Uploaded image for project: 'WildFly Elytron'
  1. WildFly Elytron
  2. ELY-407

Add the ability for SecurityIdentity.getRoles() to fall back to the default if the given category is undefined

    XMLWordPrintable

Details

    • Enhancement
    • Resolution: Done
    • Major
    • 1.1.0.Beta4
    • None
    • API / SPI
    • None

    Description

      As an example, consider the following scenario:

      I have a simple secured servlet that invokes an EJB method that's secured, where both the servlet and the EJB are using the default Elytron security domain that's defined for applications (i.e., "ApplicationDomain"). There's a user defined in the "ApplicationRealm" that has the role that's required to access the servlet and the EJB method. Undertow uses securityIdentity.getRoles() to check if a user is authorized, so the user is able to access the servlet. However, the EJB subsystem uses securityIdentity.getRoles("ejb") to check if a user is authorized and since no "ejb" category is defined, an EJBAccessException would occur when attempting to invoke the EJB method.

      Attachments

        Activity

          People

            fjuma1@redhat.com Farah Juma
            fjuma1@redhat.com Farah Juma
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: