Re: [jboss-as7-dev] The principal is not propagated to ejb session context

The SecurityAssociationValve (which should in fact be named SecurityContextValve) sets up the SecurityContext for the web container authentication. The web container auth starts with Authenticator which will invoke the realm (JBossWebRealm). The realm will perform the authentication and create a subject. Right then, the subject needs to be pushed onto the Security Context. Now when the call goes to any other EE component such as EJB3, that integration needs to pick the SecurityContext details. I support the creation of a JIRA issue to track this example deployment. Thanks JP. :) On 10/18/2011 06:18 AM, Jaikiran Pai wrote: > This indeed appears to be a bug. I also looked at our AS7 testsuite and > all of those tests do programatic login within the servlet or the tests > before invoking the bean. Dieter, on the other hand uses container > managed login (FORM based) and is running into this issue. > > I looked into the code and IMO the > org.jboss.as.web.security.SecurityContextAssociationValve (which is > setting up the principal) is added at the wrong place. This valve is the > first one to be executed even before the FormBasedAuthenticatorValve > kicks in. As a result, the SecurityContextAssociationValve doesn't have > the right principal to associate with the request. > > Dieter, could you please create a JIRA for this (if you haven't yet) > here https://issues.jboss.org/browse/AS7 > > -Jaikiran > > On Tuesday 18 October 2011 03:18 PM, Jaikiran Pai wrote: >> Thanks. I'm having a look. >> >> -Jaikiran >> On Tuesday 18 October 2011 03:08 AM, Dieter Tengelmann wrote: >>> Hi, Anil, >>> >>> I've attached ear file and sources at the forum thread: >>> http://community.jboss.org/thread/173494 >>> >>> Best regards, >>> Dieter _______________________________________________ jboss-as7-dev mailing list jboss-as7-dev(a)lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-as7-dev