Undertow Spring Security

Since Camel 3.3

OSGi is not supported

The Spring Security Provider provides Spring Security (5.x) token bearer security over camel-undertow component. To force camel-undertow to use spring security provider:

  • Add spring security provider library on classpath.

  • Provide instance of SpringSecurityConfiguration as securityConfiguration parameter into camel-undertow component or provide both securityConfiguration and securityProvider into camel-undertow component.

  • Configure spring-security.

Configuration has to provide following security attribute:

Name

Description

Type

securityFiler

Provides security filter gained from configured spring security (5.x). Filter could be obtained for example from DelegatingFilterProxyRegistrationBean.

Filter

Each exchange created by Undertow endpoint with spring security contains header 'SpringSecurityProvider_principal' ( name of header is provided as a constant SpringSecurityProvider.PRINCIPAL_NAME_HEADER) with current authorized identity as value or header is not present in case of rejected requests.

Back to top