Undertow Spring Security

Since Camel 3.3

The Spring Security Provider provides Spring Security (5.x) token bearer security over the camel-undertow component. To force camel-undertow to use spring security provider:

Add the spring security provider library on classpath.
Provide instance of SpringSecurityConfiguration as securityConfiguration parameter into the camel-undertow component or provide both securityConfiguration and securityProvider into camel-undertow component.
Configure spring-security.

Configuration has to provide the following security attribute:

Name

Description

Type

securityFiler

Provides security filter gained from configured spring security (5.x). Filter could be obtained, for example, from DelegatingFilterProxyRegistrationBean .

Filter

Each exchange created by Undertow endpoint with spring security contains header 'SpringSecurityProvider_principal' ( name of header is provided as a constant SpringSecurityProvider.PRINCIPAL_NAME_HEADER ) with current authorized identity as value or header is not present in case of rejected requests.