Details
-
Bug
-
Resolution: Done
-
Major
-
8.0.0.Beta
-
None
-
False
-
None
-
False
Description
In EAP 8 Beta there are two failures related to application security context handling the standalone Jakarta Security 3.0 TCK. The following TCK tests fail:
- https://github.com/jakartaee/security/blob/master/tck/app-securitycontext/src/test/java/ee/jakarta/tck/security/test/AppSecurityContextIT.java#L73
- Calling SecurityContext#hasAccessToWebResource without specifying the HTTP method to test doesn't work. The HTTP method needs to be specified explicitly for now.
- https://github.com/jakartaee/security/blob/master/tck/app-securitycontext-customprincipal/src/test/java/ee/jakarta/tck/security/test/AppSecurityContextCallerPrincipalIT.java#L48
- When using a custom principal, SecurityContext#getCallerPrincipal returns null.
The underlying issue for all the failures above is that the changes for WFLY-16858 were not ported to the EAP 8 Beta branch. This is not an issue upstream, so this will be resolved when the branch for EAP 8 GA is created.
Attachments
Issue Links
- clones
-
JBEAP-24239 Jakarta Security's EE 10 OpenID Connect features do not work properly
- Closed