Announcement Announcement Module
Collapse
No announcement yet.
Authentication for inbound-gateway Page Title Module
Move Remove Collapse
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • Authentication for inbound-gateway

    Hello,

    is there a way to trigger basic or other types of authentication when users call an inbound-gateway?

    <http:inbound-gateway
    id="theInboundGateway"
    request-channel="inboundChannel"
    reply-channel="outboundChannel"
    path="/email/{email}/number/{number}"
    supported-methods="GET" >
    <http:header name="email" expression="#pathVariables.email" />
    <http:header name="number" expression="#pathVariables.number" />

    </http:inbound-gateway>

    I only want authenticated users to be able to submit their e-mails and numbers.

    Many thanks.

    Phirloc

  • #2
    Yes, use Spring Security... http://static.springsource.org/sprin...gsecurity.html

    3.2 Getting Started with Security Namespace Configuration

    should provide a pretty quick on-ramp for you.

    Comment


    • #3
      Hi, Phirloc, and here too!

      Let me guess you deploy your Spring Integration application on some Servlet Container and your users send to you some HTTP requests . Basic Authentication is a part of HTTP protocol and you should secure your resources via standard mechanisms.
      In other words: Authentication isn't a task of Spring Integration. Spring Security is coming to you http://static.springsource.org/spring-security !

      Cheers,
      Artem

      Comment


      • #4
        Thanks for your reply.

        I am aware of the fact that security is handled by Spring Security.

        I just wondered if you could create some kind of nifty authentication filter in Integration, which you would then stick just before the inbound-gateway. I guess not.

        Philroc

        Comment


        • #5
          We do have a SpringSecurity-based Channel Interceptor that can be applied to any channel, but that will expect the SecurityContext to have been established upstream (e.g. via a SpringSecurity Filter).

          For more info:
          http://static.springsource.org/sprin...ngle/#security

          Comment

          Working...
          X