Search code examples
javaspringspring-securityapache-camelapache-servicemix

Apache Camel - basic authentication with Spring Security for camel routes

I've tried to add basic authentication to Apache Camel routes which is provided by Apache ServiceMix

I used command feature:install camel-spring-security then I added to pom:

<dependency>
        <groupId>org.apache.camel</groupId>
        <artifactId>camel-spring-security</artifactId>
        <version>2.16.4</version>
        <scope>provided</scope>
    </dependency>

I tried to use code from http://camel.apache.org/spring-security.html :

<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
       xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
       xmlns:cxf="http://camel.apache.org/schema/cxf"
       xmlns:spring-security="http://www.springframework.org/schema/security"
       xmlns:jaxrs="http://cxf.apache.org/jaxrs"
       xsi:schemaLocation="
                http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
                http://camel.apache.org/schema/cxf http://camel.apache.org/schema/cxf/camel-cxf.xsd
                http://cxf.apache.org/jaxrs http://cxf.apache.org/schemas/jaxrs.xsd
                http://camel.apache.org/schema/spring http://camel.apache.org/schema/spring/camel-spring.xsd
                http://camel.apache.org/schema/spring-security http://www.springframework.org/schema/security/spring-security.xsd">

    <bean id="accessDecisionManager" class="org.springframework.security.access.vote.AffirmativeBased">
        <constructor-arg index="0">
            <bean class="org.springframework.security.access.vote.RoleVoter"/>
        </constructor-arg>
        <property name="allowIfAllAbstainDecisions" value="true"/>
    </bean>

    <spring-security:authentication-manager alias="authenticationManager">
        <spring-security:authentication-provider user-service-ref="userDetailsService"/>
    </spring-security:authentication-manager>

    <spring-security:user-service id="userDetailsService">
        <spring-security:user name="jim" password="jimspassword" authorities="ROLE_USER, ROLE_ADMIN"/>
        <spring-security:user name="bob" password="bobspassword" authorities="ROLE_USER"/>
    </spring-security:user-service>

    <authorizationPolicy id="admin" access="ROLE_ADMIN"
                         authenticationManager="authenticationManager"
                         accessDecisionManager="accessDecisionManager"
                         xmlns="http://camel.apache.org/schema/spring-security"/>

    <bean id="synchBuilder" class="com.some.Class"/>
    <camelContext xmlns="http://camel.apache.org/schema/spring">
        <routeBuilder ref="synchBuilder"/>
    </camelContext>
</beans>

After this I added in code from(something).policy("admin")......

However I got exception

Caused by: org.xml.sax.SAXParseException: cvc-complex-type.2.4.c: The matching wildcard is strict, but no declaration can be found for element 'spring-security:authentication-manager'.
    at org.apache.xerces.util.ErrorHandlerWrapper.createSAXParseException(Unknown Source)[:]
    at org.apache.xerces.util.ErrorHandlerWrapper.error(Unknown Source)[:]
    at org.apache.xerces.impl.XMLErrorReporter.reportError(Unknown Source)[:]
    at org.apache.xerces.impl.XMLErrorReporter.reportError(Unknown Source)[:]
    at org.apache.xerces.impl.XMLErrorReporter.reportError(Unknown Source)[:]
    at org.apache.xerces.impl.xs.XMLSchemaValidator$XSIErrorReporter.reportError(Unknown Source)[:]
    at org.apache.xerces.impl.xs.XMLSchemaValidator.reportSchemaError(Unknown Source)[:]
    at org.apache.xerces.impl.xs.XMLSchemaValidator.handleStartElement(Unknown Source)[:]
    at org.apache.xerces.impl.xs.XMLSchemaValidator.startElement(Unknown Source)[:]
    at org.apache.xerces.impl.XMLNSDocumentScannerImpl.scanStartElement(Unknown Source)[:]
    at org.apache.xerces.impl.XMLDocumentFragmentScannerImpl$FragmentContentDispatcher.dispatch(Unknown Source)[:]
    at org.apache.xerces.impl.XMLDocumentFragmentScannerImpl.scanDocument(Unknown Source)[:]
    at org.apache.xerces.parsers.XML11Configuration.parse(Unknown Source)[:]
    at org.apache.xerces.parsers.XML11Configuration.parse(Unknown Source)[:]
    at org.apache.xerces.parsers.XMLParser.parse(Unknown Source)[:]
    at org.apache.xerces.parsers.DOMParser.parse(Unknown Source)[:]
    at org.apache.xerces.jaxp.DocumentBuilderImpl.parse(Unknown Source)[:]
    at org.springframework.beans.factory.xml.DefaultDocumentLoader.loadDocument(DefaultDocumentLoader.java:75)[149:org.apache.servicemix.bundles.spring-beans:3.2.17.RELEASE_1]
    at org.springframework.beans.factory.xml.XmlBeanDefinitionReader.doLoadBeanDefinitions(XmlBeanDefinitionReader.java:389)[149:org.apache.servicemix.bundles.spring-beans:3.2.17.RELEASE_1]
    ... 18 more
Solution

  • You are using an too old version of Camel / Spring Security and that example code with

    <spring-security:authentication-manager alias="authenticationManager"> <spring-security:authentication-provider user-service-ref="userDetailsService"/> </spring-security:authentication-manager>

    requires using a newer version of Camel / Spring Security which you don't use. Either upgrade ServiceMix / Camel or find older code example that works for you.

    Maybe some of the unit tests with Camel 2.16.x can be of inspiration, if you browse those XML files: https://github.com/apache/camel/tree/camel-2.16.x/components/camel-spring-security/src/test/resources/org/apache/camel/component/spring/security