Uploaded image for project: 'JBoss Enterprise Application Platform'
  1. JBoss Enterprise Application Platform
  2. JBEAP-15394

[GSS](7.2.z) WildFlyInitialContextFactory EJB proxy security behavior inconsistent with different context lookups

XMLWordPrintable

      WildFlyInitialContextFactory EJB proxy security behavior inconsistent with different context lookups

      Using WildFlyInitialContextFactory and calling a remote EJB server.

      Observations:

      1) If the ejb lookup is "reproducer/TestSLSB!test.Test" (basically like a RemoteNaming lookup), the ejb is invoked successfully, but the caller is seen as anonymous instead of the ejbuser which is specified in the Context properties.

      Using the ejb-client type lookup: ejb:/reproducer/TestSLSB!test.Test , then it shows up as ejbuser as expected

      2) if a client creates 2 InitialContexts and uses the lookup reproducer/TestSLSB!test.Test" on ctx1 , then uses the lookup "ejb:/reproducer/TestSLSB!test.Test " on ctx2 in that order, then they both show anonymous (as if it uses only the context that was created first).

      If you switch the order, and use ejb:/reproducer/TestSLSB!test.Test first, then they both show ejbuser

        1. reproducer.jar
          6 kB

              rhn-cservice-bbaranow Bartosz Baranowski
              rhn-engineering-lgao Lin Gao
              Votes:
              0 Vote for this issue
              Watchers:
              5 Start watching this issue

                Created:
                Updated:
                Resolved:

                  Estimated:
                  Original Estimate - 3 days
                  3d
                  Remaining:
                  Remaining Estimate - 3 days
                  3d
                  Logged:
                  Time Spent - Not Specified
                  Not Specified