Security for Camel GAE Applications

Securing GAE applications from unauthorized access is described in the Security and Authentication section of the Google App Engine documentation. Authorization constraints are declared in the web.xml. This applies to Camel applications as well. In the following example, the application is configured to only allow authenticated users (in any role) to access the application. Additionally, access to /worker/* URLs may only be done by users in the admin role. By default, web hook URLs installed by the gtask component match the /worker/* pattern and should not be accessed by normal users. With this authorization constraint, only the task queuing service (which is always in the admin role) is allowed to access the web hooks. For implementing custom, non-declarative authorization logic, Camel GAE applications should use the Google Accounts Java API.

web.xml with authorization constraint
© 2004-2014 The Apache Software Foundation.
Apache Camel, Camel, Apache, the Apache feather logo, and the Apache Camel project logo are trademarks of The Apache Software Foundation. All other marks mentioned may be trademarks or registered trademarks of their respective owners.
Graphic Design By Hiram