Question

我现在正在使用MuleESB 3.4.1。我想添加入站端点过滤器以进行授权。

我添加了以下代码：

<mule-ss:security-manager>
    <mule-ss:delegate-security-provider
        name="inmemory-provider" delegate-ref="validateAuthenticationManager" />
</mule-ss:security-manager>

<flow name="add-flow" doc:name="add-flow">
    <http:inbound-endpoint exchange-pattern="request-response"
        host="localhost" port="8081" path="add" doc:name="Add Request">
        <mule-ss:http-security-filter realm="mule-realm"
            securityProviders="inmemory-provider" />
    </http:inbound-endpoint>
</flow>

<ss:authentication-manager alias="validateAuthenticationManager">
    <ss:authentication-provider>
        <ss:user-service>
            <ss:user name="admin" password="admin" authorities="ROLE_ADMIN" />
            <ss:user name="staff" password="staff" authorities="ROLE_STAFF" />
        </ss:user-service>
    </ss:authentication-provider>
</ss:authentication-manager>

如何允许ROLE_ADMIN请求但不允许ROLE_STAFF？

非常感谢。

Answer 1

您可以在http：inbound-endpoint中使用mule-ss：authorization-filter。

<flow name="add-flow" doc:name="add-flow">
<http:inbound-endpoint exchange-pattern="request-response"
    host="localhost" port="8081" path="add" doc:name="Add Request">
    <mule-ss:http-security-filter realm="mule-realm"
        securityProviders="inmemory-provider" />
    <mule-ss:authorization-filter requiredAuthorities="ROLE_ADMIN"/>
</http:inbound-endpoint>
</flow>

我怎样才能在Mule ESB中使用“权限”

1 个答案: