[
https://issues.redhat.com/browse/WFLY-14189?page=com.atlassian.jira.plugi...
]
Alessandro Moscatelli commented on WFLY-14189:
----------------------------------------------
[~dvilkola] with PicketBox I used jboss-app.xml also. But that seemed ok to me since every
other security feature also requires it while using PicketBox. Without jboss-app.xml
HttpAuthenticationMechanism isn't triggered, for example.
With Elytron, everything works without jboss-app.xml but RunAs doesn't. That looked
like something somebody forgot to update to me.
Also, I followed a couple of tutorials (without mention of RunAs annotation) for Elytron
with examples without jboss-app.xml or jboss-web.xml so I imagined Elytron was designed to
work without it.
If this is the intended behavior that's ok to me, even if I am not a big fan of
configuration files. I'd rather have RunAs to stick with the default security domain
like the rest of features. Even more since I specified the application security domain in
both EJB sub system and undertow subsystems.
Thank you
The RunAs annotation doesn't work in EJBs with Elytron
------------------------------------------------------
Key: WFLY-14189
URL:
https://issues.redhat.com/browse/WFLY-14189
Project: WildFly
Issue Type: Bug
Components: EJB, Security
Affects Versions: 21.0.0.Final
Reporter: Alessandro Moscatelli
Assignee: Diana Vilkolakova
Priority: Major
Labels: ejb, elytron, regression, runas, security, startup
Attachments: standalone-full-ha.new.xml, test.zip
Role is not correctly assigned when using @RunAs annotation and Elytron Security Domain.
Everything works correctly with legacy picketbox Security Domain.
Wildfly is configured to use default "other" application-security-domain, also
using default security domain ApplicationDomain.
This exception is rised when deploying the application.
Caused by: javax.ejb.EJBAccessException: WFLYEJB0364: Invocation on method: public
abstract void org.visiontech.test.TestInterface.test() of bean: Test2 is not allowedCaused
by: javax.ejb.EJBAccessException: WFLYEJB0364: Invocation on method: public abstract void
org.visiontech.test.TestInterface.test() of bean: Test2 is not allowed at
org.jboss.as.ejb3@21.0.0.Final//org.jboss.as.ejb3.security.JaccInterceptor.hasPermission(JaccInterceptor.java:120)
Test/Sample project: [^test.zip]
--
This message was sent by Atlassian Jira
(v8.13.1#813001)