Nav
You are viewing an older version of this section. Click here to navigate to the latest version.

Encryption Strategies

The Security Manager can be configured with one or more encryption strategies that can then be used by encryption transformers, security filters, or secure transports such as SSL or HTTPS. These encryption strategies can greatly simplify configuration for secure messaging as they can be shared across components.

Following is an example of a password-based encryption strategy (PBE) that provides password-based encryption using JCE. Users must specify a password and optionally a salt and iteration count as well. The default algorithm is PBEWithMD5AndDES, but users can specify any valid algorithm supported by JCE.


       
    
1
2
3
<security-manager>
    <password-encryption-strategy name="PBE" password="mule"/>
</security-manager>

This strategy can then be referenced by other components in the system such as filters or transformers.


       
    
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
<decrypt-transformer name="EncryptedToByteArray" strategy-ref="PBE"/>

<service name="Svc1">
    <inbound>
        <inbound-endpoint address="vm://test">
            <encryption-security-filter strategy-ref="PBE"/>
        </inbound-endpoint>
    </inbound>
    ...cut...

<service name="Svc2">
    ...cut...
    <outbound>
        <pass-through-router>
            <outbound-endpoint address="vm://output" transformer-refs="EncryptedToByteArray"/>
        </pass-through-router>
    </outbound>