Anders Andersson created CAMEL-22000:
----------------------------------------
Summary: Expose mTLS headers for camel-mllp
Key: CAMEL-22000
URL: https://issues.apache.org/jira/browse/CAMEL-22000
Project: Camel
Issue Type: New Feature
Components: camel-mllp
Reporter: Anders Andersson
Jira issue CAMEL-17881 introduced TLS to camel-mllp, but I have a need for
mutal tls and add custom logic for authorizing clients based on the Serial
Number in their client certificate. I don't see how I can get this information
without modifying the camel-mllp component.
[camel-netty|https://camel.apache.org/components/4.10.x/netty-component.html#_message_headers]
sets the following headers (if you configure it):
* CamelNettySSLSession: NETTY_SSL_SESSION
* CamelNettySSLClientCertSubjectName: NETTY_SSL_CLIENT_CERT_SUBJECT_NAME
* CamelNettySSLClientCertIssuerName: NETTY_SSL_CLIENT_CERT_ISSUER_NAME
* CamelNettySSLClientCertSerialNumber: NETTY_SSL_CLIENT_CERT_SERIAL_NO
* CamelNettySSLClientCertNotBefore: NETTY_SSL_CLIENT_CERT_NOT_BEFORE
* CamelNettySSLClientCertNotAfter: NETTY_SSL_CLIENT_CERT_NOT_AFTER
My proposal is to mimic this in camel-mllp, setting the same headers (apart
from the exact name would be prefixed "MLLP_" example
MLLP_SSL_CLIENT_CERT_SUBJECT_NAME to conform with MLLP header naming standard).
If there is no TLS or there is TLS but the client is not providing a
certificate, these headers will no appear.
I will try to build this, starting today (as I need this functionality now),
unless anyone has objections. I hope it can be added to Camel. However I
probably need some help with how the procedures to send a contribution work and
aid with code review as I am very unfamiliar with Camel's source code.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
