Author: buildbot
Date: Tue Jul 16 14:18:37 2013
New Revision: 869690
Log:
Production update by buildbot for camel
Modified:
websites/production/camel/content/cache/main.pageCache
websites/production/camel/content/netty-http.html
Modified: websites/production/camel/content/cache/main.pageCache
==============================================================================
Binary files - no diff available.
Modified: websites/production/camel/content/netty-http.html
==============================================================================
--- websites/production/camel/content/netty-http.html (original)
+++ websites/production/camel/content/netty-http.html Tue Jul 16 14:18:37 2013
@@ -126,7 +126,13 @@ netty-http:http://localhost:8080[?option
Notice that some options from <a shape="rect" href="netty.html"
title="Netty">Netty</a> is not applicable when using this <a shape="rect"
href="netty-http.html" title="Netty HTTP">Netty HTTP</a> component, such as
options related to UDP transport.</td></tr></table></div>
<div class="confluenceTableSmall"><div class="table-wrap">
-<table class="confluenceTable"><tbody><tr><th colspan="1" rowspan="1"
class="confluenceTh"> Name </th><th colspan="1" rowspan="1"
class="confluenceTh"> Default Value </th><th colspan="1" rowspan="1"
class="confluenceTh"> Description </th></tr><tr><td colspan="1" rowspan="1"
class="confluenceTd"> <tt>chunked</tt> </td><td colspan="1" rowspan="1"
class="confluenceTd"> <tt>true</tt> </td><td colspan="1" rowspan="1"
class="confluenceTd"> Allow using chunked transfer if the client supports it
from the HTTP headers. </td></tr><tr><td colspan="1" rowspan="1"
class="confluenceTd"> <tt>compression</tt> </td><td colspan="1" rowspan="1"
class="confluenceTd"> <tt>false</tt> </td><td colspan="1" rowspan="1"
class="confluenceTd"> Allow using gzip/deflate for compression if the client
supports it from the HTTP headers. </td></tr><tr><td colspan="1" rowspan="1"
class="confluenceTd"> <tt>headerFilterStrategy</tt> </td><td colspan="1"
rowspan="1" class="confluenceTd"> </td><td colspan="1" rowspa
n="1" class="confluenceTd"> To use a custom
<tt>org.apache.camel.spi.HeaderFilterStrategy</tt> to filter headers.
</td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd">
<tt>httpMethodRestrict</tt> </td><td colspan="1" rowspan="1"
class="confluenceTd"> </td><td colspan="1" rowspan="1"
class="confluenceTd"> To disable HTTP methods on the Netty HTTP consumer. You
can specify multiple separated by comma. </td></tr><tr><td colspan="1"
rowspan="1" class="confluenceTd"> <tt>mapHeaders</tt> </td><td colspan="1"
rowspan="1" class="confluenceTd"> <tt>true</tt> </td><td colspan="1"
rowspan="1" class="confluenceTd"> If this option is enabled, then during
binding from Netty to Camel <a shape="rect" href="message.html"
title="Message">Message</a> then the headers will be mapped as well (eg added
as header to the Camel <a shape="rect" href="message.html"
title="Message">Message</a> as well). You can turn off this option to disable
this. The headers can still be accessed from the <tt
>org.apache.camel.component.netty.http.NettyHttpMessage</tt> message with the
>method <tt>getHttpRequest()</tt> that returns the Netty HTTP request
><tt>org.jboss.netty.handler.codec.http.HttpRequest</tt> instance.
></td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd">
><tt>matchOnUriPrefix</tt> </td><td colspan="1" rowspan="1"
>class="confluenceTd"> <tt>false</tt> </td><td colspan="1" rowspan="1"
>class="confluenceTd"> Whether or not Camel should try to find a target
>consumer by matching the URI prefix if no exact match is found. See further
>below for more details. </td></tr><tr><td colspan="1" rowspan="1"
>class="confluenceTd"> <tt>nettyHttpBinding</tt> </td><td colspan="1"
>rowspan="1" class="confluenceTd"> </td><td colspan="1" rowspan="1"
>class="confluenceTd"> To use a custom
><tt>org.apache.camel.component.netty.http.NettyHttpBinding</tt> for binding
>to/from Netty and Camel Message API. </td></tr><tr><td colspan="1"
>rowspan="1" class="confluenceTd"> <tt>bridgeEndpoint</tt
> </td><td colspan="1" rowspan="1" class="confluenceTd"> <tt>false</tt>
> </td><td colspan="1" rowspan="1" class="confluenceTd"> If the option is
> <tt>true</tt>, the producer will ignore the <tt>Exchange.HTTP_URI</tt>
> header, and use the endpoint's URI for request. You may also set the
> <tt>throwExceptionOnFailure</tt> to be <tt>false</tt> to let the producer
> send all the fault response back. </td></tr><tr><td colspan="1" rowspan="1"
> class="confluenceTd"> <tt>throwExceptionOnFailure</tt> </td><td colspan="1"
> rowspan="1" class="confluenceTd"> <tt>true</tt> </td><td colspan="1"
> rowspan="1" class="confluenceTd"> Option to disable throwing the
> <tt>HttpOperationFailedException</tt> in case of failed responses from the
> remote server. This allows you to get all responses regardles of the HTTP
> status code. </td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd">
> <tt>traceEnabled</tt> </td><td colspan="1" rowspan="1" class="confluenceTd">
> <tt>false</tt> </td><td colspan="1" rowspan="1" cl
ass="confluenceTd"> Specifies whether to enable HTTP TRACE for this Netty HTTP
consumer. By default TRACE is turned off. </td></tr><tr><td colspan="1"
rowspan="1" class="confluenceTd"> <tt>transferException</tt> </td><td
colspan="1" rowspan="1" class="confluenceTd"> <tt>false</tt> </td><td
colspan="1" rowspan="1" class="confluenceTd"> If enabled and an <a shape="rect"
href="exchange.html" title="Exchange">Exchange</a> failed processing on the
consumer side, and if the caused Exception was send back serialized in the
response as a <tt>application/x-java-serialized-object</tt> content type. On
the producer side the exception will be deserialized and thrown as is, instead
of the <tt>HttpOperationFailedException</tt>. The caused exception is required
to be serialized. </td></tr><tr><td colspan="1" rowspan="1"
class="confluenceTd"> <tt>urlDecodeHeaders</tt> </td><td colspan="1"
rowspan="1" class="confluenceTd"> <tt>true</tt> </td><td colspan="1"
rowspan="1" class="confluenceTd"> If this
option is enabled, then during binding from Netty to Camel <a shape="rect"
href="message.html" title="Message">Message</a> then the header values will be
URL decoded (eg %20 will be a space character. Notice this option is used by
the default <tt>org.apache.camel.component.netty.http.NettyHttpBinding</tt> and
therefore if you implement a custom
<tt>org.apache.camel.component.netty.http.NettyHttpBinding</tt> then you would
need to decode the headers accordingly to this option. </td></tr><tr><td
colspan="1" rowspan="1" class="confluenceTd"> <tt>nettySharedHttpServer</tt>
</td><td colspan="1" rowspan="1" class="confluenceTd"> <tt>null</tt> </td><td
colspan="1" rowspan="1" class="confluenceTd"> To use a shared <a shape="rect"
href="netty-http.html" title="Netty HTTP">Netty HTTP</a> server. See <a
shape="rect" href="netty-http-server-example.html" title="Netty HTTP Server
Example">Netty HTTP Server Example</a> for more details. </td></tr><tr><td
colspan="1" rowspan="1" class="confluenceT
d"> <tt>disableStreamCache</tt> </td><td colspan="1" rowspan="1"
class="confluenceTd"> <tt>false</tt> </td><td colspan="1" rowspan="1"
class="confluenceTd"> Determines whether or not the raw input stream from Netty
<tt>HttpRequest#getContent()</tt> is cached or not (Camel will read the stream
into a in light-weight memory based Stream caching) cache. By default Camel
will cache the Netty input stream to support reading it multiple times to
ensure it Camel can retrieve all data from the stream. However you can set this
option to <tt>true</tt> when you for example need to access the raw stream,
such as streaming it directly to a file or other persistent store. Mind that if
you enable this option, then you cannot read the Netty stream multiple times
out of the box, and you would need manually to reset the reader index on the
Netty raw stream. </td></tr></tbody></table>
+<table class="confluenceTable"><tbody><tr><th colspan="1" rowspan="1"
class="confluenceTh"> Name </th><th colspan="1" rowspan="1"
class="confluenceTh"> Default Value </th><th colspan="1" rowspan="1"
class="confluenceTh"> Description </th></tr><tr><td colspan="1" rowspan="1"
class="confluenceTd"> <tt>chunked</tt> </td><td colspan="1" rowspan="1"
class="confluenceTd"> <tt>true</tt> </td><td colspan="1" rowspan="1"
class="confluenceTd"> Allow using chunked transfer if the client supports it
from the HTTP headers. </td></tr><tr><td colspan="1" rowspan="1"
class="confluenceTd"> <tt>compression</tt> </td><td colspan="1" rowspan="1"
class="confluenceTd"> <tt>false</tt> </td><td colspan="1" rowspan="1"
class="confluenceTd"> Allow using gzip/deflate for compression if the client
supports it from the HTTP headers. </td></tr><tr><td colspan="1" rowspan="1"
class="confluenceTd"> <tt>headerFilterStrategy</tt> </td><td colspan="1"
rowspan="1" class="confluenceTd"> </td><td colspan="1" rowspa
n="1" class="confluenceTd"> To use a custom
<tt>org.apache.camel.spi.HeaderFilterStrategy</tt> to filter headers.
</td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd">
<tt>httpMethodRestrict</tt> </td><td colspan="1" rowspan="1"
class="confluenceTd"> </td><td colspan="1" rowspan="1"
class="confluenceTd"> To disable HTTP methods on the Netty HTTP consumer. You
can specify multiple separated by comma. </td></tr><tr><td colspan="1"
rowspan="1" class="confluenceTd"> <tt>mapHeaders</tt> </td><td colspan="1"
rowspan="1" class="confluenceTd"> <tt>true</tt> </td><td colspan="1"
rowspan="1" class="confluenceTd"> If this option is enabled, then during
binding from Netty to Camel <a shape="rect" href="message.html"
title="Message">Message</a> then the headers will be mapped as well (eg added
as header to the Camel <a shape="rect" href="message.html"
title="Message">Message</a> as well). You can turn off this option to disable
this. The headers can still be accessed from the <tt
>org.apache.camel.component.netty.http.NettyHttpMessage</tt> message with the
>method <tt>getHttpRequest()</tt> that returns the Netty HTTP request
><tt>org.jboss.netty.handler.codec.http.HttpRequest</tt> instance.
></td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd">
><tt>matchOnUriPrefix</tt> </td><td colspan="1" rowspan="1"
>class="confluenceTd"> <tt>false</tt> </td><td colspan="1" rowspan="1"
>class="confluenceTd"> Whether or not Camel should try to find a target
>consumer by matching the URI prefix if no exact match is found. See further
>below for more details. </td></tr><tr><td colspan="1" rowspan="1"
>class="confluenceTd"> <tt>nettyHttpBinding</tt> </td><td colspan="1"
>rowspan="1" class="confluenceTd"> </td><td colspan="1" rowspan="1"
>class="confluenceTd"> To use a custom
><tt>org.apache.camel.component.netty.http.NettyHttpBinding</tt> for binding
>to/from Netty and Camel Message API. </td></tr><tr><td colspan="1"
>rowspan="1" class="confluenceTd"> <tt>bridgeEndpoint</tt
> </td><td colspan="1" rowspan="1" class="confluenceTd"> <tt>false</tt>
> </td><td colspan="1" rowspan="1" class="confluenceTd"> If the option is
> <tt>true</tt>, the producer will ignore the <tt>Exchange.HTTP_URI</tt>
> header, and use the endpoint's URI for request. You may also set the
> <tt>throwExceptionOnFailure</tt> to be <tt>false</tt> to let the producer
> send all the fault response back. </td></tr><tr><td colspan="1" rowspan="1"
> class="confluenceTd"> <tt>throwExceptionOnFailure</tt> </td><td colspan="1"
> rowspan="1" class="confluenceTd"> <tt>true</tt> </td><td colspan="1"
> rowspan="1" class="confluenceTd"> Option to disable throwing the
> <tt>HttpOperationFailedException</tt> in case of failed responses from the
> remote server. This allows you to get all responses regardles of the HTTP
> status code. </td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd">
> <tt>traceEnabled</tt> </td><td colspan="1" rowspan="1" class="confluenceTd">
> <tt>false</tt> </td><td colspan="1" rowspan="1" cl
ass="confluenceTd"> Specifies whether to enable HTTP TRACE for this Netty HTTP
consumer. By default TRACE is turned off. </td></tr><tr><td colspan="1"
rowspan="1" class="confluenceTd"> <tt>transferException</tt> </td><td
colspan="1" rowspan="1" class="confluenceTd"> <tt>false</tt> </td><td
colspan="1" rowspan="1" class="confluenceTd"> If enabled and an <a shape="rect"
href="exchange.html" title="Exchange">Exchange</a> failed processing on the
consumer side, and if the caused Exception was send back serialized in the
response as a <tt>application/x-java-serialized-object</tt> content type. On
the producer side the exception will be deserialized and thrown as is, instead
of the <tt>HttpOperationFailedException</tt>. The caused exception is required
to be serialized. </td></tr><tr><td colspan="1" rowspan="1"
class="confluenceTd"> <tt>urlDecodeHeaders</tt> </td><td colspan="1"
rowspan="1" class="confluenceTd"> <tt>true</tt> </td><td colspan="1"
rowspan="1" class="confluenceTd"> If this
option is enabled, then during binding from Netty to Camel <a shape="rect"
href="message.html" title="Message">Message</a> then the header values will be
URL decoded (eg %20 will be a space character. Notice this option is used by
the default <tt>org.apache.camel.component.netty.http.NettyHttpBinding</tt> and
therefore if you implement a custom
<tt>org.apache.camel.component.netty.http.NettyHttpBinding</tt> then you would
need to decode the headers accordingly to this option. </td></tr><tr><td
colspan="1" rowspan="1" class="confluenceTd"> <tt>nettySharedHttpServer</tt>
</td><td colspan="1" rowspan="1" class="confluenceTd"> <tt>null</tt> </td><td
colspan="1" rowspan="1" class="confluenceTd"> To use a shared <a shape="rect"
href="netty-http.html" title="Netty HTTP">Netty HTTP</a> server. See <a
shape="rect" href="netty-http-server-example.html" title="Netty HTTP Server
Example">Netty HTTP Server Example</a> for more details. </td></tr><tr><td
colspan="1" rowspan="1" class="confluenceT
d"> <tt>disableStreamCache</tt> </td><td colspan="1" rowspan="1"
class="confluenceTd"> <tt>false</tt> </td><td colspan="1" rowspan="1"
class="confluenceTd"> Determines whether or not the raw input stream from Netty
<tt>HttpRequest#getContent()</tt> is cached or not (Camel will read the stream
into a in light-weight memory based Stream caching) cache. By default Camel
will cache the Netty input stream to support reading it multiple times to
ensure it Camel can retrieve all data from the stream. However you can set this
option to <tt>true</tt> when you for example need to access the raw stream,
such as streaming it directly to a file or other persistent store. Mind that if
you enable this option, then you cannot read the Netty stream multiple times
out of the box, and you would need manually to reset the reader index on the
Netty raw stream. </td></tr><tr><td colspan="1" rowspan="1"
class="confluenceTd"> <tt>securityConfiguration</tt> </td><td colspan="1"
rowspan="1" class="confluence
Td"> <tt>null</tt> </td><td colspan="1" rowspan="1" class="confluenceTd">
<b>Consumer only</b>. Refers to a
<tt>org.apache.camel.component.netty.http.NettyHttpSecurityConfiguration</tt>
for configuring secure web resources. </td></tr></tbody></table>
+</div>
+</div>
+
+<p>The <tt>NettyHttpSecurityConfiguration</tt> has the following options:</p>
+<div class="confluenceTableSmall"><div class="table-wrap">
+<table class="confluenceTable"><tbody><tr><th colspan="1" rowspan="1"
class="confluenceTh"> Name </th><th colspan="1" rowspan="1"
class="confluenceTh"> Default Value </th><th colspan="1" rowspan="1"
class="confluenceTh"> Description </th></tr><tr><td colspan="1" rowspan="1"
class="confluenceTd"> <tt>authenticate</tt> </td><td colspan="1" rowspan="1"
class="confluenceTd"> <tt>true</tt> </td><td colspan="1" rowspan="1"
class="confluenceTd"> Whether authentication is enabled. Can be used to quickly
turn this off. </td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd">
<tt>constraint</tt> </td><td colspan="1" rowspan="1" class="confluenceTd">
<tt>Basic</tt> </td><td colspan="1" rowspan="1" class="confluenceTd"> The
constraint supported. Currently only <tt>Basic</tt> is implemented and
supported. </td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd">
<tt>realm</tt> </td><td colspan="1" rowspan="1" class="confluenceTd">
<tt>null</tt> </td><td colspan="1" rowspan="1" class
="confluenceTd"> The name of the JAAS security realm. This option is
mandatory. </td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd">
<tt>securityConstraint</tt> </td><td colspan="1" rowspan="1"
class="confluenceTd"> <tt>null</tt> </td><td colspan="1" rowspan="1"
class="confluenceTd"> Allows to plugin a security constraint mapper where you
can define ACL to web resources. </td></tr><tr><td colspan="1" rowspan="1"
class="confluenceTd"> <tt>securityAuthenticator</tt> </td><td colspan="1"
rowspan="1" class="confluenceTd"> <tt>null</tt> </td><td colspan="1"
rowspan="1" class="confluenceTd"> Allows to plugin a authenticator that
performs the authentication. If none has been configured then the
<tt>org.apache.camel.component.netty.http.JAASSecurityAuthenticator</tt> is
used by default. </td></tr><tr><td colspan="1" rowspan="1"
class="confluenceTd"> <tt>loginDeniedLoggingLevel</tt> </td><td colspan="1"
rowspan="1" class="confluenceTd"> <tt>DEBUG</tt> </td><td colspan="1" rowspan=
"1" class="confluenceTd"> Logging level used when a login attempt failed,
which allows to see more details why the login failed. </td></tr><tr><td
colspan="1" rowspan="1" class="confluenceTd"> <tt>roleClassName</tt> </td><td
colspan="1" rowspan="1" class="confluenceTd"> <tt>null</tt> </td><td
colspan="1" rowspan="1" class="confluenceTd"> To specify FQN class names of
<tt>Principal</tt> implementations that contains user roles. If none has been
specified, then the <a shape="rect" href="netty-http.html" title="Netty
HTTP">Netty HTTP</a> component will by default assume a <tt>Principal</tt> is
role based if its FQN classname has the lower-case word <tt>role</tt> in its
classname. You can specify multiple class names separated by comma.
</td></tr></tbody></table>
</div>
</div>
@@ -282,6 +288,64 @@ from("netty-http:http://0.0.0.0:{{port}}
<p>See the <a shape="rect" href="netty-http-server-example.html" title="Netty
HTTP Server Example">Netty HTTP Server Example</a> for more details and example
how to do that.</p>
+<h3><a shape="rect" name="NettyHTTP-UsingHTTPBasicAuthentication"></a>Using
HTTP Basic Authentication</h3>
+
+<p>The <a shape="rect" href="netty-http.html" title="Netty HTTP">Netty
HTTP</a> consumer supports HTTP basic authentication by specifying the security
realm name to use, as shown below</p>
+<div class="code panel" style="border-width: 1px;"><div class="codeContent
panelContent">
+<script class="theme: Default; brush: java; gutter: false"
type="syntaxhighlighter"><![CDATA[
+<route>
+ <from
uri="netty-http:http://0.0.0.0:{{port}}/foo?securityConfiguration.realm=karaf"/>
+ ...
+</route>
+]]></script>
+</div></div>
+
+<p>The realm name is mandatory to enable basic authentication. By default the
JAAS based authenticator is used, which will use the realm name specified
(karaf in the example above) and use the JAAS realm and the JAAS
{{LoginModule}}s of this realm for authentication.</p>
+
+<p>End user of Apache Karaf / ServiceMix has a karaf realm out of the box, and
hence why the example above would work out of the box in these containers.</p>
+
+<h4><a shape="rect"
name="NettyHTTP-SpecifyingACLonwebresources"></a>Specifying ACL on web
resources</h4>
+
+<p>The <tt>org.apache.camel.component.netty.http.SecurityConstraint</tt>
allows to define constrains on web resources. And the
<tt>org.apache.camel.component.netty.http.SecurityConstraintMapping</tt> is
provided out of the box, allowing to easily define inclusions and exclusions
with roles.</p>
+
+<p>For example as shown below in the XML DSL, we define the constraint
bean:</p>
+<div class="code panel" style="border-width: 1px;"><div class="codeContent
panelContent">
+<script class="theme: Default; brush: xml; gutter: false"
type="syntaxhighlighter"><![CDATA[
+ <bean id="constraint"
class="org.apache.camel.component.netty.http.SecurityConstraintMapping">
+ <!-- inclusions defines url -> roles restrictions -->
+ <!-- a * should be used for any role accepted (or even no roles) -->
+ <property name="inclusions">
+ <map>
+ <entry key="/foo/*" value="*"/>
+ <entry key="/foo/admin/*" value="admin"/>
+ <entry key="/foo/guest/*" value="admin,guest"/>
+ </map>
+ </property>
+ <!-- exclusions is used to define public urls, which requires no
authentication -->
+ <property name="exclusions">
+ <set>
+ <value>/foo/public/*</value>
+ </set>
+ </property>
+ </bean>
+]]></script>
+</div></div>
+
+<p>The constraint above is define so that</p>
+<ul class="alternate" type="square"><li>access to /foo/* is restricted and any
roles is accepted (also if user has no roles)</li><li>access to /foo/admin/*
requires the admin role</li><li>access to /foo/gues/* requires the admin or
guest role</li><li>access to /foo/public/* is an exclusion which means no
authentication is needed, and is therefore public for everyone without logging
in</li></ul>
+
+
+<p>To use this constraint we just need to refer to the bean id as shown
below:</p>
+<div class="code panel" style="border-width: 1px;"><div class="codeContent
panelContent">
+<script class="theme: Default; brush: xml; gutter: false"
type="syntaxhighlighter"><![CDATA[
+<route>
+ <from
uri="netty-http:http://0.0.0.0:{{port}}/foo?matchOnUriPrefix=true&amp;securityConfiguration.realm=karaf&amp;securityConfiguration.securityConstraint=#constraint"/>
+ ...
+</route>
+]]></script>
+</div></div>
+
+
<h3><a shape="rect" name="NettyHTTP-SeeAlso"></a>See Also</h3>
<ul><li><a shape="rect" href="configuring-camel.html" title="Configuring
Camel">Configuring Camel</a></li><li><a shape="rect" href="component.html"
title="Component">Component</a></li><li><a shape="rect" href="endpoint.html"
title="Endpoint">Endpoint</a></li><li><a shape="rect"
href="getting-started.html" title="Getting Started">Getting
Started</a></li></ul>
