際際滷

際際滷Share a Scribd company logo

Security springsecuritymanager-sathyaraj

Download as PPT, PDF
sathyaraj Anand
sathyaraj Anand

The document discusses configuring Spring Security 3.0 as a security manager in Mule. It provides an example configuration that uses an in-memory database of users for authentication. It also describes adding the necessary Spring Security schema references and using security filters to authenticate inbound and outbound requests.

Convert to study guideBETA

Transform any presentation into a summarized study guide, highlighting the most important points and key insights.

1 of 10
Download to read offline
MULE Spring Security Manager
2 Configuring the Spring Security Manager Use Spring Security 3.0 as a Security Manager inside of Mule. You can use any of the librarys security providers such as JAAS, LDAP, CAS (Yale Central Authentication service), and DAO. For more information on the elements you can configure for a Mule security manager, see Security Manager Configuration Reference.
3 Example The following example illustrates how to configure a single security provider on Mule, in this case an in-memory database of users. To configure the provider, we set up a <user-service> element and the <authentication- manager> to which Mule delegates.
4 <mule xmlns:tls="http://www.mulesoft.org/schema/mule/tls" xmlns:http="http://www.mulesoft.org/schema/mule/http" xmlns:tracking="http://www.mulesoft.org/schema/mule/ee/tracking" xmlns="http://www.mulesoft.org/schema/mule/core" xmlns:doc="http://www.mulesoft.org/schema/mule/documentation" xmlns:spring="http://www.springframework.org/schema/beans" version="EE-3.6.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:mule-ss="http://www.mulesoft.org/schema/mule/spring-security" xmlns:ss="http://www.springframework.org/schema/security" xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-current.xsd http://www.mulesoft.org/schema/mule/core http://www.mulesoft.org/schema/mule/core/current/mule.xsd http://www.mulesoft.org/schema/mule/http http://www.mulesoft.org/schema/mule/http/current/mule-http.xsd http://www.mulesoft.org/schema/mule/ee/tracking http://www.mulesoft.org/schema/mule/ee/tracking/current/mule-tracking-ee.xsd http://www.mulesoft.org/schema/mule/spring-security http://www.mulesoft.org/schema/mule/spring-security/3.1/mule-spring-security.xsd http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.0.xsd http://www.mulesoft.org/schema/mule/tls http://www.mulesoft.org/schema/mule/tls/current/mule-tls.xsd http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.0.xsd http://www.mulesoft.org/schema/mule/https
5 <spring:beans> <ss:authentication-manager alias="authenticationManager"> <ss:authentication-provider> <ss:user-service id="userService"> <ss:user name="user" password="password" authorities="ROLE_ADMIN" /> <ss:user name="anon" password="anon" authorities="ROLE_ANON" /> </ss:user-service> </ss:authentication-provider> </ss:authentication-manager> </spring:beans> <mule-ss:security-manager> <mule-ss:delegate-security-provider name="memory-provider" delegate- ref="authenticationManager" /> </mule-ss:security-manager> <http:listener-config name="HTTP_Listener_Configuration" host="localhost" port="8081" doc:name="HTTP Listener Configuration" /> <flow name="SpringExample"> <http:listener config-ref="HTTP_Listener_Configuration" path="/" doc:name="HTTP"/> <logger level="INFO" message="## received" doc:name="Logger"/> <http:basic-security-filter realm="mule-realm"/> <logger level="INFO" message="## passed security" doc:name="Logger"/> </flow> </mule>
6 Adding Spring Security References To make Spring security work, you need to add XML schema declarations to your Mule App. Notice the above example includes the following references inside the root XML element: xmlns:mule-ss="http://www.mulesoft.org/schema/mule/spring-security" xmlns:ss="http://www.springframework.org/schema/security" xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-current.xsd http://www.mulesoft.org/schema/mule/core http://www.mulesoft.org/schema/mule/core/current/mule.xsd http://www.mulesoft.org/schema/mule/http http://www.mulesoft.org/schema/mule/http/current/mule-http.xsd http://www.mulesoft.org/schema/mule/ee/tracking http://www.mulesoft.org/schema/mule/ee/tracking/current/mule-tracking-ee.xsd http://www.mulesoft.org/schema/mule/spring-security http://www.mulesoft.org/schema/mule/spring-security/3.1/mule-spring-security.xsd http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.0.xsd
7 Security Filters Security filters can be configured on an object to either authenticate inbound requests or attach credentials to outbound requests. For example, to configure an HTTP basic authorization filter on an HTTP connector, you would use the following connector security filter: <mule-ss:http-security-filter realm="mule-realm"/>
8 When a request is received, the authentication header is read from the request and authenticated against all security providers on the Security Manager. If you only want to validate on certain providers, you can supply a comma-separated list of security provider names. <mule-ss:http-security-filter realm="mule-realm" securityProviders="default,another"/>
9 This bean defines a proxy for the protected bean. When an application asks Spring for a myComponent bean, it will get this proxy instead. <bean id="autoProxyCreator" class="org.springframework.aop.framework.autoproxy.BeanNameAutoProxyCreator"> <property name="interceptorNames"> <list> <value>myComponentSecurity</value> </list> </property> <property name="beanNames"> <list> <value>myComponent</value> </list> </property> <property name='proxyTargetClass' value="true"/> </bean>
Security springsecuritymanager-sathyaraj

More Related Content

Security springsecuritymanager-sathyaraj