[jboss-jira] [JBoss JIRA] (WFLY-4385) Authentication is not propagated to EJB in the login request
Darran Lofthouse (JIRA)
issues at jboss.org
Wed Feb 25 07:40:49 EST 2015
[ https://issues.jboss.org/browse/WFLY-4385?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13043538#comment-13043538 ]
Darran Lofthouse commented on WFLY-4385:
----------------------------------------
Any chance of attaching a reproducer here? The behaviour sounds wrong but at this point it could also be a problem in your own deployment.
> Authentication is not propagated to EJB in the login request
> ------------------------------------------------------------
>
> Key: WFLY-4385
> URL: https://issues.jboss.org/browse/WFLY-4385
> Project: WildFly
> Issue Type: Bug
> Components: EJB
> Affects Versions: 8.2.0.Final
> Environment: MAC OSX YOSEMITE
> JAVA ORACLE 1.8
> WILDFLY 8.2.0.FINAL STANDALONE
> Reporter: Paulo Cesar Silva Reis
> Assignee: Darran Lofthouse
> Labels: authentication, ejb, http, login, roles, web
>
> I'm migrating from glassfish to wildfly and noticed few weird things.
> When you perform login through web container (request.login(user, pwd)), the principal is not propagated to EJB Container, only for web container.
> To test that, this is what I did:
> . BASIC AUTH
> . EJB receives HttpServletRequest with user data and perform login
> . Print request.getUserPrincipal() => ok, logged in
> . Print EJBContext.getCallerPrincipal() => anonymous
> This happens in the same request that user logged in. In the subsequent requests (using Set-Cookie response and cookie with JSESSIONID in request), the EJB is aware of the authentication.
> Is that the right behavior? 'Cause in glassfish is different, the principal is propagated immediately to EJB.
> Thanks in advance.
--
This message was sent by Atlassian JIRA
(v6.3.11#6341)
More information about the jboss-jira
mailing list