Please help me understand, how security is implemented in Spring-integration. Is it like if flow is suppose JMS Queue-> Spring-integration -> Webservice, then 2 channels in spring-integration one for JMS and other for WS would connect. So is it like these channels would provide some authentication token kind of details to endpoints(JMS and WS) and perform routing. Please share if any helpful information on security in spring-integration
Thanks
Spring Integration can be seamless in regards to security (for example, passing any received token from JMS to WS if it's set as a header). Alternatively, it can enforce Spring Security at the channel level, meaning that you cannot pass a message on a channel (and it's downstream service) unless the request is authorized.
Another option is that the Spring Security Context can be serialized, allowing the whole authentication object to be serialized and passed over JMS, then deserialized and used as the Security Context in Spring Integration for invoking the WS.
Have a look at Appendix C in the Spring Integration documents.
