As JavaOne 2012 is coming closer, it's time for some more information on my session CON3418 – Confident Data Transfers with Apache Camel Security.
As you might have already guessed, it's all about Apache Camel security. So, what exactly is so special about Camel security? Well, it is of course possible to secure any Camel communication with SSL/TLS, like any other http communication or web service calls for example. Not really special and associated with some disadvantages too. And that's where Camel security comes to the rescue. In fact, Camel security consists of more than one part, payload and route security are the important ones in this case. Payload security takes care of encrypting or signing the message content (a.k.a. payload). This can be classic cryptography (classic does not stand for the real classic cryptography like Caesar encryption) with the Crypto data format or XML based cryptography (XML Encryption) with the XMLSecurity data format. And of course digital signatures of the message content. In the other part of the session I will talk about route security. Route security protects the routes itself, taking care of who (user or user group) can call a route or particular route section. This is done with the Camel components for Apache Shiro or Spring Security.
A lot to talk about. And a lot of ideas and recommendations for securing your Apache Camel routes in your integration projects. Hope to see you in my session! And for the Camel fans: There is a second session on Apache Camel: CON2430 – Next Generation: Systems Integration in the Cloud Era with Apache Camel
As I'm making progress in creating the slides/ demos for my session, I will provide some previews here in my blog the next couple of weeks. Make sure to come back regularly…