[
https://issues.jboss.org/browse/AS7-6734?page=com.atlassian.jira.plugin.s...
]
Derek Horton moved EJBTHREE-2297 to AS7-6734:
---------------------------------------------
Project: Application Server 7 (was: EJB 3.0)
Key: AS7-6734 (was: EJBTHREE-2297)
Workflow: GIT Pull Request workflow (was: jira)
Component/s: EJB
(was: ejb3)
@RunAs/@RunAsPrincipal are ignored for @Startup/@Singleton bean
---------------------------------------------------------------
Key: AS7-6734
URL:
https://issues.jboss.org/browse/AS7-6734
Project: Application Server 7
Issue Type: Bug
Components: EJB
Reporter: Derek Horton
The @RunAs/@RunAsPrincipal annotations get ignored when used on a singleton
bean that is annotated with @Startup. This means the the singleton bean
is not able to call protected EJBs.
If the protected EJB is annotated with @PermitAll, then the
singleton is able to invoke the method because the
AuthorizationInterceptor create an "anonymous" user that is treated as
authenticated. However, the @RunAsPrincipal is ignored as the
getCallerPrincipal() returns anonymous instead of the @RunAsPrincipal.
I dug around in the code and it looks like the @RunAs/@RunAsPrincipal
annotations are getting handled correctly during deployment:
Step completed: "thread=MSC service thread 1-3",
org.jboss.as.ejb3.deployment.processors.merging.RunAsMergingProcessor.handleDeploymentDescriptor(),
line=126 bci=249
MSC service thread 1-3[1] print componentConfiguration.getRunAs()
componentConfiguration.getRunAs() = "JBossAdmin"
MSC service thread 1-3[1] print componentConfiguration.getRunAsPrincipal()
componentConfiguration.getRunAsPrincipal() = "fred"
However, by the time the SecurityContextInterceptor is called, the
runAs/runAsPrincipal settings are null.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see:
http://www.atlassian.com/software/jira