You can check the documentation here: https://undertow.io/undertow-docs/undertow-docs-2.1.0/index.html#security

States that "The next handler in the authentication process is the AuthenticationConstraintHandler, this handler is responsible for checking the current request and identifying if authentication should be marked as being required for the current request. This handler can take a Predicate that makes a decision about if the request requires authentication."

This is not consistent with the code of the handelr.