Uploaded image for project: 'WildFly'
  1. WildFly
  2. WFLY-10480

ElytronSecurityDomainContextImpl does not propagate authenticated subject

    XMLWordPrintable

    Details

      Description

      We have a usecase scenario which requires ElytronSecurityDomainContextImpl to propagate the authenticated subject from webservice subsystem to

      ejb subystem. With old security domain , we used to rely on the following integration code in the SecurityDomainContextImpl:

          @Override
          public void pushSubjectContext(final Subject subject, final Principal principal, final Object credential) {
              AccessController.doPrivileged(new PrivilegedAction<Void>() {
      
                  public Void run() {
                      SecurityContext securityContext = SecurityContextAssociation.getSecurityContext();
                      if (securityContext == null) {
                          securityContext = createSecurityContext(getSecurityDomain());
      setSecurityContextOnAssociation(securityContext);
                      }
      securityContext.getUtil().createSubjectInfo(principal, credential, subject);
                      return null;
                  }
              });
          }
      

      When an Elytron security domain is configured for the ws application, the functionality is not working as the corresponding method in ElytronSecurityDomainContextImpl is empty.

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              jim.ma Jim Ma
              Reporter:
              asoldano Alessio Soldano
              Votes:
              0 Vote for this issue
              Watchers:
              8 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved: