CAMEL-23592: camel-shiro - align Exchange header constant names with Camel naming convention

[oscerd]

Summary

Renames the three Exchange header string values in ShiroSecurityConstants
that drive Shiro authentication (SHIRO_SECURITY_TOKEN,
SHIRO_SECURITY_USERNAME, SHIRO_SECURITY_PASSWORD) to
CamelShiroSecurity<Name>, following the convention used across the rest of
the Camel component catalog and matching the pattern established in
CAMEL-23526 (camel-cxf), CAMEL-23522 (camel-mail), CAMEL-23461
(camel-aws-bedrock), CAMEL-23532 (camel-vertx-websocket /
camel-atmosphere-websocket / camel-iggy), and CAMEL-23576 (camel-jira).

Constant	Previous value	New value
ShiroSecurityConstants.SHIRO_SECURITY_TOKEN	SHIRO_SECURITY_TOKEN	CamelShiroSecurityToken
ShiroSecurityConstants.SHIRO_SECURITY_USERNAME	SHIRO_SECURITY_USERNAME	CamelShiroSecurityUsername
ShiroSecurityConstants.SHIRO_SECURITY_PASSWORD	SHIRO_SECURITY_PASSWORD	CamelShiroSecurityPassword

These headers carry credentials and a serialized authentication token, so
filtering them at transport boundaries by default is particularly important
(Cluster A — auth/credential/signing exposure — in the CAMEL-23577 epic).

The Java field names are unchanged so routes referencing the constants
symbolically continue to work; routes using the literal string values must
be updated (documented in the 4.21 upgrade guide).

Generated artifacts

ShiroSecurityConstants has no @Metadata annotations (this is a
SecurityPolicy-style component, not a producer/consumer-style component
that surfaces headers in the catalog), so no catalog JSON or endpoint DSL
regeneration is needed. The diff is exactly the constants file + the upgrade
guide entry.

Backports

camel-shiro exists on camel-4.18.x and camel-4.14.x with the same
legacy values — backports apply and will be filed as follow-up PRs.

Test plan

• mvn test in components/camel-shiro — 21 tests pass
• No literal string usages of these constants in tests or in the shiro
  adoc (all references are symbolic via ShiroSecurityConstants.XXX)
• Upgrade guide entry added under === camel-shiro - potential breaking change (consistent with the suffix convention adopted by camel-jira /
  camel-jgroups / camel-dns / camel-milo and the in-flight CAMEL-23577: docs - add "potential breaking change" suffix to 9 header-rename sub-task entries in the 4.21 upgrade guide #23505 suffix
  follow-up for the other 9 CAMEL-23577 sub-task entries)

Tracker: CAMEL-23577

Reported by Claude Code on behalf of Andrea Cosentino

[github-actions]

🌟 Thank you for your contribution to the Apache Camel project! 🌟
🤖 CI automation will test this PR automatically.

🐫 Apache Camel Committers, please review the following items:

• First-time contributors require MANUAL approval for the GitHub Actions to run
• You can use the command /component-test (camel-)component-name1 (camel-)component-name2.. to request a test from the test bot although they are normally detected and executed by CI.
• You can label PRs using skip-tests and test-dependents to fine-tune the checks executed by this PR.
• Build and test logs are available in the summary page. Only Apache Camel committers have access to the summary.

⚠️ Be careful when sharing logs. Review their contents before sharing them publicly.

[github-actions]

🧪 CI tested the following changed modules:

• components/camel-shiro
• docs

All tested modules (8 modules)

• Camel :: JBang :: MCP
• Camel :: JBang :: Plugin :: Route Parser
• Camel :: JBang :: Plugin :: TUI
• Camel :: JBang :: Plugin :: Validate
• Camel :: Launcher :: Container
• Camel :: Shiro
• Camel :: YAML DSL :: Validator
• Camel :: YAML DSL :: Validator Maven Plugin

---

⚙️ View full build and test results

[gnodet]

Good change. The three Shiro constants (SHIRO_SECURITY_TOKEN, SHIRO_SECURITY_USERNAME, SHIRO_SECURITY_PASSWORD) carried credential-related data without the Camel prefix, meaning they weren't filtered by HeaderFilterStrategy at transport boundaries. Renaming to CamelShiroSecurity* is particularly important here since these headers carry authentication tokens and credentials. Upgrade guide entry is thorough.

LGTM.

Claude Code on behalf of Guillaume Nodet