-
Bug
-
Resolution: Unresolved
-
Major
-
None
-
None
-
None
-
None
-
-
Workaround Exists
-
I set up an application to reproduce following our documentation First I tried with IDP only and got success, then I tried with SP and it failed. This is an application that has a form to authenticate and a restful endpoint that invokes a local EJB method that can only be executed by a specific role.
What happens is that I'm able to authenticate but even though my user contains the role, I receive this error when the EJB is invoked:
"2019-05-17 13:37:35,618 ERROR [org.jboss.as.ejb3.invocation] (default task-2) WFLYEJB0034: EJB Invocation failed on component SecuredStatelessBean for method public void testapp.ejb.SecuredStatelessBean.testMethod(): javax.ejb.EJBAccessException: WFLYEJB0364: Invocation on method: public void testapp.ejb.SecuredStatelessBean.testMethod() of bean: SecuredStatelessBean is not allowed"
If I use @PermitAll and read the context in EJB side, there is no evidence of the role, but the user is retrieved correctly.
Attached the applications and its source code.
- is cloned by
-
JBEAP-16924 [GSS](7.2.z) PLINK-793 [picketlink part]- EJB Security Context Propagation in Service Provider
- Closed
- is incorporated by
-
WFLY-12111 Upgrade picketlink to 2.5.5.SP13
- Closed
- is related to
-
WFLY-12125 Integration test for PLINK-793
- Closed