2. Mule Security Application Package
Mule provides a bundle of security tools called Anypoint Enterprise
Security which helps in securing the data access in Mule Application.
Anypoint Enterprise Security requires an Enterprise license which one has to
acquire from MuleSoft.
3. Installing Anypoint Enterprise Security
Installation guide https://docs.mulesoft.com/mule-user-
guide/v/3.7/installing-anypoint-enterprise-security
After Installing Anypoint Enterprise Security, a new group called Security will
be available on Mule palette which will contain six new processors.
The new processors added after successful installation of Anypoint Enterprise
Security module are CRC32, Message Encryption, Filter, OAuth provider
module, Secure Property Placeholder, Digital Signature.
4. Mule CRC32 processor
The Mule CRC32 processor is used to apply cyclic redundancy check on mule
messages to check their integrity. In CRC the message is assigned a check
value when it enters the system and this value is matched when the message
leaves the system. If the values match then the message integrity is intact.
5. Mule Message Encryption processor
Mule Message Encryption processor can encrypt entire payload or selected
field in the message. This is done to prevent unauthorized access. Data like
password, credit card are always transmit in encrypted format.
6. Mule Filter Processor
Mule Filter Processor is used to process only valid messages as it will not let
pass the invalid one. The condition for validity is configured in the processor.
7. Mule Secure Token Service OAuth 2.0
Provider
Mule Secure Token Service OAuth 2.0 Provider is used to secure REST Web
service Provider or Consumer.OAuth uses tokens to ensure that a resource
owner never has to share credentials, such as a username or password, with a
3rd-party Web service.
8. Mule Digital Signature processor
Mule Digital Signature processor is used to ensure that messages maintain
integrity and authenticity. Digital signatures ensure that a sender is valid,
that a message is not modified in transit between Web services, and that no
unauthorized user has tampered with a message.
9. Secure Property Placeholder
Secure Property Placeholder is a Global element which is used to encrypt
properties in a properties file. The properties file which stores encrypted
properties is called the Mule Credentials Vault. There are 19 encryption
algorithm available to encrypt the properties file. Encryption Key is the only
thing which can decrypt the Mule Credentials Vault.
10. Mule’s OOTB Security Feature
Mule also provides OOTB features to ensure security of the applications.
These features are Mule Security Manager, LDAP integration , SSH for secure
FTP and Inbound Request Validation using SAML 2.0.