PingAuthorize

Enabling Camel service connections

If your PingAuthorize implementation relies on Apache Camel, you can enable Camel for both embedded and external (PDP) modes.

Before you begin

You must install the Policy Editor and the PingAuthorize server before enabling Camel services.

About this task

To ensure that Camel is used with appropriate permissions and security controls, Camel services are disabled by default in the Policy Editor.

If you upgrade an existing installation of PingAuthorize to version 9.3.0.0 or later, and the earlier version was configured in embedded PPD mode with a deployment package containing Camel services, the upgraded PingAuthorize server will fail to start. The following steps also resolve this issue:

Steps

  1. In the PingAuthorize server distribution, copy the symphonic-camel-pdp-<version>.jar file from resource/camel to the lib folder.

  2. In the Policy Editor distribution, copy the symphonic-camel-pap-<version>.jar file from resource/camel to the admin-point-application/lib folder.

  3. In the Policy Editor distribution, add the - "camel-service" flag to enabledFeatures in the config/configuration.yml file.

    Example:

    enabledFeatures:
    - "test-suite"
    - "entity-dependents"
    - "camel-service"
  4. Save your changes and restart the Policy Editor.

Result

You should now be able to use Camel services to inform your authorization policy decisions in both external and embedded PDP modes.

Camel services

Overview

You can retrieve information from any endpoint that the Apache Camel enterprise integration platform supports. See the list of Camel components for a full list of supported systems.

Configure Camel components by using a combination of URI, Headers, Body, and Configuration settings. The appropriate values to provide for each setting depend on the component that is used.

You can make requests dynamic by interpolating attribute values into different parameters. See Attribute interpolation.

Camel settings

Screen capture of the Camel service settings
Setting Description

URI

The identifier for the Camel endpoint. PingAuthorize can interpolate attribute values into this field.

Headers

Additional information to send with the Camel service request. PingAuthorize can interpolate attribute values into this field.

Body

The body to send with the Camel service request. PingAuthorize can interpolate attribute values into this field.

Configuration

Some Camel components require you to configure helper components for them to work. specify these components by using the Groovy scripting language to write a Spring Bean configuration block. Learn more about writing configurations In Class GroovyBeanDefinitionReader.

PingAuthorize cannot interpolate attributes into this field.

The Camel JDBC component makes use of the Headers and Body settings and requires a JDBC data source to be set up in the Camel Configuration setting.

Value processors

You can define value processors to transform data returned by the Camel service. Learn more in Processors.