
Enterprise integrations running across trust boundaries demand robust security solutions. Mule Enterprise Security enables end-to-end protection of your integration ecosystem. Join Reza Shafii, Director of Product Management at MuleSoft, to better understand how our enterprise-grade security solution can help you.
In this webinar, you will learn how to:
- Block unauthorized access to your systems
- Eliminate exposure of sensitive data and information
- Prevent attacks through proactive threat management

Presenter: Reza Shafii, Director of Product Management, MuleSoft, Inc.
Date: Thursday, January 10, 2013
Time: 8 AM PST / 11 PM EST
Register now >>
Filed under: Events, Mule ESB, MuleSoft by Dan Ahmadi on Monday, January 7, 2013 | Social tagging: APIs > architecture > Mule enterprise > Mule ESB > Security
No Comments »
On this 10th ‘Day of Christmas’ Mule blog post, we tackle an increasingly important question in the world of APIs: Presume that you would like to create a remote API (which perhaps exposes some legacy business logic) for access by internal and/or external clients. How can you make sure that access to your API is protected in such a way that:
A) Only clients that you trust can access them;
B) Those clients can access your API through the explicit authorization of their end-users; and
C) The end-users can be authenticated with a central entity, *withouth* having to share their credentials with your API’s clients.
Read more →
Filed under: CloudHub, Mule ESB, Mule Studio by reza.shafii on Thursday, January 3, 2013 | Social tagging: APIs > Mobile > OAuth > OAuth2 > Security
No Comments »
Service-Oriented Architectures (SOA) present unique security challenges due to loose service/application coupling and operations running across trust boundaries. To help our customers address these challenges, we have extended the Mule ESB platform security in several key areas and are making these extensions available through our Mule Enterprise Security package. This blog post will introduce the key components of that soon to be released package.
Product Overview
The first thing to know about Mule Enterprise Security is that it builds on top of Mule ESB Enterprise’s existing security capabilities. Mule ESB Enterprise already provides a solid set of security features, including:
Read more →
Filed under: CloudHub, Mule ESB, Mule Studio, MuleSoft by reza.shafii on Tuesday, November 6, 2012 | Social tagging: encryption > OAuth > Security > Singatures > Vault
3 Comments »
As you probably know, Mule provides pretty good support for PGP encryption (check the related links for further info on Mule’s PGP support). What we’re going to do in this blog post is provide a step-by-step, real life use case for PGP encryption. We’ll take a ride all the way from key generation to Mule configuration.
Read more →
Filed under: Mule ESB, Tech Ramblings by Mariano Gonzalez on Thursday, February 23, 2012 | Social tagging: encryption > PGP > Security
4 Comments »
Security around public cloud offerings has always been a major point of concern (and controversy) for users. How do cloud providers protect customer data? How is log data protected? How is the surrounding infrastructure secured? We previous talked about how iON stays up and running even through EC2 outages. Today, we will talk about iON security to show how we protect customer information and the infrastructure used in building iON.
Read more →
Filed under: CloudHub, MuleSoft, Tech Ramblings by Sweta Vajjhala on Wednesday, November 16, 2011 | Social tagging: amazon > aws > cloud > CloudHub > ec2 > ElasticSearch > ipsec > mongoDB > nginx > openswan > Secure Data Gateway > Security > SSH tunnel > upstart > vpc > vpn
2 Comments »
Jasypt is an open source Java library which provides basic encryption capabilities using a high-level API. This library can be used with Mule to avoid clear text passwords for connectors and endpoints.First, download the latest Jasypt distribution, unpack it and copy icu4j and jasypt jars to MULE_HOME/lib/user directory.
Read more →
Filed under: Mule ESB by Eugene Berman on Friday, October 21, 2011 | Social tagging: Jasypt > Mule 3 > Mule ESB > Security
4 Comments »

If you reached this blog and you are not a Mule user (yet) keep reading, I will not cover anything Mule specific. If you are new to OAuth or want to get an introduction to its concepts this post is the right one!
Authentication is vital in any kind of system but it is even more relevant when it comes to the web. As the web grows, more and more sites rely on distributed services and cloud computing. As resources are spread all over the web, sharing them across multiple sites is not an unrealistic requirement considering the following scenarios: a photo lab printing your Flickr photos, a social network using your Google address book to look for friends, or a third-party application utilizing APIs from multiple services. In order for these applications to access user data on other sites, they ask for usernames and passwords. Not only does this require exposing user passwords to someone else it also provides these applications unlimited access to do as they wish.
Read more →
Filed under: Tech Ramblings by Federico Recio on Tuesday, September 20, 2011 | Social tagging: authentication > cloud > howto > OAuth > Security
3 Comments »
Building a highly available and fault tolerant cloud platform comes with its share of challenges. What happens when components fail? What happens when the cloud itself experiences downtime? How is it possible to ensure customer apps are always available and their log data is never lost?
These are some of the very questions we ask ourselves when working through the iON architecture. With so many choices, both open-source and commercial, it can be difficult to know where to start, and is not unusual to experiment with several possible solutions before settling on the right technology stack.
Read more →
Filed under: CloudHub by Erik Seilnacht on Wednesday, September 14, 2011 | Social tagging: architecture > cloud > CloudHub > ElasticSearch > ES > HA > LB > Mongo > mongoDB > Security > Workers
2 Comments »
Many Mule users create RESTful services but they are not always clear on the way to authenticate and apply authorization to a RESTful Web Service. I have seen questions about this topic so I decided to write a tutorial that covers a common use case. We’re going to use Jersey, Spring Security and LDAP and of course Mule to pull it all together. I will show you how to do the following:
Read more →
- Expose REST resource using Jersey
- Secure the REST resource using HTTP Basic Authentication
- Authenticate and authorize users against an LDAP Directory
- Apply authorisation based on users groups to this REST resource
Filed under: Mule ESB by jaskirat.bhatia on Thursday, March 24, 2011 | Social tagging: apache DS > apache ldap > authentication > authorization > howto > jersey > ldap > Mule 3 > Mule 3.x > REST > REST webservice > Security
2 Comments »
The Mule team is very pleased to announce the general availability of Mule ESB 3.1. This release packs a lot of new shiny awesomeness.
We received loads of great feedback on Mule Cloud Connect and the team has been working hard on new improvements. Cloud Connectors now have specific XML schemas making it really easy to orchestrate data services between cloud and enterprise applications. This means Cloud Connectors can now be used in flows. For example, to create a new Twitter component for use in a flow use the following:
Read more →
Filed under: Mule ESB by Ross Mason on Tuesday, January 11, 2011 | Social tagging: BPM > cloud > Cloud Connect > flow > Mule 3 > Mule ESB > orchestration > salesforce > Security > twitter > Web Services
6 Comments »