Undertow Spring Security

Since Camel 3.3

OSGi is not supported

The Spring Security Provider provides Spring Security (5.x) token bearer security over camel-undertow component. To force camel-undertow to use spring security provider:

  • Add spring security provider library on classpath.

  • Provide instance of SpringSecurityConfiguration as securityConfiguration parameter into camel-undertow component or provide both securityConfiguration and securityProvider into camel-undertow component.

  • Configure spring-security.

Configuration has to provide following security attribute:





Provides security filter gained from configured spring security (5.x). Filter could be obtained for example from DelegatingFilterProxyRegistrationBean.


Each exchange created by Undertow endpoint with spring security contains header 'SpringSecurityProvider_principal' ( name of header is provided as a constant SpringSecurityProvider.PRINCIPAL_NAME_HEADER) with current authorized identity as value or header is not present in case of rejected requests.