SlideShare a Scribd company logo

Mule SAML

Download as PPT, PDF
D.Rajesh Kumar
D.Rajesh Kumar

Mule SAML

Technology
1 of 11
MULE –SAML
2 SAML Module As of version 2.2.3, Mule enterprise offers support for the Security Assertion Markup Language (SAML), which is a standard for exchange of security information between federated systems. For more information on SAML, see http://saml.xml.org/wiki/saml-wiki-knowledgebase.
3 SAML Module Current support in Mule is limited to SAML 1.1 and CXF web services only. Future versions of Mule will support the use of SAML with other transports. The supported SAML module is only available in the enterprise edition of Mule, although an unsupported version is available on the MuleForge.
4 Using the SAML Module This section describes how to configure the SAML module in your Mule configuration. Adding the SAML Module JAR The use the SAML module, the mule-module-saml JAR file must be in a location on the classpath of your application.
5 Configuring the Security Manager <mule xmlns:saml="http://www.mulesource.org/schema/mule/saml" xsi:schemaLocation="http://www.mulesource.org/schema/mule/saml http://www.mulesource.org/schema/mule/saml/current/mule-saml.xsd"> <!-- Rest of your mule configuration --> </mule>
6 Next, you configure the SAML security manager as shown below. The following example starts off with the definition of the SAML security manager and its accompanying security provider. The security provider specifies the default security realm to use by security filters if none is specified. This is especially useful in case you have only one security realm.
7 <saml:security-manager> <saml:saml-security-provider name="samlSecurityProvider" default- realm="senderVouches"> <saml:keystore-provider name="default-key-provider" key-store-file="classpath:saml.ks" key-store-type="JKS" key-store-password="changeit"/> <saml:sender-vouches-realm name="senderVouches" sign-key- alias="mulesaml" sign-key-password="changeit" key-provider-ref="default-key-provider" resign-assertions="true"/> <saml:holder-of-key-realm name="holderOfKey" key-provider- ref="default-key-provider" /> </saml:saml-security-provider> </saml:security-manager>
8 Within the security provider, you define a key provider, which reads keys and certificates from a standard Java keystore file. You configure this file using the normal Spring options to define resources. In this case, the keystore is read from the classpath. In this example, two security realms are defined. One uses the sender vouches SAML scheme and is also the default realm. The other is a holder of key realm. Both use the same key provider as defined above. For more information on these realms, see MULE3USER:Choosing a SAML Profile below.
9 Configuring Security on an Endpoint Once you've defined a security manager, you can configure security filters on CXF endpoints as shown in the examples below. The first example does not specify a security realm, so the default realm is used. Both filters specify the same certificate that is used to verify the SAML assertions as issued by the assertion provider. <saml:cxf-security-filter certificate-alias="mulesaml"/> <saml:cxf-security-filter certificate-alias="mulesaml" security-realm="non- default"/>
10 Choosing a SAML Profile SAML defines two different profiles: Sender-vouches (SV) and Holder-of- key (HOK). The Sender Vouches profile means that the sender of a message is authorized to act for one of its users towards another system. In this case, the sender of the message vouches its correctness. If both systems trust each other, this profile is appropriate. Holder-of-key means that the user himself is authorized to perform the actions. In this case, the owner (holder) of the key is acting. If your target system trusts the token issuer (and therefore the user) you'll use Holder-of- key.
Thank You

Recommended

Mule security
Mule securityMule security
Mule securityPraneethchampion
 
Mule security - saml
Mule security - samlMule security - saml
Mule security - samlD.Rajesh Kumar
 
Mule security - saml
Mule security - samlMule security - saml
Mule security - samlcharan teja R
 
Mule security
Mule securityMule security
Mule securitycharan teja R
 
Mule anypoint b2 b
Mule anypoint b2 bMule anypoint b2 b
Mule anypoint b2 bD.Rajesh Kumar
 
Introduction to testing mule
Introduction to testing muleIntroduction to testing mule
Introduction to testing muleRamakrishna kapa
 
Mule mule agent
Mule mule agentMule mule agent
Mule mule agentD.Rajesh Kumar
 
Mule security
Mule securityMule security
Mule securityD.Rajesh Kumar
 

Recommended

Mule security
Mule securityMule security
Mule securityPraneethchampion
 
Mule security - saml
Mule security - samlMule security - saml
Mule security - samlD.Rajesh Kumar
 
Mule security - saml
Mule security - samlMule security - saml
Mule security - samlcharan teja R
 
Mule security
Mule securityMule security
Mule securitycharan teja R
 
Mule anypoint b2 b
Mule anypoint b2 bMule anypoint b2 b
Mule anypoint b2 bD.Rajesh Kumar
 
Introduction to testing mule
Introduction to testing muleIntroduction to testing mule
Introduction to testing muleRamakrishna kapa
 
Mule mule agent
Mule mule agentMule mule agent
Mule mule agentD.Rajesh Kumar
 
Mule security
Mule securityMule security
Mule securityD.Rajesh Kumar
 
Mulesoft ppt
Mulesoft pptMulesoft ppt
Mulesoft pptkishore ippili
 
Mule fips
Mule fips Mule fips
Mule fips D.Rajesh Kumar
 
Mule expression language - Part 1
Mule expression language - Part 1Mule expression language - Part 1
Mule expression language - Part 1Karthik Selvaraj
 
Mule esb for beginners
Mule esb for beginnersMule esb for beginners
Mule esb for beginnersSindhu VL
 
Mule fips 140-2 compliance support
Mule fips 140-2 compliance supportMule fips 140-2 compliance support
Mule fips 140-2 compliance supportD.Rajesh Kumar
 
Anypoint mq (mulesoft) introduction
Anypoint mq (mulesoft) introductionAnypoint mq (mulesoft) introduction
Anypoint mq (mulesoft) introductionKarthik Selvaraj
 
Munit
MunitMunit
MunitSindhu VL
 
Mule quartz
Mule quartz Mule quartz
Mule quartz Praneethchampion
 
Flows in mule
Flows in muleFlows in mule
Flows in muleSindhu VL
 
Mule management console Architecture
Mule management console ArchitectureMule management console Architecture
Mule management console ArchitectureShanky Gupta
 
Mule esb
Mule esbMule esb
Mule esbcharan teja R
 
Mule ESB - Intra application communication
Mule ESB - Intra application communicationMule ESB - Intra application communication
Mule ESB - Intra application communicationkrishananth
 
Mule securing
Mule securingMule securing
Mule securingSindhu VL
 
Mulesoft idempotent Message Filter
Mulesoft idempotent Message FilterMulesoft idempotent Message Filter
Mulesoft idempotent Message Filterkumar gaurav
 
Current Tobacco advetise & legal provisions sk 190815
Current Tobacco advetise & legal provisions sk 190815Current Tobacco advetise & legal provisions sk 190815
Current Tobacco advetise & legal provisions sk 190815sokafs
 
healthcare toolkit
healthcare toolkithealthcare toolkit
healthcare toolkithimajareddys
 
Appendix 14
Appendix 14Appendix 14
Appendix 14Georgia Aitken
 
Is This Really a SAN Problem? Understanding the Performance of Your IO Subsy...
Is This Really a SAN Problem? Understanding the Performance of Your IO Subsy...Is This Really a SAN Problem? Understanding the Performance of Your IO Subsy...
Is This Really a SAN Problem? Understanding the Performance of Your IO Subsy...Embarcadero Technologies
 
저작권침해실태 및 경제적효과
저작권침해실태 및 경제적효과저작권침해실태 및 경제적효과
저작권침해실태 및 경제적효과koheugene
 
Resume of Caryl ODowd 09-2016a
Resume of Caryl ODowd 09-2016aResume of Caryl ODowd 09-2016a
Resume of Caryl ODowd 09-2016aCaryl ODowd
 
Task 5 planning
Task 5 planningTask 5 planning
Task 5 planningEdi008317
 
Sue's Story - April 5, 1998
Sue's Story - April 5, 1998Sue's Story - April 5, 1998
Sue's Story - April 5, 1998Maria Lameiras
 

More Related Content

What's hot

Mule expression language - Part 1
Mule expression language - Part 1Mule expression language - Part 1
Mule expression language - Part 1Karthik Selvaraj
 
Mule esb for beginners
Mule esb for beginnersMule esb for beginners
Mule esb for beginnersSindhu VL
 
Mule fips 140-2 compliance support
Mule fips 140-2 compliance supportMule fips 140-2 compliance support
Mule fips 140-2 compliance supportD.Rajesh Kumar
 
Anypoint mq (mulesoft) introduction
Anypoint mq (mulesoft) introductionAnypoint mq (mulesoft) introduction
Anypoint mq (mulesoft) introductionKarthik Selvaraj
 
Flows in mule
Flows in muleFlows in mule
Flows in muleSindhu VL
 
Mule management console Architecture
Mule management console ArchitectureMule management console Architecture
Mule management console ArchitectureShanky Gupta
 
Mule ESB - Intra application communication
Mule ESB - Intra application communicationMule ESB - Intra application communication
Mule ESB - Intra application communicationkrishananth
 
Mule securing
Mule securingMule securing
Mule securingSindhu VL
 
Mulesoft idempotent Message Filter
Mulesoft idempotent Message FilterMulesoft idempotent Message Filter
Mulesoft idempotent Message Filterkumar gaurav
 

What's hot (14)

Mulesoft ppt
Mulesoft pptMulesoft ppt
Mulesoft ppt
 
Mule fips
Mule fips Mule fips
Mule fips
 
Mule expression language - Part 1
Mule expression language - Part 1Mule expression language - Part 1
Mule expression language - Part 1
 
Mule esb for beginners
Mule esb for beginnersMule esb for beginners
Mule esb for beginners
 
Mule fips 140-2 compliance support
Mule fips 140-2 compliance supportMule fips 140-2 compliance support
Mule fips 140-2 compliance support
 
Anypoint mq (mulesoft) introduction
Anypoint mq (mulesoft) introductionAnypoint mq (mulesoft) introduction
Anypoint mq (mulesoft) introduction
 
Munit
MunitMunit
Munit
 
Mule quartz
Mule quartz Mule quartz
Mule quartz
 
Flows in mule
Flows in muleFlows in mule
Flows in mule
 
Mule management console Architecture
Mule management console ArchitectureMule management console Architecture
Mule management console Architecture
 
Mule esb
Mule esbMule esb
Mule esb
 
Mule ESB - Intra application communication
Mule ESB - Intra application communicationMule ESB - Intra application communication
Mule ESB - Intra application communication
 
Mule securing
Mule securingMule securing
Mule securing
 
Mulesoft idempotent Message Filter
Mulesoft idempotent Message FilterMulesoft idempotent Message Filter
Mulesoft idempotent Message Filter
 

Viewers also liked

Current Tobacco advetise & legal provisions sk 190815
Current Tobacco advetise & legal provisions sk 190815Current Tobacco advetise & legal provisions sk 190815
Current Tobacco advetise & legal provisions sk 190815sokafs
 
healthcare toolkit
healthcare toolkithealthcare toolkit
healthcare toolkithimajareddys
 
Is This Really a SAN Problem? Understanding the Performance of Your IO Subsy...
Is This Really a SAN Problem? Understanding the Performance of Your IO Subsy...Is This Really a SAN Problem? Understanding the Performance of Your IO Subsy...
Is This Really a SAN Problem? Understanding the Performance of Your IO Subsy...Embarcadero Technologies
 
저작권침해실태 및 경제적효과
저작권침해실태 및 경제적효과저작권침해실태 및 경제적효과
저작권침해실태 및 경제적효과koheugene
 
Resume of Caryl ODowd 09-2016a
Resume of Caryl ODowd 09-2016aResume of Caryl ODowd 09-2016a
Resume of Caryl ODowd 09-2016aCaryl ODowd
 
Task 5 planning
Task 5 planningTask 5 planning
Task 5 planningEdi008317
 
Sue's Story - April 5, 1998
Sue's Story - April 5, 1998Sue's Story - April 5, 1998
Sue's Story - April 5, 1998Maria Lameiras
 
SEcurity ldap for spring security
SEcurity ldap for spring securitySEcurity ldap for spring security
SEcurity ldap for spring securityhimajareddys
 
Manifest skolskog knjiznicara_2.0
Manifest skolskog knjiznicara_2.0Manifest skolskog knjiznicara_2.0
Manifest skolskog knjiznicara_2.0Ida Indir
 
Managing stack traces
Managing stack tracesManaging stack traces
Managing stack tracesSon Nguyen
 
Github plugin setup in anypointstudio
Github plugin setup in anypointstudioGithub plugin setup in anypointstudio
Github plugin setup in anypointstudioRajkattamuri
 
Wsdl connector introduction
Wsdl connector introductionWsdl connector introduction
Wsdl connector introductionSon Nguyen
 
Building Performant, Reliable, and Scalable Integrations with Mule ESB
Building Performant, Reliable, and Scalable Integrations with Mule ESBBuilding Performant, Reliable, and Scalable Integrations with Mule ESB
Building Performant, Reliable, and Scalable Integrations with Mule ESBRyan Hoegg
 
Clustering concepts
Clustering conceptsClustering concepts
Clustering conceptsHarish43
 

Viewers also liked (20)

Current Tobacco advetise & legal provisions sk 190815
Current Tobacco advetise & legal provisions sk 190815Current Tobacco advetise & legal provisions sk 190815
Current Tobacco advetise & legal provisions sk 190815
 
healthcare toolkit
healthcare toolkithealthcare toolkit
healthcare toolkit
 
Appendix 14
Appendix 14Appendix 14
Appendix 14
 
Is This Really a SAN Problem? Understanding the Performance of Your IO Subsy...
Is This Really a SAN Problem? Understanding the Performance of Your IO Subsy...Is This Really a SAN Problem? Understanding the Performance of Your IO Subsy...
Is This Really a SAN Problem? Understanding the Performance of Your IO Subsy...
 
저작권침해실태 및 경제적효과
저작권침해실태 및 경제적효과저작권침해실태 및 경제적효과
저작권침해실태 및 경제적효과
 
Resume of Caryl ODowd 09-2016a
Resume of Caryl ODowd 09-2016aResume of Caryl ODowd 09-2016a
Resume of Caryl ODowd 09-2016a
 
Task 5 planning
Task 5 planningTask 5 planning
Task 5 planning
 
Sue's Story - April 5, 1998
Sue's Story - April 5, 1998Sue's Story - April 5, 1998
Sue's Story - April 5, 1998
 
SEcurity ldap for spring security
SEcurity ldap for spring securitySEcurity ldap for spring security
SEcurity ldap for spring security
 
780175
780175780175
780175
 
780142
780142780142
780142
 
Manifest skolskog knjiznicara_2.0
Manifest skolskog knjiznicara_2.0Manifest skolskog knjiznicara_2.0
Manifest skolskog knjiznicara_2.0
 
KC case study
KC case studyKC case study
KC case study
 
Anypoint vpc
Anypoint vpcAnypoint vpc
Anypoint vpc
 
Managing stack traces
Managing stack tracesManaging stack traces
Managing stack traces
 
Mule esb availability
Mule esb availabilityMule esb availability
Mule esb availability
 
Github plugin setup in anypointstudio
Github plugin setup in anypointstudioGithub plugin setup in anypointstudio
Github plugin setup in anypointstudio
 
Wsdl connector introduction
Wsdl connector introductionWsdl connector introduction
Wsdl connector introduction
 
Building Performant, Reliable, and Scalable Integrations with Mule ESB
Building Performant, Reliable, and Scalable Integrations with Mule ESBBuilding Performant, Reliable, and Scalable Integrations with Mule ESB
Building Performant, Reliable, and Scalable Integrations with Mule ESB
 
Clustering concepts
Clustering conceptsClustering concepts
Clustering concepts
 

Similar to Mule SAML

Security spring security manager
Security spring security managerSecurity spring security manager
Security spring security managercharan teja R
 
Security spring security manager
Security spring security managerSecurity spring security manager
Security spring security managerhimajareddys
 
Security springsecuritymanager-sathyaraj
Security springsecuritymanager-sathyarajSecurity springsecuritymanager-sathyaraj
Security springsecuritymanager-sathyarajsathyaraj Anand
 
Mule security - spring security manager
Mule security - spring security managerMule security - spring security manager
Mule security - spring security managerD.Rajesh Kumar
 
Mule with spring security manager
Mule with spring security managerMule with spring security manager
Mule with spring security managerSon Nguyen
 
Flowsinmule 160517130818
Flowsinmule 160517130818Flowsinmule 160517130818
Flowsinmule 160517130818ppts123456
 
Spring security integrate with mule
Spring security integrate with muleSpring security integrate with mule
Spring security integrate with muleSon Nguyen
 
Securing mule
Securing muleSecuring mule
Securing muleSindhu VL
 
CENTERA_MIGRATOR_PPT_NOTES
CENTERA_MIGRATOR_PPT_NOTESCENTERA_MIGRATOR_PPT_NOTES
CENTERA_MIGRATOR_PPT_NOTESDaniel Moshief
 
IBM WebSphere MQ for z/OS - Security
IBM WebSphere MQ for z/OS - SecurityIBM WebSphere MQ for z/OS - Security
IBM WebSphere MQ for z/OS - SecurityDamon Cross
 
NetSim VANET User Manual
NetSim VANET User ManualNetSim VANET User Manual
NetSim VANET User ManualVishal Sharma
 
CamelOne 2013 Karaf A-MQ Camel CXF Security
CamelOne 2013 Karaf A-MQ Camel CXF SecurityCamelOne 2013 Karaf A-MQ Camel CXF Security
CamelOne 2013 Karaf A-MQ Camel CXF SecurityKenneth Peeples
 
Mule high availability
Mule high availabilityMule high availability
Mule high availabilitySon Nguyen
 

Similar to Mule SAML (20)

Mule security
Mule securityMule security
Mule security
 
Mule security
Mule securityMule security
Mule security
 
Mule security - pgp
Mule security - pgpMule security - pgp
Mule security - pgp
 
Security spring security manager
Security spring security managerSecurity spring security manager
Security spring security manager
 
Security spring security manager
Security spring security managerSecurity spring security manager
Security spring security manager
 
Security springsecuritymanager-sathyaraj
Security springsecuritymanager-sathyarajSecurity springsecuritymanager-sathyaraj
Security springsecuritymanager-sathyaraj
 
Mule security - spring security manager
Mule security - spring security managerMule security - spring security manager
Mule security - spring security manager
 
Mule with spring security manager
Mule with spring security managerMule with spring security manager
Mule with spring security manager
 
Flows in mule
Flows in muleFlows in mule
Flows in mule
 
Flowsinmule 160517130818
Flowsinmule 160517130818Flowsinmule 160517130818
Flowsinmule 160517130818
 
Spring security integrate with mule
Spring security integrate with muleSpring security integrate with mule
Spring security integrate with mule
 
Securing mule
Securing muleSecuring mule
Securing mule
 
Manual of the CSS Alarm Handler (Beast)
Manual of the CSS Alarm Handler (Beast)Manual of the CSS Alarm Handler (Beast)
Manual of the CSS Alarm Handler (Beast)
 
CENTERA_MIGRATOR_PPT_NOTES
CENTERA_MIGRATOR_PPT_NOTESCENTERA_MIGRATOR_PPT_NOTES
CENTERA_MIGRATOR_PPT_NOTES
 
Mule architecture
Mule architectureMule architecture
Mule architecture
 
Mule architecture
Mule architectureMule architecture
Mule architecture
 
IBM WebSphere MQ for z/OS - Security
IBM WebSphere MQ for z/OS - SecurityIBM WebSphere MQ for z/OS - Security
IBM WebSphere MQ for z/OS - Security
 
NetSim VANET User Manual
NetSim VANET User ManualNetSim VANET User Manual
NetSim VANET User Manual
 
CamelOne 2013 Karaf A-MQ Camel CXF Security
CamelOne 2013 Karaf A-MQ Camel CXF SecurityCamelOne 2013 Karaf A-MQ Camel CXF Security
CamelOne 2013 Karaf A-MQ Camel CXF Security
 
Mule high availability
Mule high availabilityMule high availability
Mule high availability
 

More from D.Rajesh Kumar

Mule soft meetup_-_finland_september_25th__2020 v2.0
Mule soft meetup_-_finland_september_25th__2020 v2.0Mule soft meetup_-_finland_september_25th__2020 v2.0
Mule soft meetup_-_finland_september_25th__2020 v2.0D.Rajesh Kumar
 
Meetup bangalore-sept5th 2020 (1)
Meetup bangalore-sept5th 2020 (1)Meetup bangalore-sept5th 2020 (1)
Meetup bangalore-sept5th 2020 (1)D.Rajesh Kumar
 
Mule soft meetup_-_finland_july_11th__2020
Mule soft meetup_-_finland_july_11th__2020Mule soft meetup_-_finland_july_11th__2020
Mule soft meetup_-_finland_july_11th__2020D.Rajesh Kumar
 
Bangalore mulesoft meetup#10
Bangalore mulesoft meetup#10Bangalore mulesoft meetup#10
Bangalore mulesoft meetup#10D.Rajesh Kumar
 
Meetup bangalore 9_novupdated
Meetup bangalore 9_novupdatedMeetup bangalore 9_novupdated
Meetup bangalore 9_novupdatedD.Rajesh Kumar
 
Meetup bangalore aug31st2019
Meetup bangalore aug31st2019Meetup bangalore aug31st2019
Meetup bangalore aug31st2019D.Rajesh Kumar
 
Meetup bangalore june29th2019
Meetup bangalore june29th2019Meetup bangalore june29th2019
Meetup bangalore june29th2019D.Rajesh Kumar
 
mulesoft meetup @ bangalore
mulesoft meetup @ bangaloremulesoft meetup @ bangalore
mulesoft meetup @ bangaloreD.Rajesh Kumar
 
Meetup_Bangalore_Rajesh
Meetup_Bangalore_RajeshMeetup_Bangalore_Rajesh
Meetup_Bangalore_RajeshD.Rajesh Kumar
 
Calico to secure host interfaces
Calico to secure host interfacesCalico to secure host interfaces
Calico to secure host interfacesD.Rajesh Kumar
 
Calico and how interprets neutron api
Calico and how interprets neutron apiCalico and how interprets neutron api
Calico and how interprets neutron apiD.Rajesh Kumar
 
Calico with open stack and chef
Calico with open stack and chefCalico with open stack and chef
Calico with open stack and chefD.Rajesh Kumar
 
Calico with open stack
Calico with open stackCalico with open stack
Calico with open stackD.Rajesh Kumar
 
Slack connector with in MULE
Slack connector with in MULESlack connector with in MULE
Slack connector with in MULED.Rajesh Kumar
 
MuleSoft Offers a Data Migration Solution
MuleSoft Offers a Data Migration SolutionMuleSoft Offers a Data Migration Solution
MuleSoft Offers a Data Migration SolutionD.Rajesh Kumar
 

More from D.Rajesh Kumar (20)

Mule soft meetup_-_finland_september_25th__2020 v2.0
Mule soft meetup_-_finland_september_25th__2020 v2.0Mule soft meetup_-_finland_september_25th__2020 v2.0
Mule soft meetup_-_finland_september_25th__2020 v2.0
 
Meetup bangalore-sept5th 2020 (1)
Meetup bangalore-sept5th 2020 (1)Meetup bangalore-sept5th 2020 (1)
Meetup bangalore-sept5th 2020 (1)
 
Mule soft meetup_-_finland_july_11th__2020
Mule soft meetup_-_finland_july_11th__2020Mule soft meetup_-_finland_july_11th__2020
Mule soft meetup_-_finland_july_11th__2020
 
Bangalore mulesoft meetup#10
Bangalore mulesoft meetup#10Bangalore mulesoft meetup#10
Bangalore mulesoft meetup#10
 
Meetup bangalore 9_novupdated
Meetup bangalore 9_novupdatedMeetup bangalore 9_novupdated
Meetup bangalore 9_novupdated
 
Meetup bangalore aug31st2019
Meetup bangalore aug31st2019Meetup bangalore aug31st2019
Meetup bangalore aug31st2019
 
Meetup bangalore june29th2019
Meetup bangalore june29th2019Meetup bangalore june29th2019
Meetup bangalore june29th2019
 
mulesoft meetup @ bangalore
mulesoft meetup @ bangaloremulesoft meetup @ bangalore
mulesoft meetup @ bangalore
 
Meetup_Bangalore_Rajesh
Meetup_Bangalore_RajeshMeetup_Bangalore_Rajesh
Meetup_Bangalore_Rajesh
 
Calico and container
Calico and containerCalico and container
Calico and container
 
Calico docker+ipam
Calico docker+ipamCalico docker+ipam
Calico docker+ipam
 
Calico architecture
Calico architectureCalico architecture
Calico architecture
 
Calico to secure host interfaces
Calico to secure host interfacesCalico to secure host interfaces
Calico to secure host interfaces
 
Calico and how interprets neutron api
Calico and how interprets neutron apiCalico and how interprets neutron api
Calico and how interprets neutron api
 
Calico with open stack and chef
Calico with open stack and chefCalico with open stack and chef
Calico with open stack and chef
 
Calico with open stack
Calico with open stackCalico with open stack
Calico with open stack
 
Calico with docker
Calico with dockerCalico with docker
Calico with docker
 
Object Store in Mule
Object Store in MuleObject Store in Mule
Object Store in Mule
 
Slack connector with in MULE
Slack connector with in MULESlack connector with in MULE
Slack connector with in MULE
 
MuleSoft Offers a Data Migration Solution
MuleSoft Offers a Data Migration SolutionMuleSoft Offers a Data Migration Solution
MuleSoft Offers a Data Migration Solution
 

Recently uploaded

Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsRizwan Syed
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsMark Billinghurst
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Patryk Bandurski
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...shyamraj55
 
Science&tech:THE INFORMATION AGE STS.pdf
Science&tech:THE INFORMATION AGE STS.pdfScience&tech:THE INFORMATION AGE STS.pdf
Science&tech:THE INFORMATION AGE STS.pdfjimielynbastida
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Scott Keck-Warren
 
Key Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxKey Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxLBM Solutions
 
Build your next Gen AI Breakthrough - April 2024
Build your next Gen AI Breakthrough - April 2024Build your next Gen AI Breakthrough - April 2024
Build your next Gen AI Breakthrough - April 2024Neo4j
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Enterprise Knowledge
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions
 
Artificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning eraArtificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning eraDeakin University
 
Snow Chain-Integrated Tire for a Safe Drive on Winter Roads
Snow Chain-Integrated Tire for a Safe Drive on Winter RoadsSnow Chain-Integrated Tire for a Safe Drive on Winter Roads
Snow Chain-Integrated Tire for a Safe Drive on Winter RoadsHyundai Motor Group
 
Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksSoftradix Technologies
 
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)Wonjun Hwang
 
Bluetooth Controlled Car with Arduino.pdf
Bluetooth Controlled Car with Arduino.pdfBluetooth Controlled Car with Arduino.pdf
Bluetooth Controlled Car with Arduino.pdfngoud9212
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 3652toLead Limited
 

Recently uploaded (20)

Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL Certs
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food Manufacturing
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
 
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptxE-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
 
Hot Sexy call girls in Panjabi Bagh 🔝 9953056974 🔝 Delhi escort Service
Hot Sexy call girls in Panjabi Bagh 🔝 9953056974 🔝 Delhi escort ServiceHot Sexy call girls in Panjabi Bagh 🔝 9953056974 🔝 Delhi escort Service
Hot Sexy call girls in Panjabi Bagh 🔝 9953056974 🔝 Delhi escort Service
 
Science&tech:THE INFORMATION AGE STS.pdf
Science&tech:THE INFORMATION AGE STS.pdfScience&tech:THE INFORMATION AGE STS.pdf
Science&tech:THE INFORMATION AGE STS.pdf
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024
 
Key Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxKey Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptx
 
Build your next Gen AI Breakthrough - April 2024
Build your next Gen AI Breakthrough - April 2024Build your next Gen AI Breakthrough - April 2024
Build your next Gen AI Breakthrough - April 2024
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping Elbows
 
Artificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning eraArtificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning era
 
Snow Chain-Integrated Tire for a Safe Drive on Winter Roads
Snow Chain-Integrated Tire for a Safe Drive on Winter RoadsSnow Chain-Integrated Tire for a Safe Drive on Winter Roads
Snow Chain-Integrated Tire for a Safe Drive on Winter Roads
 
Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other Frameworks
 
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
 
Bluetooth Controlled Car with Arduino.pdf
Bluetooth Controlled Car with Arduino.pdfBluetooth Controlled Car with Arduino.pdf
Bluetooth Controlled Car with Arduino.pdf
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
 

Mule SAML

  • 2. 2 SAML Module As of version 2.2.3, Mule enterprise offers support for the Security Assertion Markup Language (SAML), which is a standard for exchange of security information between federated systems. For more information on SAML, see http://saml.xml.org/wiki/saml-wiki-knowledgebase.
  • 3. 3 SAML Module Current support in Mule is limited to SAML 1.1 and CXF web services only. Future versions of Mule will support the use of SAML with other transports. The supported SAML module is only available in the enterprise edition of Mule, although an unsupported version is available on the MuleForge.
  • 4. 4 Using the SAML Module This section describes how to configure the SAML module in your Mule configuration. Adding the SAML Module JAR The use the SAML module, the mule-module-saml JAR file must be in a location on the classpath of your application.
  • 5. 5 Configuring the Security Manager <mule xmlns:saml="http://www.mulesource.org/schema/mule/saml" xsi:schemaLocation="http://www.mulesource.org/schema/mule/saml http://www.mulesource.org/schema/mule/saml/current/mule-saml.xsd"> <!-- Rest of your mule configuration --> </mule>
  • 6. 6 Next, you configure the SAML security manager as shown below. The following example starts off with the definition of the SAML security manager and its accompanying security provider. The security provider specifies the default security realm to use by security filters if none is specified. This is especially useful in case you have only one security realm.
  • 7. 7 <saml:security-manager> <saml:saml-security-provider name="samlSecurityProvider" default- realm="senderVouches"> <saml:keystore-provider name="default-key-provider" key-store-file="classpath:saml.ks" key-store-type="JKS" key-store-password="changeit"/> <saml:sender-vouches-realm name="senderVouches" sign-key- alias="mulesaml" sign-key-password="changeit" key-provider-ref="default-key-provider" resign-assertions="true"/> <saml:holder-of-key-realm name="holderOfKey" key-provider- ref="default-key-provider" /> </saml:saml-security-provider> </saml:security-manager>
  • 8. 8 Within the security provider, you define a key provider, which reads keys and certificates from a standard Java keystore file. You configure this file using the normal Spring options to define resources. In this case, the keystore is read from the classpath. In this example, two security realms are defined. One uses the sender vouches SAML scheme and is also the default realm. The other is a holder of key realm. Both use the same key provider as defined above. For more information on these realms, see MULE3USER:Choosing a SAML Profile below.
  • 9. 9 Configuring Security on an Endpoint Once you've defined a security manager, you can configure security filters on CXF endpoints as shown in the examples below. The first example does not specify a security realm, so the default realm is used. Both filters specify the same certificate that is used to verify the SAML assertions as issued by the assertion provider. <saml:cxf-security-filter certificate-alias="mulesaml"/> <saml:cxf-security-filter certificate-alias="mulesaml" security-realm="non- default"/>
  • 10. 10 Choosing a SAML Profile SAML defines two different profiles: Sender-vouches (SV) and Holder-of- key (HOK). The Sender Vouches profile means that the sender of a message is authorized to act for one of its users towards another system. In this case, the sender of the message vouches its correctness. If both systems trust each other, this profile is appropriate. Holder-of-key means that the user himself is authorized to perform the actions. In this case, the owner (holder) of the key is acting. If your target system trusts the token issuer (and therefore the user) you'll use Holder-of- key.