Uploaded image for project: 'PicketLink'
  1. PicketLink
  2. PLINK-757

SPFormAuthenticationMechanism SAML principal is available only in web module, but not in ejb


    • Icon: Bug Bug
    • Resolution: Duplicate
    • Icon: Major Major
    • None
    • PLINK_2.7.1.Final
    • None
    • None

      When I use SPServletExtension, the principal is only available in the web module and when I inject and call ejb method from ejb module, ejbContext.getCallerPrincipal() returns anonymous. I have an ear which consists of ejb and web module. To reproduce the problem you should have ear package with ejb module, try to inject the ejb in web module and call ejbContext.getCallerPrincipal(). It will return anonymous.
      SPServletExtension is used for adding SPFormAuthenticationMechanism. It extends ServletFormAuthenticationMechanism which used for standard FORM authentication. In my project, standard FORM authentication works perfectly, so I tried to find differences between these mechanisms and i found difference in method register. In standard FORM mechanism is used:

      securityContext.authenticationComplete(account, "FORM", true);

      and SPFormAuthenticationMechanism uses

      securityContext.authenticationComplete(account, "FORM", false);

      I created my custom authentication mechanism which extends the SPFormAuthenticationMechanism and overrides the method register with the cachingRequired parameter true and now I can see the caller principal in my EJB module.

      This bug is related to link https://issues.jboss.org/browse/PLINK-719.

            psilva@redhat.com Pedro Igor Craveiro
            rhn-support-dehort Derek Horton
            0 Vote for this issue
            1 Start watching this issue