[jboss-jira] [JBoss JIRA] (WFLY-8414) EJBContext.getCallerPrincipal behaves differently in Elytron and legacy security
Darran Lofthouse (JIRA)
issues at jboss.org
Fri Apr 28 11:21:01 EDT 2017
[ https://issues.jboss.org/browse/WFLY-8414?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Darran Lofthouse updated WFLY-8414:
-----------------------------------
Fix Version/s: 11.0.0.Beta1
> EJBContext.getCallerPrincipal behaves differently in Elytron and legacy security
> --------------------------------------------------------------------------------
>
> Key: WFLY-8414
> URL: https://issues.jboss.org/browse/WFLY-8414
> Project: WildFly
> Issue Type: Bug
> Components: EJB, Security
> Reporter: Josef Cacek
> Assignee: Farah Juma
> Fix For: 11.0.0.Beta1
>
>
> The {{EJBContext.getCallerPrincipal()}} used in unsecured EJB method returns "anonymous" (i.e. unauthenticatedIdentity) in legacy security and it returns authenticated user-name when the default security domain ("other") is mapped to Elytron.
> This could complicate users migration from legacy security to Elytron.
> I'm not sure if this behavior was intended or if it's just a problem of how the Elytron default domain mapping works in ejb3 subsystem.
> If the current {{getCallerPrincipal}} behavior is correct, then we should either reuse this JIRA for Documentation changes (especially Migration guide) or close this and create a new Documentation one.
--
This message was sent by Atlassian JIRA
(v7.2.3#72005)
More information about the jboss-jira
mailing list