[jboss-jira] [JBoss JIRA] (WFLY-6237) JASPI: Principal does not get registered with the session when request is forwarded/dispatched
Darran Lofthouse (Jira)
issues at jboss.org
Tue Dec 18 08:41:07 EST 2018
[ https://issues.jboss.org/browse/WFLY-6237?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Darran Lofthouse resolved WFLY-6237.
------------------------------------
Assignee: Darran Lofthouse
Resolution: Won't Fix
Marking as 'Won't Fix' as this is in relation to PicketBox which is deprecated.
> JASPI: Principal does not get registered with the session when request is forwarded/dispatched
> ----------------------------------------------------------------------------------------------
>
> Key: WFLY-6237
> URL: https://issues.jboss.org/browse/WFLY-6237
> Project: WildFly
> Issue Type: Bug
> Components: Security
> Affects Versions: 10.0.0.Final
> Environment: Java 8u74, OS X 10.11
> Reporter: Alexander Sparkowsky
> Assignee: Darran Lofthouse
> Priority: Major
>
> Up to WildFly 9 I had a working JASPI SAM that would register a successful authentication by using {{messageInfo.getMap().put("javax.servlet.http.registerSession", TRUE.toString());}} and then forward the request using {{request.getRequestDispatcher(target).forward(request, response);}}.
> The Module stopped working in WildFly 10. The request is forwarded but the authenticated principal is not registered with the session or to be more precise a new session seems to be generated during the dispatch. As a matter of facts the dispatched request will be rejected as unauthorized.
> I'm providing a sample project to reproduce the problem (see below)
--
This message was sent by Atlassian Jira
(v7.12.1#712002)
More information about the jboss-jira
mailing list