[GitHub] [camel] JiriOndrusek removed a comment on pull request #3767: CAMEL-14950 camel-undertow: secure with spring-security 5

Fri, 24 Apr 2020 05:47:44 -0700 


JiriOndrusek removed a comment on pull request #3767:
URL: https://github.com/apache/camel/pull/3767#issuecomment-617747982


   Hi @oscerd , @davsclaus 
   I've prepared POC of integration of spring security into camel undertow.
   
   Feature contains of several changes in camel-undertow. 
   -  
https://github.com/apache/camel/pull/3767/files#diff-93b0f4a074166b188c9ac9afa9cdfda7
 Servlet has to be started (it is required for a filter handling security), but 
servlet is ignored by not wrapping handler of the servlet
   - spi interface was extended by option to start servlet context
   
   The rest of changes is for the new 'component' - which is not component, it 
is implementation of securityProvider for spring security 5:
   - important part is method authenticate, which uses existing servlet and 
start security filter: 
https://github.com/apache/camel/pull/3767/files#diff-06f63626d5c86c1d14d65eea55ed1815R38
   
   Here is an example of use: https://github.com/JiriOndrusek/reproducers/pull/3
   - User has to define securityContext for sprig security 5 
https://github.com/JiriOndrusek/reproducers/pull/3/files#diff-d2f799714dda7811c2142a8266f6ff77
   - and create securityConfiguration, which contains referece to security 
filter:
   
https://github.com/JiriOndrusek/reproducers/pull/3/files#diff-a92c0708392ea09a0da7483bfd4d616aR67
   
   With example, access to from endpoint is secured by keycloak 
(https://github.com/JiriOndrusek/reproducers/pull/3/files#diff-a92c0708392ea09a0da7483bfd4d616aR54)
 and only way how to access this is by addition of bearer token  into the 
request.
   
   I'd like to ask for your opinions about it. 
   (I know that this code is not finished, but it works as POC)
   
   Things to be added:
   - I'm not securing rest endpoint, but it should be done in similar way
   - tests are missing
   - I see some warning during aplication start in debug level - it should be 
solved as well 
   
   
   


----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

Reply via email to