Ondrej Lukas created WFLY-8245: ---------------------------------- Summary: AuthenticationContext should not be loaded from wildfly-config.xml automatically in deployment Key: WFLY-8245 URL: https://issues.jboss.org/browse/WFLY-8245 Project: WildFly Issue Type: Bug Components: Security Reporter: Ondrej Lukas Assignee: Darran Lofthouse Priority: Critical In case when wildfly-config.xml is located in deployment and application server does not have configured default-authentication-context for Elytron subsystem, then AuthenticationContext is automatically parsed from wildfly-config.xml. This behavior was changed between EAP 7.1.0.DR11 and EAP 7.1.0.DR12 (try Steps to Reproduce with DR12 as well as DR11). In case when default-authentication-context for Elytron subsystem is configured, then AuthenticationContext is correctly loaded from application server. If this is intended then it should be reflect in documentation - it currently says that "... they can make use of a configuration file using the _parseAuthenticationClientConfiguration(URI)_ method ...", but in current implementation it is parsed automatically. [~dlofthouse] Could you please clarify whether this is intended change or it is an issue? -- This message was sent by Atlassian JIRA (v7.2.3#72005)