SecurityIdentity is not propagated to Camel route

[mnhlvsk]

Hi guys,

I'm trying to use SecurityIdentity with Quarkus Camel, but can't get it working. Always getting an exception ContextNotActiveException when I call SecurityIdentity. Could you please help me how to solve it?

application.properties:

quarkus.http.auth.basic=true
quarkus.http.auth.permission.default.paths=/*
quarkus.http.auth.permission.default.policy=authenticated
quarkus.security.users.embedded.enabled=true
quarkus.security.users.embedded.plain-text=true
quarkus.security.users.embedded.users.jdoe=p4ssw0rd
quarkus.security.users.embedded.roles.jdoe=NoRolesUser

Route:

@ApplicationScoped
public class CamelRoute extends EndpointRouteBuilder {

        @Inject
        GreetingProcessor proc;

        @Override
        public void configure() throws Exception {
            from("platform-http:/myservice")
                    .process(proc);
        }
    }

Processor:

@ApplicationScoped
public class GreetingProcessor implements Processor {

    @Inject
    SecurityIdentity identity;

    @Override
    public void process(Exchange exchange) throws Exception {
        System.out.println(identity.getPrincipal().getName());
    }
}

[jamesnetherton]

This does indeed seem to be broken for platform-http. Even when forcefully activating the request context with @ActivateRequestContext, the SecurityIdentity details are empty.

As a workaround you can try using camel-quarkus-servlet. SecurityIdentity should then work correctly.

[jamesnetherton]

There's a change coming in Camel 3.14.0 that should help with this scenario. In the platform-http route processor you will be able to do:

QuarkusHttpUser user = exchange.getMessage().getHeader(VertxPlatformHttpConstants.AUTHENTICATED_USER, QuarkusHttpUser.class);

Then you can access the Principal on the user object.