[URGENT] map roles and permissions to use with camel-shiro and ldap
Hello, I am using shiro with camel. I can authenticate an user with activedirectory (ldap) but I am not able to map user groups in roles to user permissions. And camel needs absolutely permissions to work. Here is my config.ini: [main] authcStrategy = org.apache.shiro.authc.pam.FirstSuccessfulStrategy securityManager.authenticator.authenticationStrategy = $authcStrategy activeDirectoryRealm = org.apache.shiro.realm.activedirectory.ActiveDirectoryRealm activeDirectoryRealm.systemUsername=cn=padl,cn=Users,dc=comune,dc=prato,dc=local activeDirectoryRealm.systemPassword=xxx activeDirectoryRealm.url = ldap://172.16.1.98:389 activeDirectoryRealm.groupRolesMap = CN=menu_ufficiomobile_ania,OU=Menu,OU=Gruppi,OU=ComuneDiPrato,DC=comune,DC=prato,DC=local:menu_ufficiomobile_ania securityManager.realms = $activeDirectoryRealm [users] test = test,menu_ufficiomobile_passicarrabili, menu_ufficiomobile_rubati, menu_ufficiomobile_ordinanze, menu_ufficiomobile_ztl, menu_ufficiomobile_cciaa, menu_ufficiomobile_ania, menu_ufficiomobile_anagrafe, menu_ufficiomobile_mctc, menu_ufficiomobile_pra [roles] menu_ufficiomobile_anagrafe = prato:anagrafe menu_ufficiomobile_mctc = prato:mctc menu_ufficiomobile_pra = prato:pra menu_ufficiomobile_ania = prato:ania menu_ufficiomobile_cciaa = prato:cacomm menu_ufficiomobile_ztl = prato:ztl menu_ufficiomobile_ordinanze = prato:ordinanze menu_ufficiomobile_rubati = prato:rubati menu_ufficiomobile_passicarrabili = prato:permessi My security injection code: ShiroSecurityToken shiroSecurityToken = new ShiroSecurityToken(qr.getUserName(), qr.getPassword()); ShiroSecurityTokenInjector shiroSecurityTokenInjector = new ShiroSecurityTokenInjector(shiroSecurityToken, passPhrase); arg0.getIn().setHeader(SHIRO_SECURITY_TOKEN, shiroSecurityTokenInjector.encrypt()); And the routing code that uses permissions: from(seda:interrogaANIA).threads(1) .setHeader(db, constant(Database.ANIA)).policy(aniaS) .to(bean:interrogaANIA?method=interrogaBancaDati) .to(seda:prefilter); Please help me, it is urgent! Thanks, Mario -- View this message in context: http://camel.465427.n5.nabble.com/URGENT-map-roles-and-permissions-to-use-with-camel-shiro-and-ldap-tp5712380.html Sent from the Camel - Users mailing list archive at Nabble.com.
Re: How can Shiro be used with camel to limit access to a route?
2012/4/6, Claus Ibsen-2 [via Camel] ml-node+s465427n5622213...@n5.nabble.com: On Thu, Apr 5, 2012 at 8:54 PM, mgiammarco mgiamma...@gmail.com wrote: Ok I have found the bug: ShiroSecurityTokenInjector creates a bytearray and puts it in the message header. The bytearray do not pass through openwire... Ah crap, yeah JMS spec have limitations on what can be transfered over JMS in JMS properties. We have some notes about this at the Camel JMS wiki page http://camel.apache.org/jms I wonder if we can always safely convert the shiro token as a String representation instead of byte[]? A string is always supported. I dont assume we need to base encode the byte array or something? The token may already be representable out of the box in a String. Maybe you could check a bit on Shiro and see about this about the token? And if possible we could maybe adjust the code in camel-shiro. Ok I was optimist about toString(). To make all things work I do this: from ByteSource get byte[] encode the token to base64 (using apache commons codec) send it to jms decode from base64 new ByteSource( byte[] decoded) put it in the shiro token header Then all works. Mario -- View this message in context: http://camel.465427.n5.nabble.com/How-can-Shiro-be-used-with-camel-to-limit-access-to-a-route-tp5521623p5622341.html Sent from the Camel - Users mailing list archive at Nabble.com.
Re: How can Shiro be used with camel to limit access to a route?
Ok I have found the bug: ShiroSecurityTokenInjector creates a bytearray and puts it in the message header. The bytearray do not pass through openwire... But the bytearray content is a string text with only ascii chars! So I manually put it as an header of string type. -- View this message in context: http://camel.465427.n5.nabble.com/How-can-Shiro-be-used-with-camel-to-limit-access-to-a-route-tp5521623p5621207.html Sent from the Camel - Users mailing list archive at Nabble.com.
Re: RecipientList without aggregation
RubyTuesdayDONO wrote Mario, if you know in advance which beans will be consuming from the endpoint, you could define them statically using Multicast, without the dynamism of Recipient-List. Thank you for your suggestions but the new requirements from my customer implies a dynamic recipient list. Anyway I will look if I can go back to a static list. -- View this message in context: http://camel.465427.n5.nabble.com/RecipientList-without-aggregation-tp5601505p5608600.html Sent from the Camel - Users mailing list archive at Nabble.com.
Re: RecipientList without aggregation
Claus Ibsen-2 wrote Hi Sometimes you can also just use a bean method, and from there use the ProducerTemplate to send your messages wherever you want, and you can send multiple messages to X different endpoints etc. And you don't have to wait for replies as you can send the messages as one-way etc. I have not yet bought the book unfortunately. But looking at your reply it seems different to my situation. I am in the middle of a route, I am not an outside thread that inject messages in an already built route. Do you mean that inside a routed bean ( to(bean:foo) ) I can use producer template? Now my solution is this: the bean put a list of destinations in an header that is then used by recipientlist() -- View this message in context: http://camel.465427.n5.nabble.com/RecipientList-without-aggregation-tp5601505p5608610.html Sent from the Camel - Users mailing list archive at Nabble.com.
RecipientList without aggregation
Hello, I am getting confused because there are so many ways to do this thing. I need that, in my route message X get copied n times to n different beans. I need to choose which beans as recipientlist patterns says. Now I need that each bean is parallel processed. But I do NOT need absolutely messages aggregation. I do NOT need also that faster beans wait for slower beans before sending the result. I need simply that the n messages will go in an output route as fast as possible. I am looking recipientlist, multicast, parallel processing and I am getting confused. I think recipientlist with an header with the list of beans can work but I am not sure. Can you help me? Thanks, Mario -- View this message in context: http://camel.465427.n5.nabble.com/RecipientList-without-aggregation-tp5601505p5601505.html Sent from the Camel - Users mailing list archive at Nabble.com.
Is anyone really using shiro framework with camel?
Hello, I need to do a simple thing with shiro: - users in group foo can travel in route x; - users in group bar can travel in route y; Yes I have read the docs. Yes I feel stupid. No I do not need to now that I can add a .policy statement to my route. I need a real example of the .ini file that implements the security policy above. Thank you very much in advance. Mario PS: the title is due to the fact that if I send a shiro security token via activemq/openwire to a camel route the header disappears. If I use activemq/stomp the header is preserved. It seems very strange to me that no one sends security tokens via openwire... -- View this message in context: http://camel.465427.n5.nabble.com/Is-anyone-really-using-shiro-framework-with-camel-tp5573583p5573583.html Sent from the Camel - Users mailing list archive at Nabble.com.
Re: Embedded Web Console in Tomcat
Hello, 2.9.1 is out and I am not yet able to use web console. I badly need it to debug because jconsole/visualvm are uncomfortable to use. Please tell me if there are any news about this. Thanks, Mario -- View this message in context: http://camel.465427.n5.nabble.com/Embedded-Web-Console-in-Tomcat-tp4894690p5553107.html Sent from the Camel - Users mailing list archive at Nabble.com.
Re: How can Shiro be used with camel to limit access to a route?
Thank but I see I cannot explain myself. The example you show is also shown in the camel apache web site. I cannot understand the syntax of that file expecially: - can the role be linked to an ldap/ad group? - when I am ringo in sec-level1 what does it mean that can I access zone1 readonly? How can it be related to a camel route? I need simpy a message of ringo user with role foo can travel on route x and cannot travel on route y. I really not able to do it. Really. I thank you again for your help and interest. -- View this message in context: http://camel.465427.n5.nabble.com/How-can-Shiro-be-used-with-camel-to-limit-access-to-a-route-tp5521623p5551999.html Sent from the Camel - Users mailing list archive at Nabble.com.
Re: How can Shiro be used with camel to limit access to a route?
Can you please show me the shiro.ini config of your example because it is the most difficult thing to understand for me. -- View this message in context: http://camel.465427.n5.nabble.com/How-can-Shiro-be-used-with-camel-to-limit-access-to-a-route-tp5521623p5548182.html Sent from the Camel - Users mailing list archive at Nabble.com.
Re: How can Shiro be used with camel to limit access to a route?
I have sent a message to the activemq server with shiro token header using the stomp protocol and the header is correctly present in the camel routing of my server. -- View this message in context: http://camel.465427.n5.nabble.com/How-can-Shiro-be-used-with-camel-to-limit-access-to-a-route-tp5521623p5548185.html Sent from the Camel - Users mailing list archive at Nabble.com.
Re: How can Shiro be used with camel to limit access to a route?
Hi, I have already looked at shirosecurityinjector source code to find the name of the header it adds to the message. Here it is: public ByteSource encrypt() throws Exception { ByteArrayOutputStream stream = new ByteArrayOutputStream(); ObjectOutput serialStream = new ObjectOutputStream(stream); serialStream.writeObject(securityToken); ByteSource byteSource = cipherService.encrypt(stream.toByteArray(), passPhrase); serialStream.close(); stream.close(); return byteSource; } In effects it returns a ByteSource and not a String, but if I log the message the token is clearly a String, probably because it is called ByteSource toString(). Anyway I do some other tests and then I file a bug. Thanks, Mario -- View this message in context: http://camel.465427.n5.nabble.com/How-can-Shiro-be-used-with-camel-to-limit-access-to-a-route-tp5521623p5528299.html Sent from the Camel - Users mailing list archive at Nabble.com.
Re: How can Shiro be used with camel to limit access to a route?
First thanks for your replies. Infact I have read documentation but now I go deeper in detail to see if I understand well. Imagine that I have five destinations where I send my message with multicast(). Now before each destination I put a policy(). But I have five authorization groups (one for each destination). If a principal is in group X can access to destination X. So have I to build five differents shiroconfiguration.ini and five different policy objects to put in the five policy() dsl commands? It seems not pratical to me, but perhaps I am wrong. -- View this message in context: http://camel.465427.n5.nabble.com/How-can-Shiro-be-used-with-camel-to-limit-access-to-a-route-tp5521623p5525938.html Sent from the Camel - Users mailing list archive at Nabble.com.
Re: How can Shiro be used with camel to limit access to a route?
I add another problem, probably more serious. In my client I insert a shiro security token with process(). I can see in the log of the headers of the message: SHIRO_SECURITY_TOKEN and the string with username and password encoded. Unfortunately when I send it via activemq to the server/broker I log it and the header with SHIRO_SECURITY_TOKEN has disappeared. Can you help me? Thanks, Mario -- View this message in context: http://camel.465427.n5.nabble.com/How-can-Shiro-be-used-with-camel-to-limit-access-to-a-route-tp5521623p5526199.html Sent from the Camel - Users mailing list archive at Nabble.com.
How can Shiro be used with camel to limit access to a route?
Hello, I am reading several times shiro documentation and camel docs, but I do not understand a thing. The problem I have seems simple: I need that a message is processed by a component if the authenticated user is in a specified group. So I setup shiro, is use .policy() in my dsl but what do I put in shiro configuration to do the thing above? Thanks, Mario -- View this message in context: http://camel.465427.n5.nabble.com/How-can-Shiro-be-used-with-camel-to-limit-access-to-a-route-tp5521623p5521623.html Sent from the Camel - Users mailing list archive at Nabble.com.
Re: Single request with multiple replies over TCP
I have the same problem. I send a message and I expect several ASYNC replies. Unfortunately I get only ONE reply using either an activemq client with camel and a java stomp client. -- View this message in context: http://camel.465427.n5.nabble.com/Single-request-with-multiple-replies-over-TCP-tp5022206p5155849.html Sent from the Camel - Users mailing list archive at Nabble.com.
Re: Xstream marshals to byte array and not String
Ok I have tried but unfortunately reply is missing. Conversion to String works: [ #1 - JmsConsumer[queryServer]] pratobackend INFO Exchange[ExchangePattern:InOut, Headers:{JMSCorrelationID=null, breadcrumbId=ID:virtual1.mariosoft.mio-54532-1326218763414-4:1:-1:1:1, JMSPriority=4, JMSMessageID=ID:virtual1.mariosoft.mio-54532-1326218763414-4:1:-1:1:1, JMSDeliveryMode=1, JMSReplyTo=queue:///queue/test, JMSRedelivered=false, JMSTimestamp=1326218785346, JMSXGroupID=null, JMSDestination=queue://queryServer, JMSType=null, JMSExpiration=0}, BodyType:String, Body:?xml version=1.0 ?it.giammar.pratomodel.QueryRequestautomaticfalse/automaticquerystomp stomp/query/it.giammar.pratomodel.QueryRequest] [ #1 - JmsConsumer[queryServer]] pratobackend INFO Exchange[ExchangePattern:InOut, Headers:{JMSDestination=queue://queryServer, JMSXGroupID=null, JMSExpiration=0, JMSPriority=4, JMSCorrelationID=null, JMSDeliveryMode=1, JMSType=null, breadcrumbId=ID:virtual1.mariosoft.mio-54532-1326218763414-4:1:-1:1:1, JMSReplyTo=queue:///queue/test, JMSMessageID=ID:virtual1.mariosoft.mio-54532-1326218763414-4:1:-1:1:1, JMSRedelivered=false, JMSTimestamp=1326218785346}, BodyType:it.giammar.pratomodel.QueryRequest, Body:QueryRequest [automatic=false, query=stomp stomp]] [ #1 - JmsConsumer[queryServer]] Saluta INFO sono in sayhello [ #1 - JmsConsumer[queryServer]] pratobackend INFO Exchange[ExchangePattern:InOut, Headers:{JMSXGroupID=null, JMSTimestamp=1326218785346, breadcrumbId=ID:virtual1.mariosoft.mio-54532-1326218763414-4:1:-1:1:1, JMSPriority=4, JMSMessageID=ID:virtual1.mariosoft.mio-54532-1326218763414-4:1:-1:1:1, JMSExpiration=0, JMSReplyTo=queue:///queue/test, JMSDestination=queue://queryServer, JMSType=null, JMSCorrelationID=null, JMSDeliveryMode=1, JMSRedelivered=false}, BodyType:it.giammar.pratomodel.QueryRequest, Body:QueryRequest [automatic=true, query=stomp stomp]] [ #1 - JmsConsumer[queryServer]] pratobackend INFO Exchange[ExchangePattern:InOut, Headers:{JMSDeliveryMode=1, JMSReplyTo=queue:///queue/test, JMSMessageID=ID:virtual1.mariosoft.mio-54532-1326218763414-4:1:-1:1:1, breadcrumbId=ID:virtual1.mariosoft.mio-54532-1326218763414-4:1:-1:1:1, JMSDestination=queue://queryServer, JMSTimestamp=1326218785346, JMSPriority=4, JMSCorrelationID=null, JMSExpiration=0, JMSRedelivered=false, JMSType=null, JMSXGroupID=null}, BodyType:byte[], Body:?xml version='1.0' encoding='UTF-8'?it.giammar.pratomodel.QueryRequestautomatictrue/automaticquerystomp stomp/query/it.giammar.pratomodel.QueryRequest] [ #1 - JmsConsumer[queryServer]] pratobackend INFO Exchange[ExchangePattern:InOut, Headers:{JMSMessageID=ID:virtual1.mariosoft.mio-54532-1326218763414-4:1:-1:1:1, JMSCorrelationID=null, JMSType=null, JMSDestination=queue://queryServer, breadcrumbId=ID:virtual1.mariosoft.mio-54532-1326218763414-4:1:-1:1:1, JMSExpiration=0, JMSPriority=4, JMSTimestamp=1326218785346, JMSReplyTo=queue:///queue/test, JMSXGroupID=null, JMSRedelivered=false, JMSDeliveryMode=1}, BodyType:String, Body:?xml version='1.0' encoding='UTF-8'?it.giammar.pratomodel.QueryRequestautomatictrue/automaticquerystomp stomp/query/it.giammar.pratomodel.QueryRequest] -- View this message in context: http://camel.465427.n5.nabble.com/Xstream-marshals-to-byte-array-and-not-String-tp5129211p5134795.html Sent from the Camel - Users mailing list archive at Nabble.com.
Re: Xstream marshals to byte array and not String
I mean does the request reply continue to work if the last step of the route is not a .to() but a .xstream() ? It seems not for me -- View this message in context: http://camel.465427.n5.nabble.com/Xstream-marshals-to-byte-array-and-not-String-tp5129211p5131281.html Sent from the Camel - Users mailing list archive at Nabble.com.
Re: Xstream marshals to byte array and not String
Nobody can help me? Why after I put xstream marshal/unmarshal request-reply has stopped working? 2012/1/9 mgiammarco [via Camel] ml-node+s465427n513128...@n5.nabble.com I mean does the request reply continue to work if the last step of the route is not a .to() but a .xstream() ? It seems not for me -- If you reply to this email, your message will be added to the discussion below: http://camel.465427.n5.nabble.com/Xstream-marshals-to-byte-array-and-not-String-tp5129211p5131281.html To unsubscribe from Xstream marshals to byte array and not String, click herehttp://camel.465427.n5.nabble.com/template/NamlServlet.jtp?macro=unsubscribe_by_codenode=5129211code=bWdpYW1tYXJjb0BnbWFpbC5jb218NTEyOTIxMXwtMTIyMTI5ODI4 . NAMLhttp://camel.465427.n5.nabble.com/template/NamlServlet.jtp?macro=macro_viewerid=instant_html%21nabble%3Aemail.namlbase=nabble.naml.namespaces.BasicNamespace-nabble.view.web.template.NabbleNamespace-nabble.view.web.template.InstantMailNamespacebreadcrumbs=instant+emails%21nabble%3Aemail.naml-instant_emails%21nabble%3Aemail.naml-send_instant_email%21nabble%3Aemail.naml -- View this message in context: http://camel.465427.n5.nabble.com/Xstream-marshals-to-byte-array-and-not-String-tp5129211p5132699.html Sent from the Camel - Users mailing list archive at Nabble.com.
Xstream marshals to byte array and not String
Hello, I am using a stomp client (that usese only Strings) to send a bean to Camel using ActiveMQ. It marshal the message to a String using xstream. Camel receives it as String, it unmarshals (using xstream) it as the correct Java Bean. Camel process (it is a request-reply queue) and at the end I marshal it again. Unfortunately stomp client cannot process the message because xstream in Camel produce a byte[] array and not a String as output. Why? how can I force it to use a String? Thanks, Mario -- View this message in context: http://camel.465427.n5.nabble.com/Xstream-marshals-to-byte-array-and-not-String-tp5129211p5129211.html Sent from the Camel - Users mailing list archive at Nabble.com.
Re: Embedded Web Console in Tomcat
Hello, any news about this? I have the same problem: I need web console under tomcat. Is there any workaround? Can I deploy the console in a separate war? Thanks, Mario -- View this message in context: http://camel.465427.n5.nabble.com/Embedded-Web-Console-in-Tomcat-tp4894690p5129233.html Sent from the Camel - Users mailing list archive at Nabble.com.
Re: Xstream marshals to byte array and not String
Thanks I have tried your workaround and it does the conversion. Unfortunately something worse is happening: with this route and a String input my stomp client receives a reply: from(activemq:queryServer?exchangePattern=InOut) .setExchangePattern(ExchangePattern.InOut) .to(log:it.giammar.pratobackend?showHeaders=true).unmarshal() .to(bean:saluta) .to(log:it.giammar.pratobackend?showHeaders=true); With the route that I have posted in other reply (I do not repeat here) and your conversion in String the stomp client does not receive anything. Unfortunately I am not able to launch a web console to debug camel queues so I do not understand what is happening. The stomp protocol trace shows nothing. -- View this message in context: http://camel.465427.n5.nabble.com/Xstream-marshals-to-byte-array-and-not-String-tp5129211p5129953.html Sent from the Camel - Users mailing list archive at Nabble.com.
My context has no createProducerTemplate
Hello, I am trying a really simple example from camel web site. The example creates a CamelContext and then it does context.createProducerTemplate(); Unfortunately the code does not compile because context has no such method. I am getting crazy, please help me! Mario -- View this message in context: http://camel.465427.n5.nabble.com/My-context-has-no-createProducerTemplate-tp5123705p5123705.html Sent from the Camel - Users mailing list archive at Nabble.com.
Re: My context has no createProducerTemplate
https://svn.apache.org/repos/asf/camel/trunk/examples/camel-example-jms-file/src/main/java/org/apache/camel/example/jmstofile/CamelJmsToFileExample.java It is explained in: http://camel.apache.org/walk-through-an-example.html I have tried it with camel 2.9.0 and 2.8.3 just to be sure. The code not compile the method is not there is simple. 2012/1/5 Christian Mueller [via Camel] ml-node+s465427n5124034...@n5.nabble.com Hey Mario, if you want some help from us, you have to provide some important information. Please check out [1]. Which example do you mean? Which version of Camel do you use? Can you share your code with us? [1] http://camel.apache.org/support.html Best, Christian On Thu, Jan 5, 2012 at 9:08 PM, mgiammarco [hidden email]http://user/SendEmail.jtp?type=nodenode=5124034i=0 wrote: Hello, I am trying a really simple example from camel web site. The example creates a CamelContext and then it does context.createProducerTemplate(); Unfortunately the code does not compile because context has no such method. I am getting crazy, please help me! Mario -- View this message in context: http://camel.465427.n5.nabble.com/My-context-has-no-createProducerTemplate-tp5123705p5123705.html Sent from the Camel - Users mailing list archive at Nabble.com. -- If you reply to this email, your message will be added to the discussion below: http://camel.465427.n5.nabble.com/My-context-has-no-createProducerTemplate-tp5123705p5124034.html To unsubscribe from My context has no createProducerTemplate, click herehttp://camel.465427.n5.nabble.com/template/NamlServlet.jtp?macro=unsubscribe_by_codenode=5123705code=bWdpYW1tYXJjb0BnbWFpbC5jb218NTEyMzcwNXwtMTIyMTI5ODI4 . NAMLhttp://camel.465427.n5.nabble.com/template/NamlServlet.jtp?macro=macro_viewerid=instant_html%21nabble%3Aemail.namlbase=nabble.naml.namespaces.BasicNamespace-nabble.view.web.template.NabbleNamespace-nabble.view.web.template.InstantMailNamespacebreadcrumbs=instant+emails%21nabble%3Aemail.naml-instant_emails%21nabble%3Aemail.naml-send_instant_email%21nabble%3Aemail.naml -- View this message in context: http://camel.465427.n5.nabble.com/My-context-has-no-createProducerTemplate-tp5123705p5124238.html Sent from the Camel - Users mailing list archive at Nabble.com.
Re: Embedded web console
Same thing for me! And I tried also to deploy projects created with maven archetype webconsole without luck. -- View this message in context: http://camel.465427.n5.nabble.com/Embedded-web-console-tp478885p5119175.html Sent from the Camel - Users mailing list archive at Nabble.com.
Re: Please explain better in-out
Ok probably I have explained myself wrong. I need that camel consumes messages from the outside. I am testing it with: from(activemq:queryServer?exchangePattern=InOut) .to(log:it.giammar.pratobackend?showHeaders=true) .to(bean:saluta); But if I do not add another .to(activemq:myReplyQueue); nothing comes back. -- View this message in context: http://camel.465427.n5.nabble.com/Please-explain-better-in-out-tp5106204p5121209.html Sent from the Camel - Users mailing list archive at Nabble.com.
Create temp queue with stomp to send messages to camel
Hello, I have an activemq queue. I need to send messages to it with stomp. I have tried gozirra and activemq stomp client libs. I would like to receive a reply to my message so I try to put in replyto /temp-queue/ to create a temporary queue but I fail. What can I do? Thanks, Mario -- View this message in context: http://camel.465427.n5.nabble.com/Create-temp-queue-with-stomp-to-send-messages-to-camel-tp5121218p5121218.html Sent from the Camel - Users mailing list archive at Nabble.com.
Re: Embedded web console
I have tried camel-archetype-web and camel-archetype-webconsole (it seems newer) but I am not able to see the console. In my project too I cannot see console... -- View this message in context: http://camel.465427.n5.nabble.com/Embedded-web-console-tp478885p5117887.html Sent from the Camel - Users mailing list archive at Nabble.com.
Re: Message level authentication
Thanks for reply in the first day of the year (and BUON ANNO!). I will consider this thing but I am worried about two things: - security: can one client steal messages from others? - automation: it seems to me that it is a manual way. Is there an official way to do it? For example to put a token/nonce/principal from value from spring security (or oauth) in the header of the message? I have supposed that mine was a common problem. Thanks again, Mario -- View this message in context: http://camel.465427.n5.nabble.com/Message-level-authentication-tp5112517p5113046.html Sent from the Camel - Users mailing list archive at Nabble.com.
Re: Message level authentication
Ok I will discard encryption, too difficult and too much cpu use. I am very interested in temp queues. Are they jms queues or are internal Camel queues? Are they created dinamically following the clients connected? I now go searching documentation because I have not found them before. Thanks, Mario 2012/1/1 Christian Schneider [via Camel] ml-node+s465427n5113105...@n5.nabble.com A selector would allow to only get the messages of the client but it would not prevent a malicious client to do otherwise. So from a security standpoint that does not help. I see two main options here: 1. Use separate reply queues for each client. The easiest way is to just use the default (temp queues). So the clients do not see each other at all 2. Encrypt the reply message with a key only the client knows. e.g. public/private key scheme. Christian Am 01.01.2012 11:45, schrieb Filippo Balicchia: Hello, Why don't use message selector from client point of view ? --Filippo Il 31 dicembre 2011 19:57, mgiammarco[hidden email]http://user/SendEmail.jtp?type=nodenode=5113105i=0 ha scritto: Hello, if I have multiple clients that put messages in a queue managed by Camel AND each client can receive as a reply many messages how can I do it with Camel? I mean suppose that I create an out queue where all replies go. How can I be sure that a client can get ONLY its messages? Does Camel put the Principal (user authenticated) in the header of the message? Is there a standard way that I have not found in the documentation? Thanks in advance for any reply! Mario -- View this message in context: http://camel.465427.n5.nabble.com/Message-level-authentication-tp5112517p5112517.html Sent from the Camel - Users mailing list archive at Nabble.com. -- Christian Schneider http://www.liquid-reality.de Open Source Architect Talend Application Integration Division http://www.talend.com -- If you reply to this email, your message will be added to the discussion below: http://camel.465427.n5.nabble.com/Message-level-authentication-tp5112517p5113105.html To unsubscribe from Message level authentication, click herehttp://camel.465427.n5.nabble.com/template/NamlServlet.jtp?macro=unsubscribe_by_codenode=5112517code=bWdpYW1tYXJjb0BnbWFpbC5jb218NTExMjUxN3wtMTIyMTI5ODI4 . NAMLhttp://camel.465427.n5.nabble.com/template/NamlServlet.jtp?macro=macro_viewerid=instant_html%21nabble%3Aemail.namlbase=nabble.naml.namespaces.BasicNamespace-nabble.view.web.template.NabbleNamespace-nabble.view.web.template.InstantMailNamespacebreadcrumbs=instant+emails%21nabble%3Aemail.naml-instant_emails%21nabble%3Aemail.naml-send_instant_email%21nabble%3Aemail.naml -- View this message in context: http://camel.465427.n5.nabble.com/Message-level-authentication-tp5112517p5113540.html Sent from the Camel - Users mailing list archive at Nabble.com.
Re: Message level authentication
Ok probably I have found the right docs. Now I miss only one piece: how can the external client that does not know about camel find the right jms temporary queue that camel has created for it for receiving more than one reply message? Thanks, Mario 2012/1/1 Mario Giammarco mgiamma...@gmail.com Ok I will discard encryption, too difficult and too much cpu use. I am very interested in temp queues. Are they jms queues or are internal Camel queues? Are they created dinamically following the clients connected? I now go searching documentation because I have not found them before. Thanks, Mario 2012/1/1 Christian Schneider [via Camel] ml-node+s465427n5113105...@n5.nabble.com A selector would allow to only get the messages of the client but it would not prevent a malicious client to do otherwise. So from a security standpoint that does not help. I see two main options here: 1. Use separate reply queues for each client. The easiest way is to just use the default (temp queues). So the clients do not see each other at all 2. Encrypt the reply message with a key only the client knows. e.g. public/private key scheme. Christian Am 01.01.2012 11:45, schrieb Filippo Balicchia: Hello, Why don't use message selector from client point of view ? --Filippo Il 31 dicembre 2011 19:57, mgiammarco[hidden email]http://user/SendEmail.jtp?type=nodenode=5113105i=0 ha scritto: Hello, if I have multiple clients that put messages in a queue managed by Camel AND each client can receive as a reply many messages how can I do it with Camel? I mean suppose that I create an out queue where all replies go. How can I be sure that a client can get ONLY its messages? Does Camel put the Principal (user authenticated) in the header of the message? Is there a standard way that I have not found in the documentation? Thanks in advance for any reply! Mario -- View this message in context: http://camel.465427.n5.nabble.com/Message-level-authentication-tp5112517p5112517.html Sent from the Camel - Users mailing list archive at Nabble.com. -- Christian Schneider http://www.liquid-reality.de Open Source Architect Talend Application Integration Division http://www.talend.com -- If you reply to this email, your message will be added to the discussion below: http://camel.465427.n5.nabble.com/Message-level-authentication-tp5112517p5113105.html To unsubscribe from Message level authentication, click herehttp://camel.465427.n5.nabble.com/template/NamlServlet.jtp?macro=unsubscribe_by_codenode=5112517code=bWdpYW1tYXJjb0BnbWFpbC5jb218NTExMjUxN3wtMTIyMTI5ODI4 . NAMLhttp://camel.465427.n5.nabble.com/template/NamlServlet.jtp?macro=macro_viewerid=instant_html%21nabble%3Aemail.namlbase=nabble.naml.namespaces.BasicNamespace-nabble.view.web.template.NabbleNamespace-nabble.view.web.template.InstantMailNamespacebreadcrumbs=instant+emails%21nabble%3Aemail.naml-instant_emails%21nabble%3Aemail.naml-send_instant_email%21nabble%3Aemail.naml -- View this message in context: http://camel.465427.n5.nabble.com/Message-level-authentication-tp5112517p5113637.html Sent from the Camel - Users mailing list archive at Nabble.com.
Message level authentication
Hello, if I have multiple clients that put messages in a queue managed by Camel AND each client can receive as a reply many messages how can I do it with Camel? I mean suppose that I create an out queue where all replies go. How can I be sure that a client can get ONLY its messages? Does Camel put the Principal (user authenticated) in the header of the message? Is there a standard way that I have not found in the documentation? Thanks in advance for any reply! Mario -- View this message in context: http://camel.465427.n5.nabble.com/Message-level-authentication-tp5112517p5112517.html Sent from the Camel - Users mailing list archive at Nabble.com.
Re: Please explain better in-out
Thanks for reply. So: 1) is in-out only synchronous? 2) does it works even the reply is composed of multiple messages? 3) how does in-out work when an external application puts a message on my queue? Thanks, Mario -- View this message in context: http://camel.465427.n5.nabble.com/Please-explain-better-in-out-tp5106204p5107015.html Sent from the Camel - Users mailing list archive at Nabble.com.
Re: Please explain better in-out
2011/12/29 Willem.Jiang [via Camel] ml-node+s465427n5107178...@n5.nabble.com On Thu Dec 29 15:38:42 2011, mgiammarco wrote: 2) does it works even the reply is composed of multiple messages? If you can aggregate the multiple message into one message. 3) how does in-out work when an external application puts a message on my queue? camel-jms producer will setup a listener which can handle the response message to check the reply queue and it has a replyManager which can map the response message with the request message by looking up the correlation id. When the response message is sent back, the process callback will be invoked to handle the response. Ok I have this problem: clients send to my queue search requests messages. I send each message to several queues representing search engines. Each engine returns several messages as reply. I need to send each reply as soons is ready (cannot put together messages) to the right client. Can I do it? Can the client asks for messages with his correlation id? Thanks again for help. Mario -- View this message in context: http://camel.465427.n5.nabble.com/Please-explain-better-in-out-tp5106204p5107274.html Sent from the Camel - Users mailing list archive at Nabble.com.
NEWBIE: automatic queues creation
A newbie question: when I create a context with jms queues, web services and other things, does Camel creates them or I have to create queues and other things manually (with spring for example)? Thanks, Mario -- View this message in context: http://camel.465427.n5.nabble.com/NEWBIE-automatic-queues-creation-tp5106080p5106080.html Sent from the Camel - Users mailing list archive at Nabble.com.
Please explain better in-out
Hello, Imagine that I have several clients that put messages on a jms queue managed by Camel. Now this queue is connected to a complex route that generates many messages as replies. Now I would like that each client (obviously) receives only its replies. I suppose I have to do it with in-out requests. Or should I use a circular route? In all examples I can see on Camel web site data flows from a queue and ends in another place (e.g. to a file: uri). But I see no example where data goes back to caller. Can you help me? Thanks, Mario -- View this message in context: http://camel.465427.n5.nabble.com/Please-explain-better-in-out-tp5106204p5106204.html Sent from the Camel - Users mailing list archive at Nabble.com.
Re: Camel and portal scraping tools
I am interested too! What approach have you utilized? Thanks, Mario -- View this message in context: http://camel.465427.n5.nabble.com/Camel-and-portal-scraping-tools-tp4461838p5100188.html Sent from the Camel - Users mailing list archive at Nabble.com.
Re: Newbie: is doable this application?
Preben.Asmussen wrote Maybe you could create a Lucene or Solr index from the resources, and then use that for your user search. See http://lucene.apache.org/java/docs/index.html Thank you for suggestion, unfortunately some of this data bases are pay per use so at most I can put a memcache to cache past queries. -- View this message in context: http://camel.465427.n5.nabble.com/Newbie-is-doable-this-application-tp5063252p5075610.html Sent from the Camel - Users mailing list archive at Nabble.com.
Re: Newbie: is doable this application?
First, thanks for your detailed reply! Christian Schneider wrote you could use jms to achieve async behaviour and serialization. - You can limit the number of consumer threads to 1 and also the number of threads for the executor thread pool to 1 to make sure each source only processes one message at a time - after the query you send the result back to a common response queue - the web appplication listens on the response queue and prints each response One problem with this aproch is that you do not know exactly when all responses are there. As long as the number of engines is fixed you can count the responses though. Nice idea: separate frontend from backend and put a queue listener in front of backend. Some questions: - can I use amqp and not jms? - most sources can (and MUST) process more than one message at a time, can I give them more threads? - When I receive last reply I send a message end of data to web application so it knows I have finished. -- View this message in context: http://camel.465427.n5.nabble.com/Newbie-is-doable-this-application-tp5063252p5064221.html Sent from the Camel - Users mailing list archive at Nabble.com.
Newbie: is doable this application?
Hello, I would like to use camel to realize this (apparently) simple web application: - a CONCURRENT MULTIUSER web application with a simple search page like google; - results MUST appears asynchronously as soon as they can; - I need to query several databases (SQL,HTTP,WEBSERVICES,TELNET) concurrently; - The query in one database MUST be serialized. I am worried regarding last point because obviously tomcat for each user will create a new session and I do not know if camel can create a singleton queue to serialize access to the db. Thank you in advance for any help! Mario -- View this message in context: http://camel.465427.n5.nabble.com/Newbie-is-doable-this-application-tp5063252p5063252.html Sent from the Camel - Users mailing list archive at Nabble.com.