[jboss-jira] [JBoss JIRA] (WFLY-12537) Incoming RunAsPrincipal is not being propagated to an unsecured EJB
Brian Stansberry (Jira)
issues at jboss.org
Thu Jun 4 21:46:06 EDT 2020
[ https://issues.redhat.com/browse/WFLY-12537?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Brian Stansberry updated WFLY-12537:
------------------------------------
Fix Version/s: 21.0.0.Beta1
(was: 20.0.0.Final)
> Incoming RunAsPrincipal is not being propagated to an unsecured EJB
> -------------------------------------------------------------------
>
> Key: WFLY-12537
> URL: https://issues.redhat.com/browse/WFLY-12537
> Project: WildFly
> Issue Type: Bug
> Components: Security
> Reporter: Diana Vilkolakova
> Assignee: Diana Vilkolakova
> Priority: Major
> Fix For: 21.0.0.Beta1
>
>
> This is a follow-up on WFLY-11604. When Elytron is activated, run-as-principal identity is not being propagated the same way it was for legacy. For JBEAP-9744, we updated EJBContext.getCallerPrincipal() so that when called from an unsecured bean with no incoming runas identity, an `anonymous` principal will be returned. The issue WFLY-11604 discovered that EJBContext.getCallerPrincipal is returning 'anonymous' when called on an unsecured EJB even when incoming RunAsPrincipal identity should have been propagated. This issue is to see whether this can be fixed without breaking the fix for JBEAP-9744.
--
This message was sent by Atlassian Jira
(v7.13.8#713008)
More information about the jboss-jira
mailing list