Implementing HTTPS with Mule ESB
2015-02-17 11:24
49 查看
Implementing HTTPS with Mule ESB
时间 2013-06-01 12:27:16 SOAZone原文 http://soa.dzone.com/articles/implementing-https-mule-esb
Related MicroZone Resources
6 SaaS Metrics that Matter
Feature Chart: Mule ESB v. Enterprise
Mobile Commerce, Your Way
SOA Best Practices
Prepare for the New World of Integration!
Like this piece? Share it with your friends:At one of my clients we use the Mule ESB (3.1) to communicate with the outside world. A big difference compared with having Mule running inside the company network is the security. One of the steps to make the communication more secure is to use HTTPS instead
of HTTP. Other measures we took (signing the outgoing and validating the incoming SOAP requests) will be handled in another post.
Luckily with a tool as Mule ESB this is not a big issue. Simply define a HTTPS connector in your config and refer to that instead of the HTTP connector in your HTTP endpoints. The connector definition looks like this:
<https:connector name="httpsConnector" clientSoTimeout="0" serverSoTimeout="0"> <https:tls-client path="${my.ssl.keystore}" storePassword="${my.ssl.keystore.password}"/> <https:tls-key-store path="${my.ssl.keystore}" storePassword="${my.ssl.keystore.password}" keyPassword="${my.ssl.keystore.password}"/> <https:tls-server path="${my.ssl.keystore}" storePassword="${my.ssl.keystore.password}"/> </https:connector>
And your endpoints will become something like:
<flow name="my-secure-flow"> <https:inbound-endpoint address="${my.incoming.url}" connector-ref="httpsConnector"> ... </https:inbound-endpoint> <https:outbound-endpoint address="${my.internal.url}" connector-ref="httpsConnector"> ... </https:outbound-endpoint> </flow>
By the way, all ‘${…}’ are translated to real values at deploy time. There is a nice article how to accomplish this.
However this is just the basic SSL setup. In our case the customer wanted to take it a step further and implement the mutual authentication which is explained nicely here .
The question is if this is also doable with the Mule ESB. Although it took me a while to find out I ended up here in
the Mule forum and it seems quite easy to accomplish. Just add the property requireClientAuthentication=”true” to the ‘tls-server’ and it is should be fixed.
<https:connector name="httpsConnector" clientSoTimeout="0" serverSoTimeout="0"> <https:tls-client path="${my.ssl.keystore}" storePassword="${my.ssl.keystore.password}"/> <https:tls-key-store path="${my.ssl.keystore}" storePassword="${my.ssl.keystore.password}" keyPassword="${my.ssl.keystore.password}"/> <https:tls-server path="${my.ssl.keystore}" storePassword="${my.ssl.keystore.password}" requireClientAuthentication="true"/> </https:connector>
We will test this of course but so far it is looking good.
Published at DZone with permission of Pascal Alma , author and DZone MVB. ( source )
(Note: Opinions expressed in this article and its replies are the opinions of their respective authors and not those of DZone, Inc.)
相关文章推荐
- https://developer.android.com/training/implementing-navigation/temporal.html#SynthesizeBackStack
- Mule,目前综合状态最良好的开源ESB方案
- 将Mule ESB Http项目转换为Tomcat项目(1) 总论
- ASP.NET 2.0: Implementing Single Sign On (SSO) with Membership API
- STREAMING LIVE WEBM VIDEO WITH FFMPEG.https://www.virag.si/2012/11/streaming-live-webm-video-with-ff
- Open Source ESB Mule 1.1 发布
- TLS,SSL,HTTPS with Python
- iOS - 解决Unable to add a source with url `https://github.com/CocoaPods/Specs.git` named
- mule esb exception(一)
- 为Ubuntu 16.04 添加永久免费https SSL证书(解决python2.7 - pip wheel failed with error code 2 问题)
- 2010年度ESB产品盘点:开源ESB产品之Mule
- MULE ESB webservice jms服务
- Start with Mule (1) -- 下载安装
- 关于MULE ESB相关的介绍
- How to disable SSL certificate checking with Spring RestTemplate?(使用resttemplate访问https时禁用证书检查)
- Mule ESB 学习笔记
- android in practice_Implementing jobs with AsyncTask(MyMovies project)
- Unsafe JavaScript attempt to access frame with URL https://xxx with URL http://xxx.
- 开源ESB平台Mule 基本概念介绍
- Implementing a Subject/Observer pattern with templates