Uploaded image for project: 'EJB Client Library (AS7+)'
  1. EJB Client Library (AS7+)
  2. EJBCLIENT-283

Legacy EJB client application is unable to authenticate against secured EJB deployment running on server on standalone-ha profile

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Done
    • Icon: Blocker Blocker
    • 3.0.2.Final
    • None
    • None
    • Hide

      1. Checkout the project at https://github.com/mjurc/mock-artifacts/tree/master/ejbclient/eap7.1-legacy-client.
      2. Add the required user as mentioned in the readme of the project and startup the server in standalone-ha profile:

      ${EAP71_HOME}/bin/add-user.sh -a -g users -u joe -p joeIsAwesome2013!
${EAP71_HOME}/bin/standalone.sh -c standalone-ha.xml

      3. Build the eap7.1-legacy-client/server deployment and deploy it.
      4. Run the eap7.1-legacy-client/client application with new EJB client. The call is successful:

      mvn exec:exec -Pejbclient4

      5. Run the client application with the EAP 7.1 legacy EJB client. The call will not be successful:

      mvn exec:exec -Pejbclient3

      6. Run the client application with the EAP 7.0 EJB client. The invokation will fail aswell:

      mvn exec:exec -Pejbclient2

      The same steps can be applied to EAP7.0 running in both profiles with legacy EJB client applications, in which case the calls will be successful. The calls will succeed with EAP7.1 running in standalone profile too with both versions of EJB client.

      Show
      1. Checkout the project at https://github.com/mjurc/mock-artifacts/tree/master/ejbclient/eap7.1-legacy-client . 2. Add the required user as mentioned in the readme of the project and startup the server in standalone-ha profile: ${EAP71_HOME}/bin/add-user.sh -a -g users -u joe -p joeIsAwesome2013! ${EAP71_HOME}/bin/standalone.sh -c standalone-ha.xml 3. Build the eap7.1-legacy-client/server deployment and deploy it. 4. Run the eap7.1-legacy-client/client application with new EJB client. The call is successful: mvn exec:exec -Pejbclient4 5. Run the client application with the EAP 7.1 legacy EJB client. The call will not be successful: mvn exec:exec -Pejbclient3 6. Run the client application with the EAP 7.0 EJB client. The invokation will fail aswell: mvn exec:exec -Pejbclient2 The same steps can be applied to EAP7.0 running in both profiles with legacy EJB client applications, in which case the calls will be successful. The calls will succeed with EAP7.1 running in standalone profile too with both versions of EJB client.
    • Migration

      EJB client application using legacy EJB libraries (namely EAP 7.0 EJB client - org.jboss.eap:wildfly-ejb-client-bom:7.0.0.GA-redhat-2 and EAP 7.1 legacy EJB client - org.jboss.eap:wildfly-ejb-client-legacy-bom:7.1.0.GA-redhat-7) attempting to invoke method of secured bean on EAP 7.1 running on standalone-ha profile is unable to authenticate and get proper authorisation. The same EJB client application will be able to authenticate properly and get proper authorisation for remote call of EJB method if the secured bean runs on EAP 7.1 running on standalone profile.

      This problem does not manifest at all for the same EJB client application if the EJB client library is org.jboss:jboss-ejb-client. The application will also be able to get properly authenticated and function with the same bean deployment on EAP 7.0. For more details, please see the reproducer application.

      I am marking this as a regression and therefore a blocker based on the fact that previously working configuration does not work with EAP 7.1.

              jgreene@redhat.com Jason Greene
              sdouglas1@redhat.com Stuart Douglas (Inactive)
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

                Created:
                Updated:
                Resolved: