Just thinking: - Security is a service - A component installed inside SM can support a SM specific security contract, in which a security provider implementing this contract can be bound to one or more installed components. This provider can provide authentication, digital signature verification, XML encryption and decryption, integration with LDAP, etc. - A component that has a security provider installed should delegate all security operations to its provider. - A component that has a security provider should provide additional management operations through JMX to secure its lifecycle management.
Hossam -----Original Message----- From: Guillaume Nodet [mailto:[EMAIL PROTECTED] Sent: Wednesday, April 19, 2006 2:57 AM To: servicemix-dev@geronimo.apache.org Subject: ServiceMix and security One of the important feature ServiceMix does not address yet is security. I' m not really familiar with this aspect so please forgive my ignorance and speak if you have any idea / corrections. Security can be applied in different areas: * secure transports * secure messages * secure services Securing transports can be done using SSL on JMS or HTTP. Securing the JMS broker is beyond ServiceMix scope, but ActiveMQ supports SSL on tcp transport. So this works fine for both the JMS binding component and any clustered flow. Securing HTTP will be done asap (we already have a patch, see http://issues.apache.org/activemq/browse/SM-372). Securing messages is not handled yet, but can be done using WS-Security on soap enabled transports (servicemix-jms and servicemix-http binding components). Is there a need to secure messages within the bus ? Securing services seems to be the most difficult part. The JMS specs only mention the use of the subject property on a NormalizedMessage http://java.sun.com/integration/1.0/docs/sdk/api/javax/jbi/messaging/Normali zedMessage.html#setSecuritySubject(javax.security.auth.Subject). The main problem is how to set / use this information and how informations about service authorizations. Such security informations may be embedded in the service unit / service assemblies deployment, or may be configured separately on the container. When a component sends a jbi exchange, the container could check the authorizations for the destination endpoint (or service, interface ?). However, I do not have any clue on how this information will be provided by binding components when an external message comes in. HTTP transport could leverage HTTP authentication, but what about the other transports ? All this security has also to be integrated with J2EE containers security when ServiceMix is deployed into such a container. Cheers, Guillaume Nodet