Contact Us 1-800-596-4880
  1. Homepage
  2. Mule Runtime (3.7)
  3. Reference
  4. General Configuration Reference

  5. Security Manager Configuration Reference

Security Manager Configuration Reference

Mule Runtime Engine versions 3.5, 3.6, and 3.7 reached End of Life on or before January 25, 2020. For more information, contact your Customer Success Manager to determine how you can migrate to the latest Mule version.

This page provides details on the elements you configure for the security manager. For more information, see Configuring Security.

Security Manager

The default security manager.

Table 1. Attributes of <security-manager…​>
Name Type Required Default Description

id

no

_muleSecurityManager

ID value

name

no

_muleSecurityManager

Name
Table 2. Child Elements of <security-manager…​>
Name Cardinality Description

custom-security-provider

0..1

A custom implementation of SecurityProvider.

custom-encryption-strategy

0..1

A custom implementation of EncryptionStrategy.

secret-key-encryption-strategy

0..1

Provides secret key-based encryption using JCE.

password-encryption-strategy

0..1

Provides password-based encryption using JCE. Users must specify a password and optionally a salt and iteration count as well. The default algorithm is PBEWithMD5AndDES, but users can specify any valid algorithm supported by JCE.

Custom Security Provider

A custom implementation of SecurityProvider.

Table 3. Attributes of <custom-security-provider…​>
Name Description

name

Name

Type: name (no spaces)
Required: yes
Default: none

provider-ref

The name of the security provider to use.

Type: string
Required: yes
Default: none
Table 4. Child Elements of <custom-security-provider…​>
Name Cardinality Description

spring:property

0..*

Spring-style property element for custom configuration.

Custom Encryption Strategy

A custom implementation of EncryptionStrategy.

Table 5. Attributes of <custom-encryption-strategy…​>
Name Description

name

Name

Type: name (no spaces)
Required: yes
Default: none

strategy-ref

A reference to the encryption strategy (which may be a Spring bean that implements the EncryptionStrategy interface).

Type: string
Required: yes
Default: none
Table 6. Child Elements of <custom-encryption-strategy…​>
Name Cardinality Description

spring:property

0..*

Secret Key Encryption Strategy

Provides secret key-based encryption using JCE.

Table 7. Attributes of <secret-key-encryption-strategy…​>
Name Description

name

Name

Type: name (no spaces)
Required: yes
Default: none

key

The key to use. This and the 'keyFactory-ref' attribute are mutually exclusive.

Type: string
Required: no
Default: none

keyFactory-ref

The name of the key factory to use. This should implement the ObjectFactory interface and return a byte array. This and the 'key' attribute are mutually exclusive.

Type: string
Required: no
Default: none

No Child Elements of <secret-key-encryption-strategy…​>

Password Encryption Strategy

Provides password-based encryption using JCE. Users must specify a password and optionally a salt and iteration count as well. The default algorithm is PBEWithMD5AndDES, but you can specify any valid algorithm supported by JCE.

Table 8. Attributes of <password-encryption-strategy…​>
Name Description

name

Name

Type: name (no spaces)
Required: yes
Default: none

password

The password to use.

Type: string
Required: yes
Default: none

salt

The salt to use (this helps prevent dictionary attacks).

Type: string
Required: no
Default: none

iterationCount

The number of iterations to use.

Type: integer
Required: no
Default: none

No Child Elements of <password-encryption-strategy…​>