Cloned from https://issues.redhat.com/browse/KEYCLOAK-19957, since this looks like a change in behavior when compared to our EAP 7 + RH-SSO (7.6) tests, i.e. a regression:

We have a WildFly instance and an RH-SSO 7.6.2.GA (based on Keycloak community version 18.0.0) instance;
RH-SSO is configured as the SAML authentication provider for a java application deployed on WildFly (complete config in standalon.xml );

After successfully authenticating through the SAML protocol, in the Java application a call to the HttpServletRequest#getUserPrincipal() API doesn't return the name of the authenticated user;
instead, {{HttpServletRequest#getUserPrincipal() }} returns some string like "G-99c5e895-b1e3-4c75-896f-a6cbcd67aab5";

Please note that the object returned by HttpServletRequest#getUserPrincipal() is actually an instance of class org.keycloak.adapters.saml.SamlPrincipal since it's provided by the underlying SAML adapter installed on WildFly;

The java application is secured using the new org.keycloak:keycloak-saml-adapter-galleon-pack feature-pack described and tested in EAP7-1999;

So, basically the same issue is popping up __ now that we have a productized Keycloak SAML Adapter Galleon pack.