[ https://issues.apache.org/jira/browse/CAMEL-4441?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13108841#comment-13108841 ]
Rich Newcomb commented on CAMEL-4441: ------------------------------------- Thanks Ashwin! I will update the documentation on the Camel wiki. > Add Namespace Support to XMLSecurity Component > ---------------------------------------------- > > Key: CAMEL-4441 > URL: https://issues.apache.org/jira/browse/CAMEL-4441 > Project: Camel > Issue Type: Improvement > Reporter: Rich Newcomb > Assignee: Ashwin Karpe > Fix For: 2.9.0 > > Attachments: CAMEL-4441-camel-core.patch, CAMEL-4441-camel-jmx.patch, > CAMEL-4441-camel-xmlsecurity.patch, CAMEL-4441-complete-and-final.patch, > CAMEL-4441-parent.patch > > > The camel-xmlsecurity data format does not support namespaces when > identifying specific nodes to be encrypted or decrypted. The data format > will only work for incidental namespace collisions (i.e., when the target XML > document has elements that happen to use the same namespace prefix as that > used in the secureTag element). > The attached patch resolves this issue by allowing a namespace definition > mapping to be included as part of the data format configuration. This > enables true namespace matching, even if the prefix values in the data format > definition and the target xml document are not equivalent strings. > Below is one example of the updated secureXML API in Java : > {code:xml} > final Map<String, String> namespaces = new HashMap<String, String>(); > namespaces.put("cust", "http://cheese.xmlsecurity.camel.apache.org/"); > final KeyStoreParameters tsParameters = new KeyStoreParameters(); > tsParameters.setPassword("password"); > tsParameters.setResource("sender.ts"); > context.addRoutes(new RouteBuilder() { > public void configure() { > from("direct:start") > .marshal().secureXML("//cust:cheesesites/italy", > namespaces, true, "recipient", testCypherAlgorithm, XMLCipher.RSA_v1dot5, > tsParameters).to("mock:encrypted"); > } > } > {code} > The patch also extends natural XML support to Spring XML route definitions by > leveraging the Camel NamespaceAware interface. Thus, a namespace prefix that > is defined as part of the camelContext definition can be re-used in context > within the data format secureTag attribute of the secureXML element. > For example: > {code:xml} > <!-- trust store configuration --> > <camel:keyStoreParameters id="trustStoreParams" resource="./sender.ts" > password="password"/> > <camelContext id="springXmlSecurityDataFormatTestCamelContext" > xmlns="http://camel.apache.org/schema/spring" > xmlns:cheese="http://cheese.xmlsecurity.camel.apache.org/"> > > <route> > <from uri="direct://start"/> > <marshal> > <secureXML > secureTag="//cheese:cheesesites/italy" > secureTagContents="true" > > xmlCipherAlgorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc" > > keyCipherAlgorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5" > recipientKeyAlias="recipient" > keyOrTrustStoreParametersId="trustStoreParams" /> > </marshal> > ... > {code} > Finally, this patch updates the method used to define TrustStore and KeyStore > parameters for asymmetric encryption and decryption. The patch enables the > XmlSecuritiy component to use instances of the > org.apache.camel.util.jsse.KeyStoreParameters class for this purpose. This is > also illustrated in the examples above. The other methods of KeyStore > definition are deprecated by the patch. > Minor and related changes provided by the patch include: > * Fixes an error where unit tests were incorrectly skipped (due to security > engine not initialized) even when the related crypto algorithms are available. > * Adds a Spring Xml route definition example in the unit tests > * Configures the xmlunit version in the parent.pom and updates camel-jmx to > share this configuration -- This message is automatically generated by JIRA. For more information on JIRA, see: http://www.atlassian.com/software/jira