[jboss-jira] [JBoss JIRA] (WFLY-11604) Non-anonymous principal is not propagated from EJB context to CDI bean
[
https://issues.jboss.org/browse/WFLY-11604?page=com.atlassian.jira.plugin...
]
Diana Vilkolakova commented on WFLY-11604:
------------------------------------------
{quote}In scenario #1 however the call does not pass to another EJB, instead it passes
directly to an injected CDI bean. As this bean is directly injected it is running using
the SecurityContext of the CallerWithIdentity bean so it is correct that this is returning
'anonymous' instead of 'non-anonymous'.{quote}
[~dlofthouse] [~fjuma] This holds true for legacy, but when Elytron is enabled the
scenario #1 is returning non-anonymous principal. The difference is in [this
method|https://github.com/wildfly/wildfly/blob/master/weld/subsystem/src/...].
For elytron `elytronDomain.getCurrentSecurityIdentity().getPrincipal();` returns
non-anonymous but legacy returns anonymous.
Non-anonymous principal is not propagated from EJB context to CDI
bean
----------------------------------------------------------------------
Key: WFLY-11604
URL: https://issues.jboss.org/browse/WFLY-11604
Project: WildFly
Issue Type: Bug
Components: CDI / Weld, Security
Affects Versions: 14.0.1.Final, 15.0.1.Final
Reporter: Nikoleta Ziakova
Priority: Critical
This is a follow-up on WFLY-11587 which only dealt with being able to inject the
principal.
However, during testing I have tried a scenario when the caller principal was not
anonymous (run-as-principal setting in jboss-ejb3.xml). See the test case in this
[commit|https://github.com/nziakova/wildfly/commit/9ae586ad0159e6399f65103...].
The principal is not propagated from the EJB context. The result is that injected
principal in the CDI bean is always anonymous, although {{ctx.getCallerPrincipal()}} in
the EJB returns correct principal.
--
This message was sent by Atlassian Jira
(v7.13.5#713005)