[jboss-jira] [JBoss JIRA] (WFLY-5015) RunAs in servlet doesn't work
Josef Cacek (JIRA)
issues at jboss.org
Mon Aug 24 03:41:26 EDT 2015
[ https://issues.jboss.org/browse/WFLY-5015?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13100897#comment-13100897 ]
Josef Cacek commented on WFLY-5015:
-----------------------------------
The scenario in {{WebSecurityRunAsTestCase}} seems to be invalid (or at least insufficient).
It doesn't check the {{@RunAs}} role in the EJB. The {{CurrentUserEjb}} class is annotated with {{@PermitAll}}.
Check the reproducer in JBEAP-512. It works in EAP 6.4, but it doesn't work in current WildFly version.
> RunAs in servlet doesn't work
> -----------------------------
>
> Key: WFLY-5015
> URL: https://issues.jboss.org/browse/WFLY-5015
> Project: WildFly
> Issue Type: Bug
> Components: EJB, Security, Web (Undertow)
> Affects Versions: 10.0.0.Alpha6
> Reporter: Josef Cacek
> Assignee: Stuart Douglas
> Priority: Critical
>
> RunAs for servlets doesn't work in Undertow.
> I have unprotected {{@RunAs}}-annotated servlet which calls protected EJB method. The call should succeed, but it throws {{javax.ejb.EJBAccessException}}.
--
This message was sent by Atlassian JIRA
(v6.3.15#6346)
More information about the jboss-jira
mailing list