[wildfly-dev] How to secure Camel CXF endpoints with Elytron?

Hi all, esp. Darran and Stuart, We (WildFly Camel Team) have a request [1] to support securing Camel CXF endpoints with Elytron and I am trying to figure out the best way to achieve that. = Current state A Camel context is started by Weld during Phase.INSTALL_CDI_VALIDATOR_FACTORY. This triggers a creation of the CXF WS endpoint. To expose the endpoint on Undertow, we create an ad hoc DeploymentInfo [2] with a context path requested by the Camel route [3]. To handle security, users are suggested to use CXF Interceptors, such as JAASLoginInterceptor [4]. The JAASLoginInterceptor works well with security domains defined in the legacy Security subsystem. = The problem A user wants to get rid of the legacy Security subsystem and use Elytron instead. = How to solve it As Darran pointed out in the chat, there is no JAAS support in Elytron and we thus cannot keep relying on JAASLoginInterceptor & Co. I investigated how Elytron is integrated in Undertow subsystem (esp. UndertowDeploymentInfoService) and I tried to do the same for our custom DeploymentInfo in Camel subsystem. The key point was to obtain a reference to securityFunction and apply it to the DeploymentInfo. In this way our Camel CXF endpoints indeed got protected by an Elytron security domain. I have a dirty but working PoC [5] where I just copied parts of UndertowDeploymentInfoService to a new CamelDynamicDeploymentService. I'd like to try re-using UndertowDeploymentInfoService as a whole so that I do not duplicate the security sensitive code. But before I do, could you Darran, Stuart and others please approve the general idea or eventually suggest something better? Thanks, -- Peter [1] https://issues.jboss.org/browse/ENTESB-7959 [2] https://github.com/wildfly-extras/wildfly-camel/blob/6.0.0/cxfhttp/src/ma... [3] https://github.com/wildfly-extras/wildfly-camel/blob/6.0.0/cxfhttp/src/ma... [4] https://github.com/wildfly-extras/wildfly-camel-examples/blob/6.0.0/camel... [5] https://github.com/ppalaga/wildfly-camel/commits/ENTESB-7959.180430