Re: HTTPS authentication setup using camel-http

I think we should move this discussion into camel-user mail list to get
more feed back :)

Basically, camel-http component is built on the top of http client, and
you can use implement your customer
org.apache.camel.component.http.HttpClientConfigurer to do some
configuration on the http client.

If you just wan to specify the keystore and truststore you can do int in
your HttpClientConfigurer.

Protocol authhttps = new Protocol("https",
new AuthSSLProtocolSocketFactory(
new URL("file:my.keystore"), "mypassword",
new URL("file:my.truststore"), "mypassword"), 443);
Protocol.registerProtocol("https", authhttps);

Willem


bwhite@... wrote:

Thanks for the info Willem, that's just what I needed.

Here's a little more information for anyone who may end up following in my footsteps:

Create a class that implements HttpClientConfigurer, and registers https protocol providing a keystore or truststore per Willem's example below. Then, from your camel route builder class you can hook it up like so:

HttpComponent httpComponent = (HttpComponent) getContext().getComponent("http");
httpComponent.setHttpClientConfigurer(new MyHttpClientConfigurer());

Bryan

willem.jiang wrote:

If you just wan to specify the keystore and truststore you can do int in
your HttpClientConfigurer.

Protocol authhttps = new Protocol("https",
new AuthSSLProtocolSocketFactory(
new URL("file:my.keystore"), "mypassword",
new URL("file:my.truststore"), "mypassword"), 443);
Protocol.registerProtocol("https", authhttps);

On Thu, Nov 5, 2009 at 2:23 AM, bwhite <bwhite@...> wrote:
Thanks I have updated the camel http wiki page with your instructions.




--
Claus Ibsen
Apache Camel Committer

Author of Camel in Action: http://www.manning.com/ibsen/
Open Source Integration: http://fusesource.com
Blog: http://davsclaus.blogspot.com/
Twitter: http://twitter.com/davsclaus

Hi Claus,

One minor but imortant change is required to the documentation you added to the wiki:

"Or you can do something like this" should be "Then" + the explanation that I wrote. ("Create a class that implements HttpClientConfigurer... <snip>")

It's a two-step process, and both are required. First you implement HttpClientConfigurer per Willem's example (I am calling that implementation class "MyHttpClientConfigurer" in my example). Then you set that configurer on the http component from your camel route builder, as per my example. I hope that makes sense.

-Bryan

Hi

Thanks for spotting this. I have fixed it.

On Thu, Nov 5, 2009 at 8:52 PM, bwhite <bwhite@...> wrote:


--
Claus Ibsen
Apache Camel Committer

Author of Camel in Action: http://www.manning.com/ibsen/
Open Source Integration: http://fusesource.com
Blog: http://davsclaus.blogspot.com/
Twitter: http://twitter.com/davsclaus

Hi Willem and Claus,

I have a related question regarding camel-http and SSL. Say I have the
following camel route:

from(<some_endpoint>).to("http://<some_external_service>");

When I use https in the camel-http endpoint instead of http like this:

from(<some_endpoint>).to("https://<some_external_service>");

I get the following exception when I try to deploy the SA:

org.apache.xbean.kernel.ServiceRegistrationException:
org.apache.camel.NoSuchEndpointException: No endpoint could be found for:
https://<some_external_service>

Is this exception normal? Should I be able to use https://... in the
camel-http endpoint? Or do I need to use http://... and then use
AuthSSLProtocolSocketFactory to register http as the SSL-authenticated
protocol? (that works, but it seems like a wierd workaround to me)

I am using Servicemix 3.2.2 and Camel 1.4.0.

Thanks!




--
View this message in context: http://old.nabble.com/Re%3A-HTTPS-authentication-setup-using-camel-http-tp26190394p26230901.html
Sent from the Camel - Users mailing list archive at Nabble.com.

Hi Willem and Claus,

Say I have the following camel route:

from(<some_endpoint>).to("http://<some_external_service>");

When I use https in the camel-http endpoint instead of http like this:

from(<some_endpoint>).to("https://<some_external_service>");

I get the following exception when I try to deploy the SA:

org.apache.xbean.kernel.ServiceRegistrationException: org.apache.camel.NoSuchEndpointException: No endpoint could be found for: https://<some_external_service>

Is this exception normal? Should I be able to use https://... in the camel-http endpoint? Or do I need to use http://... and then use AuthSSLProtocolSocketFactory to register http as the SSL-authenticated protocol? (that works, but it seems like a wierd workaround to me)

I am using Servicemix 3.2.2 and Camel 1.4.0.

Thanks!

Bryan

On Sat, Nov 7, 2009 at 12:20 AM, bwhite <bwhite@...> wrote:
That is an old version :).

Did it work before or is it the first time you try with HTTPS ?
I wonder if HTTPS is supported in camel 1.4.0. I cant remember but its
likely added later.




> Thanks!
>
> Bryan
> --
> View this message in context: http://old.nabble.com/Re%3A-HTTPS-authentication-setup-using-camel-http-tp26190394p26230916.html
> Sent from the Camel - Users mailing list archive at Nabble.com.
>
>



--
Claus Ibsen
Apache Camel Committer

Author of Camel in Action: http://www.manning.com/ibsen/
Open Source Integration: http://fusesource.com
Blog: http://davsclaus.blogspot.com/
Twitter: http://twitter.com/davsclaus

Hi Claus,

Yes, this is my first attempt at getting camel-http working with https. Can you verify if this should work in Camel 1.4.0? Thanks!

On Wed, Nov 11, 2009 at 7:28 PM, bwhite <bwhite@...> wrote:
>
> Hi Claus,
>
> Yes, this is my first attempt at getting camel-http working with https. Can
> you verify if this should work in Camel 1.4.0? Thanks!

Sorry you can check the source code yourself.
https://svn.apache.org/repos/asf/camel/tags/camel-1.4.0/components/camel-http/

I just dont have time to go the extra mile for every single use case
on this public forum.

For example with paid support there is a team of people that does all
this kind of help for you.



> --
> View this message in context: http://old.nabble.com/Re%3A-HTTPS-authentication-setup-using-camel-http-tp26190394p26306184.html
> Sent from the Camel - Users mailing list archive at Nabble.com.
>
>



--
Claus Ibsen
Apache Camel Committer

Author of Camel in Action: http://www.manning.com/ibsen/
Open Source Integration: http://fusesource.com
Blog: http://davsclaus.blogspot.com/
Twitter: http://twitter.com/davsclaus

I found only one reference to "https" in the camel-http 1.4.0 codebase. getPort() returns 443 when the protocol is "https", otherwise returns 80.

I don't know where else there might be SSL related code in the entire camel codebase, but this alone makes me think that https is not completely working in 1.4.0. I'm limited in how high I can upgrade my camel version, but I'll try with 1.5 and perhaps 1.6.

I checked the code and the change log, camel-http component supports
https protocol after Camel 1.5.0.

So you'd better upgrade the camel version, or ask commercial support as
Claus suggested.

Willem
bwhite wrote:
> I found only one reference to "https" in the camel-http 1.4.0 codebase.
> getPort() returns 443 when the protocol is "https", otherwise returns 80.
>
> I don't know where else there might be SSL related code in the entire camel
> codebase, but this alone makes me think that https is not completely working
> in 1.4.0. I'm limited in how high I can upgrade my camel version, but I'll
> try with 1.5 and perhaps 1.6.