0

I have below camel rest route. Currently all the host is able to access this route using the URL exposed.

Is there anyway I can restrict remote host to access based on the IP configured. I want to allow certain IP address to access this URL. Is there any configuration in camel available to handle this ?

rest("/api/")
        .id("reset-api-route")
        .get("/reset")
        .to("direct:resetRoute");
Improve this question

1 Answer 1

Reset to default
1

With camel-netty4-http component you can have remote IP address in the headers.

However it might make more sense to make network level isolation on firewall before your application.

With camel-netty4-http you can inspect and do logic with remote IP like this:

@Override
public void configure() throws Exception {
    restConfiguration()
        .component("netty4-http")
        .host("localhost")
        .port(8000)
        .bindingMode(RestBindingMode.auto);


    rest("/api/")
    .id("reset-api-route")
    .get("/reset")
    .to("direct:resetRoute");

    from("direct:resetRoute")
        .log("${in.headers.CamelNettyRemoteAddress}")
        .choice()
            .when(header("CamelNettyRemoteAddress").startsWith("/127.0.0.1:")) // localhost
                .transform().constant("allowed").endChoice()
            .otherwise()
                .transform().constant("denied");
}

If your Camel application is running inside Spring-Boot then you can use Spring Security IP filtering. Also keep in mind that if your application is behind load balancer then depending on the load balancer you might always see the load balancer's address instead of the original caller.

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.