Apache Camel : Context level intercept/filter layers

Question

In our web application, we are using camel as the central piece to orchestrate/route the webservices, which will be connecting to several other local resources.

Can someone suggest, what is the best way to write context level (global / one-time) layers.

For example, we want to write a global security layer, which does a basic signature based auth check, which is going to be the first step for any route in the application. We want this logic to be configured at global level(CamelContext ?), so that we don't need to write/add this process in every route we build.

Also, in case of multiple such layers ( say security, validation, etc.. ), is it possible to set the order in which they need to be executed ?.

Any sort of examples or reading pointers are very appreciated.

Answer 1

You should have a look at Route Policies that can hook into route execution and do such things as you describe. You can of course have your policy delegate to various layers of authorizations/validation/logging in any order you want.

To add the policy to every route, create a factory and assign to the context.

context.addRoutePolicyFactory(new TheSpecialSecurityAndValidationPolicyFactory());

For security, however, different protocol tend to implement security using different methods. In SOAP you may check transport level security (Basic Auth, SSL,..) but also message level security (WS-Security). In other protocols, you may only be able to check transport and/or message level security tokens.

If you want some common security stack to deal with security on a higher level, I suggest you check out Apache Shiro. It is well integrated with Apache Camel.