[jboss-jira] [JBoss JIRA] (WFLY-11482) WildFlyInitialContextFactory EJB proxy security behavior inconsistent with different context lookups
Jeff Mesnil (Jira)
issues at jboss.org
Thu Dec 6 08:16:00 EST 2018
Jeff Mesnil created WFLY-11482:
----------------------------------
Summary: WildFlyInitialContextFactory EJB proxy security behavior inconsistent with different context lookups
Key: WFLY-11482
URL: https://issues.jboss.org/browse/WFLY-11482
Project: WildFly
Issue Type: Bug
Components: Remoting
Reporter: Lin Gao
Assignee: Bartosz Baranowski
WildFlyInitialContextFactory EJB proxy security behavior inconsistent with different context lookups
Using WildFlyInitialContextFactory and calling a remote EJB server.
Observations:
1) If the ejb lookup is "reproducer/TestSLSB!test.Test" (basically like a RemoteNaming lookup), the ejb is invoked successfully, but the caller is seen as anonymous instead of the ejbuser which is specified in the Context properties.
Using the ejb-client type lookup: ejb:/reproducer/TestSLSB!test.Test , then it shows up as ejbuser as expected
2) if a client creates 2 InitialContexts and uses the lookup reproducer/TestSLSB!test.Test" on ctx1 , then uses the lookup "ejb:/reproducer/TestSLSB!test.Test " on ctx2 in that order, then they both show anonymous (as if it uses only the context that was created first).
If you switch the order, and use ejb:/reproducer/TestSLSB!test.Test first, then they both show ejbuser
--
This message was sent by Atlassian Jira
(v7.12.1#712002)
More information about the jboss-jira
mailing list