[jira] Created: (CAMEL-3750) Provide a common mehanism to facilitate configuration of TLS across Camel components

Thu, 03 Mar 2011 12:36:01 -0800 

Provide a common mehanism to facilitate configuration of TLS across Camel 
components
------------------------------------------------------------------------------------

                 Key: CAMEL-3750
                 URL: https://issues.apache.org/jira/browse/CAMEL-3750
             Project: Camel
          Issue Type: Improvement
          Components: camel-core, camel-http, camel-jetty
            Reporter: David Valeri


CXF provides a nice Spring Namespace handler for configuring TLS options on the 
Jetty transport.  Configuring these options using XML in Spring or through a 
simplified set of utility classes decreases the learning curve for users by 
sheltering them from the horrors of JSSE.

There are a large number of components in Camel that deal with socket 
communication at some level, but they all require users to learn the specific 
low level configuration capabilities of the library on which the component is 
based in order to configure custom TLS options.

It would be convenient if users didn't need to learn the advanced networking 
configuration options for each component.

This enhancement suggests a similar Spring Namespace handler and utility 
classes that allow for simplified configuration of an SSLContext as well as 
adding provisions to some of the Camel components in order to accept this new 
configuration mechanism.  The initial components to support the new 
configuration mechanism are the http, http4, and Jetty components.  Other 
components would follow.

An example usage is below.

Programmatic configuration:

KeyStoreParameters ksp = new KeyStoreParameters();
ksp.setResource(this.getClass().getClassLoader().getResource("jsse/localhost.ks").toString());
ksp.setPassword(pwd);
        
KeyManagersParameters kmp = new KeyManagersParameters();
kmp.setKeyPassword(pwd);
kmp.setKeyStore(ksp);

TrustManagersParameters tmp = new TrustManagersParameters();
tmp.setKeyStore(ksp);
        
SSLContextParameters sslContextParameters = new SSLContextParameters();
sslContextParameters.setKeyManager(kmp);
sslContextParameters.setTrustManager(tmp);

XML Configuration:

<SSLContextParameters secureSocketProtocol="TLS">
  <keyManager
      keyPassword="password">
    <keyStore resource="./localhost.jks" password="password"/>
  </keyManager>
  <secureSocketProtocolsFilter>
    <include>TLS.*</include>
  </secureSocketProtocolsFilter>
</SSLContextParameters>

Usage in a route:

from("jetty:https://localhost:443/hello?sslContextParametersRef=sslContextParameters";).process(proc);



-- 
This message is automatically generated by JIRA.
-
For more information on JIRA, see: http://www.atlassian.com/software/jira

Reply via email to