Hi Willem Looks great.
Only think is that I wonder if introducing another schema (spring/security) in Camel. Is it entirely spring-security based? Maybe the schema should be named to reflect this to avoid it being a _general_ security schema for Camel. etc name it (spring/spring-security) if it based 100% on the Spring Security Framework only. I assume if the Exchange is denied then a CamelAuthorizationException is thrown. And this exception is from camel-core? eg org.apache.camel package. Then each different camel security component can create their own sub class of this exception if they need specialized details in their exception. > To support Spring Security framework we can store the authentication instance > of Spring security with Exchange.AUTHENTICATION > as the key into the exchange property, if we want to support other security > framework, we could also store other framework's authentication > information into the exchange . I wonder if we should store this in a Camel standard way? eg have the information stored as some kind of interface which the different security components can adapt and understand? If we want to use the same key for all security components, then I think we need a common type it must be stored as. On Wed, Apr 7, 2010 at 3:25 PM, Willem Jiang <[email protected]> wrote: > Hi, > > I just added a design notes[1] for the Camel Security which shows a rough > design of Camel Security API, which just leverage the Camel Policy API to > delegate the access control to the AuthorizationPolicy. In this way we can > plugin different AuthoriztionPolicy implementation based on different > security framework easily. > > For the authentication, as camel doesn't have any GUI or other interface to > type the user name and password. We just store the authentication instance > into the exchange property and let the camel client to deal with > authentication work. In the feature we could add some authentication support > on the camel-servlet, camel-jetty consumer. > > Any thought? > > [1]http://cwiki.apache.org/confluence/display/CAMEL/Camel+Security > > Willem > -- Claus Ibsen Apache Camel Committer Author of Camel in Action: http://www.manning.com/ibsen/ Open Source Integration: http://fusesource.com Blog: http://davsclaus.blogspot.com/ Twitter: http://twitter.com/davsclaus
