Camel Shiro Security

Question

I'm using camel blueprint.xml and I want to secure routes with Shiro. I created the following class :

public class ShiroSecurity {
// Shiro configuration file path
   private static final String iniResourcePath = "shiro.ini";
   // Object used to encrypt/decrypt the token in the message.
   private static final byte[] passPhrase = {
         (byte) 0x08, (byte) 0x09, (byte) 0x0A, (byte) 0x0B, (byte) 0x0C, (byte) 0x0D, (byte) 0x0E, (byte) 0x0F,
         (byte) 0x10, (byte) 0x11, (byte) 0x12, (byte) 0x13, (byte) 0x14, (byte) 0x15, (byte) 0x16, (byte) 0x17};

   // list of token injectors used in this example
   private static ShiroSecurityTokenInjector shiroSecurityTokenInjector;

   /**
    * @param args
    * @throws Exception
    */
   public void test()
   {

      // Creation of the permission list supported by the policy.
      List<Permission> permissionsList = new ArrayList<Permission>();
      Permission permission = new WildcardPermission("zone1:readwrite:*");
      permissionsList.add(permission);

      ShiroSecurityPolicy policy = new ShiroSecurityPolicy(iniResourcePath, passPhrase, true, permissionsList);

 SimpleRegistry reg = new SimpleRegistry();
          reg.put("securityPolicy", policy);

          // Instanciating the Shiro tokens
      // The ShiroSecurityToken constructor receives the userName and the password as
      // parameters.
      ShiroSecurityToken shiroSecurityToken = new ShiroSecurityToken("paul", "mccartney");

      // Instanciating the Shiro TokenInjectors objects
      shiroSecurityTokenInjector = new ShiroSecurityTokenInjector(shiroSecurityToken, passPhrase);

   } }

with Java DSL we add policy like this:

   final CamelContext context = new DefaultCamelContext(reg);
          context.addRoutes(new RouteBuilder()
         {
            public void configure() throws Exception
            {
               onException(UnknownAccountException.class).handled(true).to("log:UnknownAccountException").to(
                     "file:Error/UnknownAccountException");
               onException(IncorrectCredentialsException.class).handled(true).to("log:IncorrectCredentialsException")
                     .to("file:Error/IncorrectCredentialsException");
               onException(LockedAccountException.class).handled(true).to("log:LockedAccountException").to(
                     "file:Error/LockedAccountException");
               onException(AuthenticationException.class).handled(true).to("log:AuthenticationException").to(
                     "file:Error/AuthenticationException");
               onException(CamelAuthorizationException.class).handled(true).to(
                     "log:CamelAuthorizationException ${in.header}").to("file:Error/CamelAuthorizationException");
               onException(NullPointerException.class).handled(true).to("log:Message not secure").to(
                     "file:Error/NotSecureMessage");

               from("direct:client").process(shiroSecurityTokenInjector).policy(
                         (Policy) context.getRegistry().lookup("securityPolicy")).to("log:success");;

            }
         });

         context.start();

         ProducerTemplate template = context.createProducerTemplate();

         Endpoint endpoint = context.getEndpoint("direct:client");
         Exchange exchange = endpoint.createExchange();
         exchange.getIn().setBody("Data");
         template.send(endpoint, exchange);

But How i can do this in blueprint.xml ?

I read that it should be something like that:

    <route id="timerToLog">
          <from uri="timer:foo?period=5000"/>
          <log message="Start"/>
          <to uri="bean:com.ngt.shiro.ShiroSecurity?method=tokeninject()"/>
          <policy>..</policy>
    </route> 

Answer 1

Route policy could be referenced on the <route> level, i.e.: <route routePolicyRef="securityPolicy">

given that "securityPolicy" bean is defined in camel simple registry.