Uploaded image for project: 'JBoss Enterprise Application Platform'
  1. JBoss Enterprise Application Platform
  2. JBEAP-17658

[GSS](7.2.z) WFLY-12518 - ConnectionSecurityContext.getConnectionPrincipals leads to IllegalStateException getConnectionPrincipals

XMLWordPrintable

    • +
    • Hide

      Our application use an ejb-interceptor to switch the user context of an remote invocation. The interceptor uses ConnectionSecurityContext.getConnectionPrincipals() to check the current connected user. But some server instances are configured without an SecurityRealm, to allow anonymous access. At this instances a IllegalStateException "realm is null' stops the remote call.

      Breakpoint hit: "thread=default task-12", org.jboss.as.security.api.ConnectionSecurityContext.getConnectionPrincipals(), line=75 bci=54

      default task-12[1] locals
      Method arguments:
      Local variables:
      con = instance of org.jboss.as.security.remoting.RemotingContext$RemotingRemoteConnection(id=39556)
      principals = instance of java.util.HashSet(id=39557)
      localIdentity = instance of org.wildfly.security.auth.server.SecurityIdentity(id=39558)
      principal = instance of org.wildfly.security.auth.principal.AnonymousPrincipal(id=39559)
      realm = null

      Show
      Our application use an ejb-interceptor to switch the user context of an remote invocation. The interceptor uses ConnectionSecurityContext.getConnectionPrincipals() to check the current connected user. But some server instances are configured without an SecurityRealm, to allow anonymous access. At this instances a IllegalStateException "realm is null' stops the remote call. Breakpoint hit: "thread=default task-12", org.jboss.as.security.api.ConnectionSecurityContext.getConnectionPrincipals(), line=75 bci=54 default task-12 [1] locals Method arguments: Local variables: con = instance of org.jboss.as.security.remoting.RemotingContext$RemotingRemoteConnection(id=39556) principals = instance of java.util.HashSet(id=39557) localIdentity = instance of org.wildfly.security.auth.server.SecurityIdentity(id=39558) principal = instance of org.wildfly.security.auth.principal.AnonymousPrincipal(id=39559) realm = null

      The commit https://github.com/wildfly/wildfly/commit/121c02b004adaca76e306bf3e8c16b3056bd0db1#diff-554f8ec76c02b6cbacc688356f164fe8 leads direct to an IllegalStateException during anonymous login.
      In this case is no Realm available and the constructor of new RealmUser(realm, principal.getName()) throws an IllegalStateException.

              rhn-support-ivassile Ilia Vassilev
              rhn-support-ivassile Ilia Vassilev
              Votes:
              0 Vote for this issue
              Watchers:
              6 Start watching this issue

                Created:
                Updated:
                Resolved: