Authentication is not propagated to EJB in the login request ------------------------------------------------------------ Key: WFLY-4385 URL: https://issues.jboss.org/browse/WFLY-4385 Project: WildFly Issue Type: Bug Components: EJB Affects Versions: 8.2.0.Final Environment: MAC OSX YOSEMITE JAVA ORACLE 1.8 WILDFLY 8.2.0.FINAL STANDALONE Reporter: Paulo Cesar Silva Reis Assignee: Darran Lofthouse Labels: authentication, ejb, http, login, roles, web Attachments: wildfly-4385.zip I'm migrating from glassfish to wildfly and noticed few weird things. When you perform login through web container (request.login(user, pwd)), the principal is not propagated to EJB Container, only for web container. To test that, this is what I did: . BASIC AUTH . EJB receives HttpServletRequest with user data and perform login . Print request.getUserPrincipal() => ok, logged in . Print EJBContext.getCallerPrincipal() => anonymous This happens in the same request that user logged in. In the subsequent requests (using Set-Cookie response and cookie with JSESSIONID in request), the EJB is aware of the authentication. Is that the right behavior? 'Cause in glassfish is different, the principal is propagated immediately to EJB. Thanks in advance.