[JBoss JIRA] (WFLY-9240) WeldSecurityServices not able to obtain the current SecurityDomain anymore

Wednesday, 30 August 2017

     [
https://issues.jboss.org/browse/WFLY-9240?page=com.atlassian.jira.plugin....
]

Martin Kouba updated WFLY-9240:
-------------------------------
    Steps to Reproduce: 
# clone Weld WildFly fork and build the project
# clone Weld repo, build the project and run
{{org.jboss.weld.tests.event.async.context.security.SecurityContextPropagationTest}}

{noformat}
$ git clone -b 11.0.0.Beta1-weld3 git@github.com:weld/wildfly.git
$ cd wildfly
$ mvn clean install -DskipTests
$ cd ../
$ git clone git@github.com:weld/core.git
$ cd core
$ mvn clean install -DskipTests
$ export JBOSS_HOME=WFLYREPO/dist/target/wildfly-11.0.0.Beta1
$ mvn clean test -Dincontainer -Dtest=SecurityContextPropagationTest -f
tests-arquillian/pom.xml
{noformat}

  was:
* clone Weld WildFly fork ({{git clone -b 11.0.0.Beta1-weld3
git@github.com:weld/wildfly.git}}) and build the project ({{mvn clean install
-DskipTests}}) 
* clone Weld repo ({{git clone git@github.com:weld/core.git}}) and run
{{org.jboss.weld.tests.event.async.context.security.SecurityContextPropagationTest}}:
## {{export JBOSS_HOME=WFLYREPO/dist/target/wildfly-11.0.0.Beta1}}
## {{mvn clean test -Dincontainer -Dtest=SecurityContextPropagationTest -f
tests-arquillian/pom.xml}} 

...
 WeldSecurityServices not able to obtain the current SecurityDomain
anymore
 --------------------------------------------------------------------------

                 Key: WFLY-9240
                 URL: https://issues.jboss.org/browse/WFLY-9240
             Project: WildFly
          Issue Type: Bug
          Components: CDI / Weld, Security
    Affects Versions: 11.0.0.Beta1, 11.0.0.CR1
            Reporter: Martin Kouba
            Assignee: Darran Lofthouse
            Priority: Critical

 The integration code used by Weld 3 to propagate the security context of the current
thread to different threads (needed for async events CDI 2.0 feature) is not able to
obtain the current {{org.wildfly.security.auth.server.SecurityDomain}} anymore. 
 The invocation of
[SecurityDomain.getCurrent()|https://github.com/weld/wildfly/blob/11.0.0.B...]
returns {{null}}. 
 Note that this worked on WildFly 11.0.0.Alpha1.
 It's also possible that the test (see also steps to reproduce) is wrong. A
review/help from a security expert would be appreciated.  

--
This message was sent by Atlassian JIRA
(v7.2.3#72005)

2026

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006