Uploaded image for project: 'WildFly Elytron'
  1. WildFly Elytron
  2. ELY-2306

Pre-realm principal transformer doesn't work for principal authentication

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Not a Bug
    • Icon: Major Major
    • None
    • None
    • Authentication Server
    • None
    • Hide

      I'm including a reproducible application that can be use to reproduce the issue.  There is just one EJB.  The standalone file is named standalone-full-EJB3Text.xml and is part of the zipped up project.  This was done using Wildfly 26. 

      The project: EJBTest.zip

      Show
      I'm including a reproducible application that can be use to reproduce the issue.  There is just one EJB.  The standalone file is named standalone-full-EJB3Text.xml and is part of the zipped up project.  This was done using Wildfly 26.  The project: EJBTest.zip

      I'm using a regex-principal-transformer using the default standalone-full.xml configuration provided in the standard wildfly distribution (using Wildfly 26).   The pre-realm transformer is applied to the security-domain "ApplicationDomain".  I'm expecting it to handle transforming the principal name for all usages in the security-domain for both authentication and authorization.  The pre-realm transformer doesn't work as expected, where initial contexts with a different principal is transformed to the correct principal fails the authentication step.  In looking at the stack trace output it seems the authentication is still being done using the original principal name.
      See the trace Ouput: Trace_Output.txt

        1. EJBTest.zip
          26 kB
        2. Trace_Output.txt
          15 kB
        3. Trace_Output_ASHMAN.txt
          15 kB

              Unassigned Unassigned
              michael.pritt@westringtechnologies.com michael pritt (Inactive)
              Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

                Created:
                Updated:
                Resolved: