]
Darran Lofthouse resolved WFCORE-2506.
--------------------------------------
Assignee: Darran Lofthouse
Resolution: Rejected
Rejected as this is pushing the limits of what is achievable with the PicketBox wrapping.
Roles are not assigned if access=identity uses Elytron security
domain based on legacy security domain
------------------------------------------------------------------------------------------------------
Key: WFCORE-2506
URL:
https://issues.jboss.org/browse/WFCORE-2506
Project: WildFly Core
Issue Type: Bug
Components: Security
Reporter: Ondrej Lukas
Assignee: Darran Lofthouse
Priority: Major
In case when Elytron security domain, which uses legacy security domain (provided through
elytron-integration in legacy security subsystem), is used for identity inflow in
access=identity, and authentication is provided by security domain which uses some Elytron
security realm, then no roles/groups from legacy security domain are assigned to the
secured identity. See reproducer for more details.