Uploaded image for project: 'WildFly Core'
  1. WildFly Core
  2. WFCORE-6291

PolicyContext.getContext("jakarta.servlet.http.HttpServletRequest") throws java.lang.IllegalArgumentException: unknown handler key

    XMLWordPrintable

Details

    Description

      quote from Jakarta Authorization spec 2.1:

      4.6.1.3. HttpServletRequest Policy Context Handler

      All Jakarta Servlet containers must register a PolicyContextHandler whose getContext method returns a jakarta.servlet.http.HttpServletRequest object when invoked with the key “jakarta.servlet.http.HttpServletRequest”. When this handler is activated, the container must return the HttpServletRequest object corresponding to the component request being processed by the container.

       

      This is working fine in WildFly 26 

      PolicyContext.getContext("javax.servlet.http.HttpServletRequest")

       

      but not in WildFly 27 (I updated the above string to look-up for jakarta, instead of javax).

       

      Found this commit, which removes the PolicyContextHandler registration from UndertowService.start(final StartContext context). I don't know if the removal of the PolicyContextHandler was intentional or not. If it was intentional, I suppose there are some mechanisms to activate the handler for HttpServletRequest, but I only found this documentation, that indeed activates some handlers (javax.security.auth.Subject.container & org.wildfly.security.auth.server.SecurityIdentity), but no HttpServletRequest.

       

      Attached you can find a simple maven project I used to reproduce the issue.

      For WildFly 26, build with "mvn -P wildfly-26"

      For WildFly 27, build with "mvn -P wildfly-27" (you also need to uncomment the WildFly 27 jakarta imports from HelloServler.java)

       

      For convenience, I also attached the WARs for WildFly 26 & 27.

      Attachments

        Issue Links

          depends on

          Bug - A problem that impairs or prevents the functions of the product. ELYEE-31 Add a Jakarta Authorization PolicyContext to obtain the HttpServletRequest

          • Major - To be worked after higher priority work items are addressed. When the severity is high and the effort to change it is low to moderate, this term is chosen. Issues in this category likely have an existing workaround but implementation or execution may be non-trivial.
          • Resolved

          Enhancement - An enhancement to or refactoring of existing functionality that is not configurable by an end user (typically a change made by an internal team that affects users) ELYWEB-205 Add integration to make current HttpServletRequest discoverable

          • Major - To be worked after higher priority work items are addressed. When the severity is high and the effort to change it is low to moderate, this term is chosen. Issues in this category likely have an existing workaround but implementation or execution may be non-trivial.
          • Resolved
          is cloned by

          Bug - A problem that impairs or prevents the functions of the product. WFLY-17856 PolicyContext.getContext("jakarta.servlet.http.HttpServletRequest") throws java.lang.IllegalArgumentException: unknown handler key

          • Blocker - To be worked above all other priorities. This term is chosen when the severity of the issue is very high, has no workaround, or the effort for the change is comparatively low. Issues that may be very publicly visible and could generate significant media attention may also drive a higher priority.
          • Closed

          Activity

            People

              darran.lofthouse@redhat.com Darran Lofthouse
              spotra Sorin Potra (Inactive)
              Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: