SecurityDomain.getCurrent() throws NPE when invoking SLSB using a Weld thread ----------------------------------------------------------------------------- Key: WFLY-9240 URL: https://issues.jboss.org/browse/WFLY-9240 Project: WildFly Issue Type: Bug Components: CDI / Weld, Security Affects Versions: 11.0.0.Beta1, 11.0.0.CR1 Reporter: Martin Kouba Assignee: Darran Lofthouse Priority: Critical Fix For: 11.0.0.Final -The integration code used by Weld 3 to propagate the security context of the current thread to different threads (needed for async events CDI 2.0 feature) is not able to obtain the current {{org.wildfly.security.auth.server.SecurityDomain}} anymore.- -The invocation of [SecurityDomain.getCurrent()|https://github.com/weld/wildfly/blob/11.0.0.B...] returns {{null}}.- UPDATE: The original description was wrong. We wrongly assumed that Elytron is active for a deployment by default which isn't the case. NullPointerException being reported DURING calls to SecurityDomain.getCurrent(): {noformat} Caused by: java.lang.NullPointerException at java.util.concurrent.ConcurrentHashMap.get(ConcurrentHashMap.java:936) at org.wildfly.security.auth.server.SecurityDomain.getCurrent(SecurityDomain.java:171) at org.jboss.as.ee.component.ProxyInvocationHandler.invoke(ProxyInvocationHandler.java:74) at org.jboss.weld.tests.event.async.context.security.Printer$$$view2.print(Unknown Source) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:498) at org.jboss.weld.util.reflection.Reflections.invokeAndUnwrap(Reflections.java:411) at org.jboss.weld.module.ejb.EnterpriseBeanProxyMethodHandler.invoke(EnterpriseBeanProxyMethodHandler.java:128) at org.jboss.weld.bean.proxy.EnterpriseTargetBeanInstance.invoke(EnterpriseTargetBeanInstance.java:56) at org.jboss.weld.module.ejb.InjectionPointPropagatingEnterpriseTargetBeanInstance.invoke(InjectionPointPropagatingEnterpriseTargetBeanInstance.java:68) at org.jboss.weld.bean.proxy.ProxyMethodHandler.invoke(ProxyMethodHandler.java:106) at org.jboss.weld.tests.event.async.context.security.Printer$Proxy$_$$_Weld$EnterpriseProxy$.print(Unknown Source) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) {noformat} Note that this worked on WildFly *11.0.0.Alpha1*. It's also possible that the test (see also steps to reproduce) is wrong. A review/help from a security expert would be appreciated.