[JBoss JIRA] (WFLY-11892) With Elytron the legacy RunAsLoginModule no longer works

Friday, 5 April 2019

    [
https://issues.jboss.org/browse/WFLY-11892?page=com.atlassian.jira.plugin...
] 

Darran Lofthouse commented on WFLY-11892:
-----------------------------------------

The referenced ejb-security-jaas-quickstart is making use of a WildFly Elytron
SecurityDomain and SecurityContext to legacy PicketBox security services are no longer
available within that deployment.

To continue to make use of legacy approaches such as the RunAs LoginModule the application
should be deployed to use PicketBox exclusively, i.e. there should be no
application-security-domain mapping for that deployment in either the ejb or undertow
subsystems, the PicketBox SecurityContext should then be available.

...
 With Elytron the legacy RunAsLoginModule no longer works
 --------------------------------------------------------

                 Key: WFLY-11892
                 URL: https://issues.jboss.org/browse/WFLY-11892
             Project: WildFly
          Issue Type: Bug
          Components: Security
            Reporter: Brian Loss
            Assignee: Ivo Studensky
            Priority: Major

 When using the legacy jaas configuration, the RunAsLoginModule no longer works. While the
module is invoked, there is no SecurityContext, so the login module cannot do any work and
the temporary identity is never pushed on to the stack.
 It seems that previously, [this
line|https://github.com/wildfly/wildfly/blob/16.0.0.Final/undertow/src/ma...]
was responsible for setting up the security context. However, that action is no longer
executed. 

--
This message was sent by Atlassian Jira
(v7.12.1#712002)

2026

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006