The ShiroSecurityPolicy, tests and permits incoming message exchanges containing a encrypted SecurityToken in the Message Header to proceed further following proper authentication. The SecurityToken object contains a Username/Password details that are used to determine where the user is a valid user.
protected RouteBuilder createRouteBuilder() throws Exception { final ShiroSecurityPolicy securityPolicy = new ShiroSecurityPolicy("classpath:shiro.ini", passPhrase); return new RouteBuilder() { public void configure() { onException(UnknownAccountException.class) .to("mock:authenticationException"); onException(IncorrectCredentialsException.class) .to("mock:authenticationException"); onException(LockedAccountException.class) .to("mock:authenticationException"); onException(AuthenticationException.class) .to("mock:authenticationException"); from("direct:secureEndpoint") .to("log:incoming payload") .policy(securityPolicy) .to("mock:success"); } }; }