[jboss-jira] [JBoss JIRA] (WFLY-11892) With Elytron the legacy RunAsLoginModule no longer works
Darran Lofthouse (Jira)
issues at jboss.org
Fri Apr 5 10:40:06 EDT 2019
[ https://issues.jboss.org/browse/WFLY-11892?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13718643#comment-13718643 ]
Darran Lofthouse commented on WFLY-11892:
-----------------------------------------
The referenced ejb-security-jaas-quickstart is making use of a WildFly Elytron SecurityDomain and SecurityContext to legacy PicketBox security services are no longer available within that deployment.
To continue to make use of legacy approaches such as the RunAs LoginModule the application should be deployed to use PicketBox exclusively, i.e. there should be no application-security-domain mapping for that deployment in either the ejb or undertow subsystems, the PicketBox SecurityContext should then be available.
> With Elytron the legacy RunAsLoginModule no longer works
> --------------------------------------------------------
>
> Key: WFLY-11892
> URL: https://issues.jboss.org/browse/WFLY-11892
> Project: WildFly
> Issue Type: Bug
> Components: Security
> Reporter: Brian Loss
> Assignee: Ivo Studensky
> Priority: Major
>
> When using the legacy jaas configuration, the RunAsLoginModule no longer works. While the module is invoked, there is no SecurityContext, so the login module cannot do any work and the temporary identity is never pushed on to the stack.
> It seems that previously, [this line|https://github.com/wildfly/wildfly/blob/16.0.0.Final/undertow/src/main/java/org/wildfly/extension/undertow/deployment/UndertowDeploymentInfoService.java#L975] was responsible for setting up the security context. However, that action is no longer executed.
--
This message was sent by Atlassian Jira
(v7.12.1#712002)
More information about the jboss-jira
mailing list