Fatal编程技术网
  • spring-security/
  • Spring security 如何在Mule上使用Spring安全http模式?

Spring security 如何在Mule上使用Spring安全http模式?

spring-security mule

Spring security 如何在Mule上使用Spring安全http模式?,spring-security,mule,Spring Security,Mule,我使用的是spring安全性,但是有些部分没有安全性,有些部分有安全性,所以我为我的路径实现了http模式,但它似乎不起作用,甚至无法完成这部分代码 迄今为止完成的代码: <?xml version="1.0" encoding="UTF-8"?> <mule xmlns:servlet="http://www.mulesoft.org/schema/mule/servlet" xmlns:cxf="http://www.mulesoft.org/schema/mule/cx

我使用的是spring安全性,但是有些部分没有安全性,有些部分有安全性,所以我为我的路径实现了http模式,但它似乎不起作用,甚至无法完成这部分代码

迄今为止完成的代码:

<?xml version="1.0" encoding="UTF-8"?>

<mule xmlns:servlet="http://www.mulesoft.org/schema/mule/servlet"
xmlns:cxf="http://www.mulesoft.org/schema/mule/cxf"
xmlns:vm="http://www.mulesoft.org/schema/mule/vm"
xmlns:scripting="http://www.mulesoft.org/schema/mule/scripting"
xmlns:core="http://www.mulesoft.org/schema/mule/core" xmlns:jdbc-ee="http://www.mulesoft.org/schema/mule/ee/jdbc" xmlns:ssl="http://www.mulesoft.org/schema/mule/ssl" xmlns:doc="http://www.mulesoft.org/schema/mule/documentation" xmlns:ee="http://www.mulesoft.org/schema/mule/ee/core"
xmlns:mulexml="http://www.mulesoft.org/schema/mule/xml" xmlns:https="http://www.mulesoft.org/schema/mule/https"
xmlns="http://www.mulesoft.org/schema/mule/core" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:spring="http://www.springframework.org/schema/beans" xmlns:http="http://www.mulesoft.org/schema/mule/http"
xmlns:pattern="http://www.mulesoft.org/schema/mule/pattern"
xmlns:mule-ss="http://www.mulesoft.org/schema/mule/spring-security"
xmlns:ss="http://www.springframework.org/schema/security"
xsi:schemaLocation="
http://www.mulesoft.org/schema/mule/servlet http://www.mulesoft.org/schema/mule/servlet/current/mule-servlet.xsd 
http://www.mulesoft.org/schema/mule/cxf http://www.mulesoft.org/schema/mule/cxf/current/mule-cxf.xsd 
http://www.mulesoft.org/schema/mule/vm http://www.mulesoft.org/schema/mule/vm/current/mule-vm.xsd 
http://www.mulesoft.org/schema/mule/scripting http://www.mulesoft.org/schema/mule/scripting/current/mule-scripting.xsd http://www.mulesoft.org/schema/mule/core http://www.mulesoft.org/schema/mule/core/current/mule.xsd http://www.mulesoft.org/schema/mule/ee/jdbc http://www.mulesoft.org/schema/mule/ee/jdbc/current/mule-jdbc-ee.xsd
http://www.mulesoft.org/schema/mule/pattern http://www.mulesoft.org/schema/mule/pattern/current/mule-pattern.xsd
http://www.mulesoft.org/schema/mule/ee/core http://www.mulesoft.org/schema/mule/ee/core/current/mule-ee.xsd
http://www.mulesoft.org/schema/mule/xml http://www.mulesoft.org/schema/mule/xml/current/mule-xml.xsd
http://www.mulesoft.org/schema/mule/https http://www.mulesoft.org/schema/mule/https/current/mule-https.xsd
http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-current.xsd
http://www.mulesoft.org/schema/mule/core http://www.mulesoft.org/schema/mule/core/3.4/mule.xsd
http://www.mulesoft.org/schema/mule/http http://www.mulesoft.org/schema/mule/http/3.4/mule-http.xsd
http://www.mulesoft.org/schema/mule/pattern http://www.mulesoft.org/schema/mule/pattern/3.4/mule-pattern.xsd
http://www.mulesoft.org/schema/mule/spring-security http://www.mulesoft.org/schema/mule/spring-security/3.4/mule-spring-security.xsd
http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.1.xsd
http://www.mulesoft.org/schema/mule/ssl http://www.mulesoft.org/schema/mule/ssl/current/mule-ssl.xsd" version="EE-3.4.0">

<mule-ss:security-manager> 
    <mule-ss:delegate-security-provider name="jdbc-provider" delegate-ref="authenticationManager"></mule-ss:delegate-security-provider>  
</mule-ss:security-manager>

<spring:beans> 
    <spring:bean class="org.apache.cxf.interceptor.LoggingInInterceptor" id="loggingInInterceptor" />
    <spring:bean class="org.apache.cxf.interceptor.LoggingOutInterceptor" id="loggingOutInterceptor"/>

    <spring:bean id="dataSource" class="org.springframework.jdbc.datasource.DriverManagerDataSource">  
      <spring:property name="driverClassName" value="${database.driver}"/>  
      <spring:property name="url" value="${database.url}"/>  
      <spring:property name="username" value="${database.user}"/>  
      <spring:property name="password" value="${database.pass}"/>
    </spring:bean>

    <ss:http auto-config="true" use-expressions="true" request-matcher="regex">
        <ss:intercept-url pattern="^/services/.*\.WSDL$" access="permitAll"/>
        <ss:intercept-url pattern="^/services/${webservice.idp.in.pessoas.path}" access="hasRole('ROLE_IDP')" />
        <ss:intercept-url pattern="^/services/${webservice.idp.in.setor.path}" access="hasRole('ROLE_IDP')" >
    </ss:http>

    <ss:authentication-manager alias="authenticationManager" >
        <ss:authentication-provider>
            <ss:jdbc-user-service data-source-ref="dataSource"
                users-by-username-query="
              select username, password, enabled 
              from users where username=?"

           authorities-by-username-query="
              select u.username, ur.authority from users u, authorities ur 
              where u.id = ur.user_id and u.username =?  "/>  
        </ss:authentication-provider>
    </ss:authentication-manager>  
</spring:beans>

<https:connector name="httpsConnector" doc:name="HTTP\HTTPS"> 
    <https:tls-key-store path="${mule.home}/conf/keystore.jks" keyPassword="ciasc.123" storePassword="ciasc.123"></https:tls-key-store>  
</https:connector>

<scripting:transformer name="noopLoggingTransformer">
    <scripting:script engine="groovy">
        def props = [:]
        props['User-Agent'] = message.getProperty('User-Agent', org.mule.api.transport.PropertyScope.INBOUND)
        props['MULE_REMOTE_CLIENT_ADDRESS'] = message.getProperty('MULE_REMOTE_CLIENT_ADDRESS', org.mule.api.transport.PropertyScope.INBOUND)
        props['http.request'] = message.getProperty('http.request', org.mule.api.transport.PropertyScope.INBOUND)
        muleContext.client.dispatch('vm://log-request.in', payload, props)
        message        
     </scripting:script>
</scripting:transformer>

<pattern:web-service-proxy name="Logradouros2" transformer-refs="noopLoggingTransformer"  wsdlFile="AutenticacaoServico.wsdl">
    <http:inbound-endpoint address="${serverName}/services/Logradouros/AutenticacaoServico" exchange-pattern="request-response">
        <http:basic-security-filter realm="mule-realm"/>
    </http:inbound-endpoint>
    <http:outbound-endpoint address="${targetServer}/servicos/v2/AutenticacaoServico.svc" exchange-pattern="request-response" />
</pattern:web-service-proxy>

<jdbc-ee:postgresql-data-source name="WSA" user="${database.user}" password="${database.pass}" url="${database.url}" transactionIsolation="UNSPECIFIED" doc:name="PostgreSQL Data Source">
</jdbc-ee:postgresql-data-source>

<jdbc-ee:connector name="jdbcConnector" dataSource-ref="WSA" validateConnections="false" transactionPerMessage="true" queryTimeout="10" pollingFrequency="10000" doc:name="JDBC"> 
    <jdbc-ee:query key="wsadb" value="insert into inbound_messages (payload, timestamp, agent, ip_from, endpoint, soap_operation) values ('', now(), #[groovy: return message.getInboundProperty('user-agent').toString()], #[groovy: return message.getInboundProperty('MULE_REMOTE_CLIENT_ADDRESS').toString()], #[groovy: return message.getInboundProperty('http.request').toString()], '');"></jdbc-ee:query>  
</jdbc-ee:connector>

<flow name="log-request" doc:name="log-request"> 
    <vm:inbound-endpoint path="log-request.in" />
    <logger message="#[groovy: return message.getInboundProperty('user-agent').toString()], #[groovy: return message.getInboundProperty('MULE_REMOTE_CLIENT_ADDRESS').toString()], #[groovy: return message.getInboundProperty('http.request').toString()]" level="INFO" doc:name="Logger"/>
    <jdbc-ee:outbound-endpoint exchange-pattern="one-way" queryKey="wsadb" responseTimeout="10000" queryTimeout="-1" connector-ref="jdbcConnector" doc:name="Persist raw message" />
</flow>

</mule>


def props=[:]
props['User-Agent']=message.getProperty('User-Agent',org.mule.api.transport.PropertyScope.INBOUND)
props['MULE\u REMOTE\u CLIENT\u ADDRESS']=message.getProperty('MULE\u REMOTE\u CLIENT\u ADDRESS',org.MULE.api.transport.PropertyScope.INBOUND)
props['http.request']=message.getProperty('http.request',org.mule.api.transport.PropertyScope.INBOUND)
muleContext.client.dispatch('vm://log-request.in',负载,道具)
消息
需要做些什么才能访问它?
我打算用它来访问wsdl文件,而不需要登录要求,以及使用…

的方法,因为您使用的是Mule的入站HTTP端点,所以您现有的大多数Spring安全性都是无用的。例如,
拦截url
没有做任何事情

我建议您查看
org.mule.transport.http.filters.HttpBasicAuthenticationFilter
的源代码,并使用您自己的代码对其进行扩展,从而放弃WSDL请求的安全性

然后用您自己的版本替换

我不认为Spring安全HTTP规则可以应用于Mule入站HTTP端点。我如何在没有安全性的情况下公开WSDL,而不是它自己的url,因为这是我得到的唯一线索…顺便说一句,相同的代码适用于Mule 3.3的被篡改版本,但我正试图将它推广到mulestudio中,并在标准的3.4服务器上工作,但这部分(url模式)根本不起作用。。。有线索吗?没有线索。我不知道你在说什么。我无法想象
ss:intercept url
如何应用于Mule端点(除非您在servlet容器中嵌入运行?)。。。wsdl文件是我不想被登录阻止的:来自安全的密码,这在Mule标准上是可能的还是不可行?我调用的url是这样的:刚刚做了,但仍然不工作,它似乎没有达到那个代码。我把它作为独生子放进了,仍然要求登录:passwordOK,好吧,希望有Spring安全经验的人会插话,因为它似乎与Mule无关。不过我很好奇:您的web.xml文件中是如何配置Spring安全过滤器的?如何配置Mule web服务?你能把它添加到你的问题中吗?当然,我会发布整个配置,如果你愿意,你可以尝试使用你提供的一些服务。