Configuring Security
Mule ESB allows you to authenticate requests via endpoints using transport-specific or generic authentication methods. It also allows you to control method-level authorization on your service components. The Security Manager is responsible for authenticating requests based on one or more security providers. All security is pluggable via the Mule security API, so you can easily plug in custom implementations.
For information on the elements you can configure for the Security Manager, see Security Manager Configuration Reference. The following sections provide links to information on configuring different types of security managers.
Spring Security 3.0
Spring Security is the next version of Acegi and provides a number of authentication and authorization providers such as JAAS, LDAP, CAS (Yale Central Authentication service), and DAO. The following topics will help you get started securing your services using Spring Security:
Acegi
NOTE: Acegi is replaced by Spring Security and deprecated. It is not supported in future versions of Mule.
Acegi provides a number of authentication and authorization providers such as JAAS, LDAP, CAS (Yale Central Authentication service), and DAO. The following topics will help you get started securing your services using Acegi:
WS-Security and SAML
WS-Security is a standard protocol for applying security to Web services. It contains specifications on how integrity and confidentiality in a SOAP message can be enforced via XML signatures and binary security tokens such as X.509 certificates and Kerberos tickets as well as encryption headers. It ensures end-to-end security by working in the application layer as opposed to the transport layer. Mule provides the following resources for WS-Security:
-
WS-Security Example The WS-Security example demonstrates the different possibilities available for incorporating WS-Security into your Mule application. This example is available in the enterprise edition of Mule as of version 2.2.3.
-
Enabling WS-Security - Describes how to secure your CXF SOAP endpoints with WS-Security.
-
SAML Module - Mule now supports the SAML standard for exchange of security information between systems. This module is available in the enterprise edition of Mule as of version 2.2.3
Other Security Integration
Mule also supports the following security technologies:
-
Encryption Strategies - Secure your messages by encrypting them.
-
PGP Security - Secure your messages by encrypting them with PGP.