[keycloak-user] @SecurityDomain("keycloak") in EJB
Ryan Slominski
ryans at jlab.org
Wed Aug 22 12:26:43 EDT 2018
Using the Wildfly adapter I've noticed that the security context is propagated to EJBs without the SecurityDomain annotation in some cases, but not others. Does anyone know in what case it is needed? My only clue so far is Windows vs Linux, as I thought I configured both test boxes identically, but maybe I missed something. My application currently does not use the annotation and on my Windows test box authentication is propagated fine. However, on my Linux test box with the same war file I see unauthorized exception in the EJB layer even though the servlet reports I'm authenticated with proper roles. Does it have to do with Wildfly client adapter online vs offline install or adapter vs adapter-elytron install?
If I end up having to import the org.jboss.ejb3.annotation.SecurityDomain that would break platform independence, which container managed security is supposed to support.
More information about the keycloak-user
mailing list