |
| contain sensitive information such as usernames and passwords. Those |
| values can be encrypted and automatic decrypted by Camel. |
| |
| * xref:components::jasypt.adoc[Jasypt] |
| |
| *Since Camel 2.8* |
| |
| Camel offers the xref:camel-configuration-utilities.adoc[JSSE Utility] |
| for configuring SSL/TLS related aspects of a number of Camel components. |