[jboss-jira] [JBoss JIRA] (ELY-1822) security domain with multiple realms

[Christopher Willems (Jira)]

Christopher Willems created ELY-1822:
----------------------------------------

             Summary: security domain with multiple realms 
                 Key: ELY-1822
                 URL: https://issues.jboss.org/browse/ELY-1822
             Project: WildFly Elytron
          Issue Type: Bug
          Components: Authentication Server
    Affects Versions: 1.8.0.Final
         Environment: windows mssql 
            Reporter: Christopher Willems
         Attachments: jboss-ejb3.xml, jboss-web.xml, standalone.xml

we have an ear file with 2 war files and one ejb jar . Purpose of the war files is to allow for different authentication mechanisms, one for jwt (BEARER_TOKEN) the other one jdbc (BASIC) .
After the authentication we have a call to the ejb layer which we expect to have the principal of the authentication.

Everything works fine for one realm, the default realm. The other realm will return unauthorized . With no default nothing works. The relevant information from the standalone xml is pasted below and others are attached.  

   <subsystem xmlns="urn:jboss:domain:ejb3:5.0">
            <default-security-domain value="other"/>
            <application-security-domains>
                <application-security-domain name="war-domain" security-domain="war-domain"/>
            </application-security-domains>
            <default-missing-method-permissions-deny-access value="false"/>
            <log-system-exceptions value="true"/>
        </subsystem>
        <subsystem xmlns="urn:wildfly:elytron:6.0" 

      <security-domain name="war-domain" default-realm="jdbc-realm" permission-mapper="default-permission-mapper" outflow-security-domains="ApplicationDomain">
                    <realm name="jdbc-realm"/>
                    <realm name="jwt-realm"/>
                </security-domain>
    



--
This message was sent by Atlassian Jira
(v7.12.1#712002)