]
Darran Lofthouse updated ELY-1440:
----------------------------------
Fix Version/s: 1.12.0.CR2
(was: 1.12.0.CR1)
FlexibleIdentityAssociation should runAs the known SecurityIdentity
before associating itself.
----------------------------------------------------------------------------------------------
Key: ELY-1440
URL:
https://issues.redhat.com/browse/ELY-1440
Project: WildFly Elytron
Issue Type: Enhancement
Components: API / SPI
Reporter: Darran Lofthouse
Priority: Major
Fix For: 1.12.0.CR2
This API was introduced to cover the case where authentication happens late in a request,
generally that is quite a rare event.
Even though the API may be popular it would likely happen once for a session and all
future requests for that session the identity would be known in advance.
At the moment by not running as the existing identity we are loosing all automatic
identity outflow opportunities as calls pass from the servlet container to the EJB
container.