Uploaded image for project: 'WildFly'
  1. WildFly
  2. WFLY-140

switching users between ejb calls does not work when the call originates from a remote client


    • Type: Bug
    • Status: Closed (View Workflow)
    • Priority: Major
    • Resolution: Done
    • Affects Version/s: None
    • Fix Version/s: 8.0.0.Alpha1
    • Component/s: EJB
    • Labels:


      Description of problem:

      Switching users between ejb calls does not work when the call originates
      from a remote client. In this case, both ejbs are on the same JBoss instance.

      The use case looks like the following:

      remote standalone client ---> unsecured ejb3 (switch user here) -> secured ejb3

      I tried to use both approaches outlined in Q10/A10 of the JBoss
      Security FAQ [1] in order to establish a security context in
      the unsecured ejb that should be used to invoke the secured ejb.
      Neither approach worked in my testing.

      When the same unsecured ejb is called from a web application (secured
      or unsecured), then the user switching works correctly.

      The ejb security code appears to work differently based on the client
      type (standalone remote ejb client vs a web application).

      I believe this is happening because the
      org.jboss.as.security.service.SimpleSecurityManager.push method (called
      by the SecurityContextInterceptor) is checking for an existing
      RemotingContext and grabbing the security context from there even
      though the security context that should be used appears to be getting
      propagated correctly.

      The following area of the code appears to be causing the issue. This
      section of code is executed which causes the newly established security
      context to be ignored:

      if (RemotingContext.isSet()) {
      // In this case the principal and credential will not have been set to set some random values.
      SecurityContextUtil util = current.getUtil();

      Steps to Reproduce:

      Create a test application that looks like the following:

      remote client ---> unsecured ejb3 (switch user here) -> secured ejb3

      Actual results:

      If the unsecured ejb is invoked from a remote client, the user switching that takes place in the first ejb is ignored. Replace the remote standalone client with a web application and the user switching works.

      Expected results:

      User switching should work if the client is a standalone remote client or a web application.

      Additional info:

        Gliffy Diagrams




              • Assignee:
                dlofthouse Darran Lofthouse
                dehort Derek Horton
              • Votes:
                0 Vote for this issue
                5 Start watching this issue


                • Created: