]
Richard Opalka updated WFLY-10997:
----------------------------------
Component/s: Remoting
(was: EJB)
WildFlyInitialContextFactory EJB proxy security behavior
inconsistent with different context lookups
-----------------------------------------------------------------------------------------------------
Key: WFLY-10997
URL:
https://issues.jboss.org/browse/WFLY-10997
Project: WildFly
Issue Type: Bug
Components: Remoting
Reporter: Lin Gao
Assignee: Bartosz Baranowski
Priority: Major
Labels: downstream_dependency
Original Estimate: 3 days
Remaining Estimate: 3 days
WildFlyInitialContextFactory EJB proxy security behavior inconsistent with different
context lookups
Using WildFlyInitialContextFactory and calling a remote EJB server.
Observations:
1) If the ejb lookup is "reproducer/TestSLSB!test.Test" (basically like a
RemoteNaming lookup), the ejb is invoked successfully, but the caller is seen as anonymous
instead of the ejbuser which is specified in the Context properties.
Using the ejb-client type lookup: ejb:/reproducer/TestSLSB!test.Test , then it shows up
as ejbuser as expected
2) if a client creates 2 InitialContexts and uses the lookup
reproducer/TestSLSB!test.Test" on ctx1 , then uses the lookup
"ejb:/reproducer/TestSLSB!test.Test " on ctx2 in that order, then they both show
anonymous (as if it uses only the context that was created first).
If you switch the order, and use ejb:/reproducer/TestSLSB!test.Test first, then they both
show ejbuser