2. 2
Overview
Anypoint Enterprise Security is a collection of security features that enforce
secure access to information in Mule applications.
This suite of security features provides various methods for applying
security to Mule Service-Oriented Architecture (SOA) implementations and
Web services. The following security features bridge gaps between trust
boundaries in applications:
3. 3
Mule Secure Token Service (STS) OAuth 2.0a Provider
Mule Credentials Vault
Mule Message Encryption Processor
Mule Digital Signature Processor
Mule Filter Processor
Mule CRC32 Processor
Install the Anypoint Enterprise Security update on your instance of Anypoint
Studio Enterprise Edition 3.3.2 or later
4. 4
Why Do Applications Need Security?
Businesses must ensure that the valuable information they store and make
available through software applications and Web services is secure.
Locked away and protected from unauthorized users and malicious
attackers, protected resources — such as credit card information or Social
Security numbers — must still be accessible to authorized legitimate users
and systems in order to conduct business transactions.
5. 5
To provide secure access to information, applications and services can
apply a variety of security measures. The suite of security features in
Anypoint Enterprise Security enables developers to protect applications
according to security requirements, prevent security breaches and facilitate
authorized access to data.
6. 6
Advantages of Anypoint Enterprise Security
Anypoint Enterprise Security adds new features on top of of Mule ESB
Enterprise’s existing security capabilities. Mule ESB already provides the
following security features:
Mule Security Manager, client authentication and authorization on inbound
requests as well as credential mapping for outbound calls
LDAP and third party identity management system integration
Validation of inbound requests through the SAML 2.0 federated identity
standard
Secure FTP (SFTP) Transport that enables Mule flows to read and write to
remote directories over the SSH protocol.
7. 7
In most cases the above features were accessible only to expert Mule
developers who are very familiar with the Spring Security framework.
Anypoint Enterprise Security expands the types of security available to
apply to Mule applications and, through its accessibility in Studio, makes
security features accessible to a broader range of skilled developers.
Compiled to form an easily-accessible, user-friendly collection, Anypoint
Enterprise Security offers developers a clear, structured method for adding
security to Mule ESB applications. Developers can easily drag-and-drop
one or more security features into Mule flows in Studio, Mule ESB’s
graphical user interface (GUI), and can find configuration support in Mule
documentation.
8. 8
Anypoint Enterprise Security offers developers six tools to ensure that
authorized end users have secure access to protected data. Each tool
plays a different role in securing a Mule application.