Darran Lofthouse created ELY-571: ------------------------------------ Summary: ServerAuthenticationContext authorizeRunAs should be checking the transofremed name matches the authentication ID Key: ELY-571 URL: https://issues.jboss.org/browse/ELY-571 Project: WildFly Elytron Issue Type: Bug Components: API / SPI Reporter: Darran Lofthouse Assignee: Darran Lofthouse Fix For: 1.1.0.Beta6 At the moment the raw authorization ID is compared against the current authenticated principal, however we need to be comparing the result of name rewriting as applied to the authorization ID as this is the identity we will try and run as. -- This message was sent by Atlassian JIRA (v6.4.11#64026)