Is it possible to identify the revelevent DeploymentUnitProcessors in this process along with their phase and priority so we can check the ordering.

What may be more appropriate is for the Undertow DUP to attach something which identifies the SecurityDomain instead of the web services DUP relying on internal API / repeating the same checks already performed within Undertow.

In the future we will be removing all of the application security domain resources so coordinating using attachments will hopefully also future proof any fix.

Regards,

Darran Lofthouse.

On Thu, Mar 12, 2020 at 11:45 AM Jim Ma <ema@redhat.com> wrote:

There is ws deployment failure issue[1] which is caused by Webservice subsystem doesn't correctly get mapped elytron security domain from web deployment's default "other"
application security domain. I tried to fix this by reading Elytron security domain from Undertow started services, but it looks now ApplicationSecurityDomainService is private static and it doesn't provide a getter which allows to get Elytron security domain. Webservice subsystem requires an Undertow service like ApplicationSecurityDomainService[2] started by EJB subsystem to read the Elytron security domain. Is it doable to change Undertow's ApplicationSecurityDomainService to provide mapped security domain ? Or any better approach to get the mapped Elytron domain ?

[1]https://issues.redhat.com/browse/WFLY-12765
[2] https://github.com/wildfly/wildfly/blob/master/ejb3/src/main/java/org/jboss/as/ejb3/subsystem/ApplicationSecurityDomainService.java

Cheers,
Jim

_______________________________________________
wildfly-dev mailing list
wildfly-dev@lists.jboss.org
https://lists.jboss.org/mailman/listinfo/wildfly-dev