Jan Kalina created WFLY-9039: -------------------------------- Summary: EJB with Elytron propagate identity even when it should not Key: WFLY-9039 URL: https://issues.jboss.org/browse/WFLY-9039 Project: WildFly Issue Type: Bug Components: Security Affects Versions: 11.0.0.Alpha1 Reporter: Jan Kalina Assignee: Jan Kalina Priority: Blocker In *testSingletonPostconstructSecurityNotPropagating*, when Elytron enabled, identity (including Admin role) is propagated into *StatelessBBean*: {code} StatelessSingletonUseBean SimpleSingletonBean | check Admin in [Admin] (has required role) StatelessBBean {code} In non-Elytron case the check is unsuccessful, as test require, because identity is not propagated: {code} StatelessSingletonUseBean SimpleSingletonBean | authorize EXCEPTION methodRoles = Admin securityContext.subjectInfo = anonymouse {code} -- This message was sent by Atlassian JIRA (v7.2.3#72005)