FYI I am just in the process of planning the WildFly Elytron / JASPIC
implementation, this doc is far from complete but I am currently assembling
my thoughts and plans here: -
Most importantly this will also be a move to support true config provider
matching without requiring a deployment to be artificially associated to a
security domain just to switch on JASPIC support.
Regards,
Darran Lofthouse.
On Tue, 31 Oct 2017 at 23:12 arjan tijms <arjan.tijms(a)gmail.com> wrote:
Hi,
On Tue, Oct 31, 2017 at 3:04 PM, Nick Stuart <nick(a)portlandwebworks.com>
wrote:
> Hello all, having an issue with a
> custom io.undertow.security.api.AuthenticationMechanism implementation and
> EJB security on WildFly 8.2 and hoping someone can think of a work around.
>
> Basic problem, user is authenticated via the AuthenticationMechanism, and
> the web context sees the user just fine and their roles, but when we get to
> the EJB calls the user is seen as 'anonymous'. The mechanism calls:
>
> sc.authenticationComplete(ac, mechanismName, true);
> and returns:
> AuthenticationMechanismOutcome.AUTHENTICATED;
>
This looks quite similar to a number of different fixes that were being
done for WildFly when the caller authenticates via JASPIC. See some of the
links here:
https://jaspic.zeef.com/arjan.tijms#block_63051_implementations-issue-tra...
You could try authenticating via JASPIC instead of AuthenticationMechanism
to see if that makes a difference. JASPIC should really work, as I have
been specifically testing WildFly for that. See
http://arjan-tijms.omnifaces.org/2016/12/the-state-of-portable-authentica...
Any ideas would be greatly appreciated. Upgrading is going to be
> considered a worst case scenario right now, and would like avoid it right
> now if at all possible.
>
Just curious, but why would you want to avoid that? WildFly 8 corresponds
to a very early version of JBoss EAP 7, while WildFly 10 is very close to
the final release.
Kind regards,
Arjan Tijms
>
>
> Thanks for the help!
> -Nick
>
> _______________________________________________
> undertow-dev mailing list
> undertow-dev(a)lists.jboss.org
>
https://lists.jboss.org/mailman/listinfo/undertow-dev
>
_______________________________________________
undertow-dev mailing list
undertow-dev(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/undertow-dev