14 Securing Camel

 

This chapter covers

  • Securing your Camel configuration
  • Web service security
  • Transport security
  • Encryption and decryption
  • Signing messages
  • Authentication and authorization

Security in enterprise applications seems to become more and more important every year. As mobile and web access endpoints are the preferred method of access for customers, applications are becoming more open to the greater internet and consequently more open to attack. Unauthorized access to these exposed endpoints can become a costly thing to deal with. For example, having private customer data leaked on the internet has plagued retailers in recent years. These events definitely have an impact on the current and future bottom line of a company’s finances.

With that said, it’s important to note that Camel is by default not secured! There’s a good reason for this: application security has many angles, and not all may be applicable to every use case. For instance, you probably don’t need to encrypt your payload if the communication link is within your company’s VPN. But authentication and authorization may be needed. Camel can help you implement as much or as little security as you require, with relative ease. We say relative because security configuration can become quite complex just by its nature.

14.1 Securing your configuration

14.1.1 Encrypting configuration

14.1.2 Decrypting configuration

14.2 Web service security

14.2.1 Authentication in web services

14.2.2 Authenticating web services using JAAS

14.3 Payload security

14.3.1 Digital signatures

14.3.2 Payload encryption

14.4 Transport security

14.4.1 Defining global SSL configuration

14.5 Route authentication and authorization

14.5.1 Configuring Spring Security

14.6 Summary and best practices