Creating authorization policies - 6.3

Talend ESB Mediation Developer Guide

EnrichVersion
6.3
EnrichProdName
Talend Data Fabric
Talend Data Services Platform
Talend ESB
Talend MDM Platform
Talend Open Studio for ESB
Talend Real-Time Big Data Platform
task
Design and Development
EnrichPlatform
Talend ESB

Access to a route is controlled by an instance of a SpringSecurityAuthorizationPolicy object. A policy object contains the name of the Spring Security authority (role) required to run a set of endpoints and references to Spring Security AuthenticationManager and AccessDecisionManager objects used to determine whether the current principal has been assigned that role. Policy objects may be configured as Spring beans or by using an <authorizationPolicy> element in Spring XML.

The <authorizationPolicy> element may contain the following attributes:

Name

Default Value

Description

id

null

The unique Spring bean identifier which is used to reference the policy in routes (required)

access

null

The Spring Security authority name that is passed to the access decision manager (required)

authentication-Manager

authentication-Manager

The name of the Spring Security AuthenticationManager object in the context

accessDecision-Manager

accessDecision-Manager

The name of the Spring Security AccessDecisionManager object in the context

authentication-Adapter

DefaultAuthentication-Adapter

The name of a camel-spring-security AuthenticationAdapter object in the context that is used to convert a javax.security.auth.Subject into a Spring Security Authentication instance.

useThreadSecurity-Context

true

If a javax.security.auth.Subject cannot be found in the In message header under Exchange.AUTHENTICATION, check the Spring Security SecurityContextHolder for an Authentication object.

always-Reauthenticate

false

If set to true, the SpringSecurityAuthorizationPolicy will always call AuthenticationManager.authenticate() each time the policy is accessed.