[jboss-jira] [JBoss JIRA] (WFLY-10480) ElytronSecurityDomainContextImpl does not propagate authenticated subject
James Perkins (JIRA)
issues at jboss.org
Mon Jun 18 17:16:00 EDT 2018
[ https://issues.jboss.org/browse/WFLY-10480?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
James Perkins updated WFLY-10480:
---------------------------------
Description:
We have a usecase scenario which requires ElytronSecurityDomainContextImpl to propagate the authenticated subject from webservice subsystem to
ejb subystem. With old security domain , we used to rely on the following integration code in the SecurityDomainContextImpl:
{code}
@Override
public void pushSubjectContext(final Subject subject, final Principal principal, final Object credential) {
AccessController.doPrivileged(new PrivilegedAction<Void>() {
public Void run() {
SecurityContext securityContext = SecurityContextAssociation.getSecurityContext();
if (securityContext == null) {
securityContext = createSecurityContext(getSecurityDomain());
setSecurityContextOnAssociation(securityContext);
}
securityContext.getUtil().createSubjectInfo(principal, credential, subject);
return null;
}
});
}
{code}
When an Elytron security domain is configured for the ws application, the functionality is not working as the corresponding method in ElytronSecurityDomainContextImpl is empty.
was:
We have a usecase scenario which requires ElytronSecurityDomainContextImpl to propagate the authenticated subject from webservice subsystem to
ejb subystem. With old security domain , we used to rely on the following integration code in the SecurityDomainContextImpl:
@Override
public void pushSubjectContext(final Subject subject, final Principal principal, final Object credential) {
AccessController.doPrivileged(new PrivilegedAction<Void>() {
public Void run() {
SecurityContext securityContext = SecurityContextAssociation.getSecurityContext();
if (securityContext == null) {
securityContext = createSecurityContext(getSecurityDomain());
setSecurityContextOnAssociation(securityContext);
}
securityContext.getUtil().createSubjectInfo(principal, credential, subject);
return null;
}
});
}
When an Elytron security domain is configured for the ws application, the functionality is not working as the corresponding method in ElytronSecurityDomainContextImpl is empty.
> ElytronSecurityDomainContextImpl does not propagate authenticated subject
> -------------------------------------------------------------------------
>
> Key: WFLY-10480
> URL: https://issues.jboss.org/browse/WFLY-10480
> Project: WildFly
> Issue Type: Bug
> Components: Security, Web Services
> Reporter: Alessio Soldano
> Assignee: Jim Ma
> Priority: Critical
> Fix For: 14.0.0.CR1
>
>
> We have a usecase scenario which requires ElytronSecurityDomainContextImpl to propagate the authenticated subject from webservice subsystem to
> ejb subystem. With old security domain , we used to rely on the following integration code in the SecurityDomainContextImpl:
> {code}
> @Override
> public void pushSubjectContext(final Subject subject, final Principal principal, final Object credential) {
> AccessController.doPrivileged(new PrivilegedAction<Void>() {
> public Void run() {
> SecurityContext securityContext = SecurityContextAssociation.getSecurityContext();
> if (securityContext == null) {
> securityContext = createSecurityContext(getSecurityDomain());
> setSecurityContextOnAssociation(securityContext);
> }
> securityContext.getUtil().createSubjectInfo(principal, credential, subject);
> return null;
> }
> });
> }
> {code}
> When an Elytron security domain is configured for the ws application, the functionality is not working as the corresponding method in ElytronSecurityDomainContextImpl is empty.
--
This message was sent by Atlassian JIRA
(v7.5.0#75005)
More information about the jboss-jira
mailing list