mule的配置
<mule xmlns:core="http://www.mulesoft.org/schema/mule/core" xmlns="http://www.mulesoft.org/schema/mule/core" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:spring="http://www.springframework.org/schema/beans" xmlns:cxf="http://www.mulesoft.org/schema/mule/cxf" xmlns:doc="http://www.mulesoft.org/schema/mule/documentation" xmlns:http="http://www.mulesoft.org/schema/mule/http" xsi:schemaLocation=" http://www.mulesoft.org/schema/mule/http http://www.mulesoft.org/schema/mule/http/current/mule-http.xsd http://www.mulesoft.org/schema/mule/cxf http://www.mulesoft.org/schema/mule/cxf/current/mule-cxf.xsd http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-current.xsd http://www.mulesoft.org/schema/mule/core http://www.mulesoft.org/schema/mule/core/current/mule.xsd " version="EE-3.3.0"> <spring:beans> <spring:bean id="Bean" name="samlCustomValidator" class="com.mulesoft.mule.soap.security.SAMLCustomValidator"/> </spring:beans> <flow name="SamlTokenServiceFlow" doc:name="SamlTokenServiceFlow"> <http:inbound-endpoint address="http://localhost:63084/services/saml" exchange-pattern="request-response" doc:name="HTTP Inbound Endpoint"/> <cxf:jaxws-service serviceClass="com.mulesoft.mule.soap.security.Greeter" doc:name="Secure SAMLToken service"> <cxf:ws-security> <cxf:ws-config> <cxf:property key="action" value="SAMLTokenUnsigned Timestamp"/> </cxf:ws-config> <cxf:ws-custom-validator> <cxf:saml2-token-validator ref="samlCustomValidator"/> </cxf:ws-custom-validator> </cxf:ws-security> </cxf:jaxws-service> <component class="com.mulesoft.mule.soap.security.GreeterService" doc:name="Greeter Service"/> </flow> <flow name="SignedSamlTokenServiceFlow" doc:name="SignedSamlTokenServiceFlow"> <http:inbound-endpoint address="http://localhost:63084/services/signedsaml" exchange-pattern="request-response" doc:name="HTTP Inbound Endpoint"/> <cxf:jaxws-service serviceClass="com.mulesoft.mule.soap.security.Greeter" doc:name="Secure SAMLToken Signed service"> <cxf:ws-security> <cxf:ws-config> <cxf:property key="action" value="SAMLTokenUnsigned Signature"/> <cxf:property key="signaturePropFile" value="wssecurity.properties" /> </cxf:ws-config> <cxf:ws-custom-validator> <cxf:saml2-token-validator ref="samlCustomValidator"/> </cxf:ws-custom-validator> </cxf:ws-security> </cxf:jaxws-service> <component class="com.mulesoft.mule.soap.security.GreeterService" doc:name="Greeter Service"/> </flow> </mule>
package com.mulesoft.mule.soap.security; import java.io.IOException; import java.util.Collections; import javax.security.auth.callback.Callback; import javax.security.auth.callback.CallbackHandler; import javax.security.auth.callback.UnsupportedCallbackException; import org.apache.ws.security.saml.ext.SAMLCallback; import org.apache.ws.security.saml.ext.bean.AuthenticationStatementBean; import org.apache.ws.security.saml.ext.bean.SubjectBean; import org.apache.ws.security.saml.ext.builder.SAML2Constants; import org.opensaml.common.SAMLVersion; /** * Callback handler that populates a SAML 2.0 assertion based on the SAML properties file */ public class SAMLCallbackHandler implements CallbackHandler { private String subjectName; private String subjectQualifier; private String confirmationMethod; public SAMLCallbackHandler() { subjectName = "AllowGreetingServices"; subjectQualifier = "www.example.com"; confirmationMethod = SAML2Constants.CONF_SENDER_VOUCHES; } public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException { for (int i = 0; i < callbacks.length; i++) { if (callbacks[i] instanceof SAMLCallback) { SAMLCallback callback = (SAMLCallback) callbacks[i]; callback.setSamlVersion(SAMLVersion.VERSION_20); SubjectBean subjectBean = new SubjectBean( subjectName, subjectQualifier, confirmationMethod ); callback.setSubject(subjectBean); createAndSetStatement(null, callback); } else { throw new UnsupportedCallbackException(callbacks[i], "Unrecognized Callback"); } } } private void createAndSetStatement(SubjectBean subjectBean, SAMLCallback callback) { AuthenticationStatementBean authBean = new AuthenticationStatementBean(); if (subjectBean != null) { authBean.setSubject(subjectBean); } authBean.setAuthenticationMethod("Password"); callback.setAuthenticationStatementData(Collections.singletonList(authBean)); } }
import org.apache.ws.security.WSSecurityException; import org.apache.ws.security.handler.RequestData; import org.apache.ws.security.saml.ext.AssertionWrapper; import org.apache.ws.security.saml.ext.OpenSAMLUtil; import org.apache.ws.security.validate.Credential; import org.apache.ws.security.validate.SamlAssertionValidator; public class SAMLCustomValidator extends SamlAssertionValidator { @Override public Credential validate(Credential credential, RequestData data) throws WSSecurityException { Credential returnedCredential = super.validate(credential, data); // // Do some custom validation on the assertion // AssertionWrapper assertion = credential.getAssertion(); if (!"self".equals(assertion.getIssuerString())) { throw new WSSecurityException(WSSecurityException.FAILURE, "invalidSAMLsecurity"); } if (assertion.getSaml2() == null) { throw new WSSecurityException(WSSecurityException.FAILURE, "invalidSAMLsecurity"); } String confirmationMethod = assertion.getConfirmationMethods().get(0); if (confirmationMethod == null) { throw new WSSecurityException(WSSecurityException.FAILURE, "invalidSAMLsecurity"); } if (!OpenSAMLUtil.isMethodSenderVouches(confirmationMethod)) { throw new WSSecurityException(WSSecurityException.FAILURE, "invalidSAMLsecurity"); } if(!"AllowGreetingServices".equals(assertion.getSaml2().getSubject().getNameID().getValue())) { throw new WSSecurityException(WSSecurityException.FAILURE, "invalidSAMLsecurity"); } return returnedCredential; } }
服务端:
import org.mule.api.MuleContext; import org.mule.api.MuleException; import org.mule.api.context.MuleContextFactory; import org.mule.config.spring.SpringXmlConfigurationBuilder; import org.mule.context.DefaultMuleContextFactory; public class MuleServerApp { public static void main(String[] args) throws MuleException { String configFile = "mule-config.xml"; System.setProperty("mule.verbose.exceptions","true"); String[] configFileArr = new String[] {configFile }; MuleContextFactory muleContextFactory = new DefaultMuleContextFactory(); MuleContext muleContext = muleContextFactory .createMuleContext(new SpringXmlConfigurationBuilder(configFileArr)); muleContext.start(); } }
客户端测试:
public class MuleSecureClient { public static void main(String[] args) throws Exception { Greeter service = createService("http://localhost:63084/services/saml?wsdl", getSamlTokenProps("SAMLTokenUnsigned Timestamp", "saml.properties")); System.out.println(service.greet("Mule")); service = createService("http://localhost:63084/services/signedsaml?wsdl", getSignedSamlTokenProps("SAMLTokenSigned", "saml.properties")); System.out.println(service.greet("Mule")); } protected static Map<String, Object> getSamlTokenProps(String action, String propertiesFile) { Map<String, Object> wss4jProps = new HashMap<String, Object>(); wss4jProps.put("action", action); wss4jProps.put("samlPropFile", propertiesFile); SAMLCallbackHandler samlCallbackHandler = new SAMLCallbackHandler(); wss4jProps.put(WSHandlerConstants.SAML_CALLBACK_REF, samlCallbackHandler); return wss4jProps; } protected static Map<String, Object> getSignedSamlTokenProps(String action, String propertiesFile) { Map<String, Object> wss4jProps = new HashMap<String, Object>(); wss4jProps.put("action", action); wss4jProps.put("samlPropFile", propertiesFile); wss4jProps.put("signatureKeyIdentifier", "DirectReference"); wss4jProps.put("user", "joe"); wss4jProps.put("passwordCallbackClass", PasswordCallback.class.getName()); wss4jProps.put(WSHandlerConstants.SAML_CALLBACK_REF, new SAMLCallbackHandler()); return wss4jProps; } public static Greeter createService(String url, Map<String, Object> wss4jProps) { URL wsdlDocumentLocation; try { wsdlDocumentLocation = new URL(url); } catch (MalformedURLException e) { throw new RuntimeException("Invalid test definition", e); } QName serviceName = new QName("http://security.soap.mule.mulesoft.com/", "GreeterService"); Service dynService = Service.create(wsdlDocumentLocation, serviceName); Greeter service = dynService.getPort(Greeter.class); Client client = ClientProxy.getClient(service); if (wss4jProps != null) { client.getOutInterceptors().add(new WSS4JOutInterceptor(wss4jProps)); } return service; } }
相关推荐
`mule-spring-configuration.dtd`和`mule-configuration.dtd`是Mule ESB的XML配置文件的DTD(文档类型定义),它们规定了XML配置文件的结构和元素。Spring是Mule ESB的核心组件之一,负责管理对象的生命周期和依赖...
### ESB原理及Mule ESB实践 #### ESB(Enterprise Service Bus)原理概述 **ESB**(企业服务总线)是SOA(面向服务架构)架构中的关键组件之一,用于实现服务间的智能集成与管理。其核心作用在于简化不同系统间的...
根据提供的文件内容,以下是关于Mule ESB手册-中文版的知识点: 1. Mule ESB简介 ...通过这些知识点的学习,可以加深对Mule ESB的使用方法的理解,并通过实例加深对ESB概念的理解,对新手来说非常有帮助。
在本篇“Mule ESB 学习笔记(13)CSV数据文件到数据库”中,我们将探讨如何使用Mule ESB(Enterprise Service Bus,企业服务总线)处理CSV(Comma Separated Values,逗号分隔值)数据,并将其有效地导入到数据库中...
MULE ESB(Mule Enterprise Service Bus)是Anypoint Platform的核心组件,它是一个强大的、全面集成的企业服务总线(ESB),专为构建、部署和管理API和集成解决方案而设计。MULE ESB-4.1是MuleSoft公司推出的企业版...
- **与JBI容器的整合**:虽然Mule ESB不是基于JBI构建的,但它提供了JBI适配器,以便更好地与JBI容器协同工作。 #### 三、Mule ESB 3.0的关键特性 - **云连接(Cloud Connect)**:Mule 3引入了一种全新的特性——云...
Mule ESB 是一个基于 Java 的轻量级企业服务总线和集成平台,允许开发人员快速便利地连接多个应用,并支持应用间的数据交换。Mule ESB 支持集成现有系统而无论其底层采用何种技术,如 JMS、Web Services、JDBC、...
Mule ESB 是一个轻量级的基于java的企业服务总线和集成平台, 使得开发人员可以快速,简单的连接多个应用, 使得它们可以交换数据。 Mule ESB 容易集成现有异构系统,包括:JMS, Web Services, JDBC, HTTP, 等. ESB...
1. **事件驱动架构**:Mule ESB基于事件驱动模型,能够实时响应系统中的变化,实现快速的数据传输和处理。 2. **无代码/低代码开发**:通过图形化的工作流设计工具Anypoint Studio,开发者可以直观地构建和部署集成...
2. **Mule ESB架构**:Mule ESB基于事件驱动的架构,允许它快速响应系统中的变化。它由消息代理、连接器、数据转换器、流量控制和安全组件等组成。 3. **Mule Studio**:MuleSoft提供的集成开发环境(IDE),支持...
《Mule ESB Cookbook随书源码》是一个与Mule ESB相关的实践指南,它包含了大量实例代码,旨在帮助读者深入理解和应用Mule ESB这一开源企业服务总线(Enterprise Service Bus)。Mule ESB是业界广泛采用的ESB解决方案...
4. **Web服务支持**:Mule ESB能够处理基于Axis或Glue的Web服务,支持SOAP和其他Web服务标准,允许服务间的互操作性。 5. **灵活的部署结构**:Mule ESB提供了多种部署拓扑,包括Client/Server、P2P(对等)、ESB...
《Mule ESB 开发手册》是一份详尽的指南,专为希望深入了解并掌握 Mule ESB(Enterprise Service Bus)技术的...通过深入学习和实践,开发者可以充分利用 Mule ESB 的强大功能,实现高效、可靠的企业级集成解决方案。
Mule ESB支持各种安全机制,如SSL/TLS加密、身份验证、授权等,以保护数据传输的安全。同时,通过合理的配置和设计,可以优化Mule应用的性能,如使用缓存、负载均衡、异步处理等策略。 总之,Mule ESB提供了一个...
总结来说,《Mule ESB 3用户指南》为用户提供了一个全面的、步骤详细的、实践导向的指导,从基础的配置、服务集成到开发、测试、文档编写和云服务集成,覆盖了使用Mule ESB进行企业级集成应用开发的各个阶段。
【MULE ESB官方例子研究】是针对开源企业服务总线MULE的实践教程,旨在帮助用户理解MULE ESB的工作原理和使用方法。...这对于学习和掌握MULE ESB的使用至关重要,也有助于提高企业集成项目的实施效率和质量。
MuleESB是一个基于Java的轻量级企业服务总线和集成平台,允许开发人员快速便利地连接多个应用,并支持应用间的数据交换。MuleESB支持集成现有系统而无论其底层采用何种技术,如JMS、WebServices、JDBC、HTTP以及其他...
本文将详细介绍如何利用Mule ESB(Enterprise Service Bus)作为代理来访问CXF发布的Web服务。 #### 建立CXF服务端 首先,我们需要构建一个CXF服务端来提供服务。下面是具体步骤: 1. **下载并安装CXF** 访问...