Package org.apache.camel.component.undertow.spi

Interface UndertowSecurityProvider

public interface UndertowSecurityProvider
SPI interface. Camel-undertow component will locate all available providers and will use first of then which returns true in method acceptConfiguration. To implement this interface you have to advertise SPI class of type UndertowSecurityProvider. Instance of that provider is initialized by call of acceptConfiguration and then will be used to authenticate requests.

  • Method Summary

    Modifier and Type
    Method
    Description
    boolean
    acceptConfiguration(Object configuration, String endpointUri)
    Initialization of securityProvider from configuration.
    void
    addHeader(BiConsumer<String,Object> consumer, io.undertow.server.HttpServerExchange httpExchange)
    Provider can add headers into Camel's exchange.
    int
    authenticate(io.undertow.server.HttpServerExchange httpExchange, List<String> allowedRoles)
    Method to handle incoming request for security purposes.
    default boolean
    requireServletContext()
    Security provider may need for its functionality also working servlet context.
    default io.undertow.server.HttpHandler
    wrapHttpHandler(io.undertow.server.HttpHandler httpHandler)
    SecurityProvider may change instance of undertow httpHandler during endpoint registration.

  • Method Details

    • addHeader

      void addHeader(BiConsumer<String,Object> consumer, io.undertow.server.HttpServerExchange httpExchange) throws Exception
      Provider can add headers into Camel's exchange. Method is called right after creation of Camel's exchange. Typical usage is to add authentication information into message (eg. authenticated principal)
      Parameters:
      consumer - BiConsumer is the only way how to add parameter into exchange (it accepts pair String, Object)
      httpExchange - Undertow exchange (could contain information from security provider)
      Throws:
      Exception

    • authenticate

      int authenticate(io.undertow.server.HttpServerExchange httpExchange, List<String> allowedRoles) throws Exception
      Method to handle incoming request for security purposes. Method returns status code with result (typically 200 if request is authenticated, 403 if not, some security provider needs to return more specific codes)
      Parameters:
      httpExchange - Undertow exchange
      allowedRoles - List of allowed roles defined on endpoint.
      Returns:
      Status code 200 if, request is authorized, other code if not.
      Throws:
      Exception

    • acceptConfiguration

      boolean acceptConfiguration(Object configuration, String endpointUri) throws Exception
      Initialization of securityProvider from configuration. Object passed to camel-undertow as 'securityConfiguration' should be tested here, if it is meant for this securityProvider and provider should initialize its state from it. If configuration is not acceptable, return false.
      Parameters:
      configuration - Object which contain connfiguration passed to camel-undertow
      endpointUri - Uri of endpoint (could be important for intialization)
      Returns:
      True if securityProvider is initialized from data and is able to authenticate requests.
      Throws:
      Exception

    • wrapHttpHandler

      default io.undertow.server.HttpHandler wrapHttpHandler(io.undertow.server.HttpHandler httpHandler) throws Exception
      SecurityProvider may change instance of undertow httpHandler during endpoint registration.
      Parameters:
      httpHandler - Original httpHandler
      Returns:
      New httpHandler (default behavior is to return the same handler)
      Throws:
      Exception

    • requireServletContext

      default boolean requireServletContext()
      Security provider may need for its functionality also working servlet context. This feature could be used for example in case of execution of servletFilters for security reasons.