]
Farah Juma moved JBEAP-10636 to WFLY-8674:
------------------------------------------
Project: WildFly (was: JBoss Enterprise Application Platform)
Key: WFLY-8674 (was: JBEAP-10636)
Workflow: GIT Pull Request workflow (was: CDW with loose statuses v1)
Component/s: EJB
Security
(was: EJB)
(was: Security)
Affects Version/s: (was: 7.1.0.DR12)
(was: 7.1.0.DR13)
(was: 7.1.0.DR14)
(was: 7.1.0.DR16)
(was: 7.1.0.DR15)
(was: 7.1.0.DR17)
Principal from @RunAsPrincipal bean annotation does not get
authorised with role from @RunAs bean annotation unless the user exists in backing
security realm
-------------------------------------------------------------------------------------------------------------------------------------------------------------
Key: WFLY-8674
URL:
https://issues.jboss.org/browse/WFLY-8674
Project: WildFly
Issue Type: Bug
Components: EJB, Security
Reporter: Farah Juma
Assignee: Farah Juma
Priority: Blocker
Labels: KK-DR18, eap7.1-rfe-blocker, eap71_beta_candidate
If a bean is annotated with both {{@RunAs}} and {{@RunAsPrincipal}} annotations, the
principal will not get authorised unless the user with such principal exists in security
realm that the bean is backed by.
This was not the case with PicketBox. Since the existing EJB-Elytron integration analyses
and documentation does not mention such a modification and the change makes an AS TS test
case fail, this is an unexpected change of behavior.
Reproducer and sources attached.