Uploaded image for project: 'WildFly'
  1. WildFly
  2. WFLY-17254

Add a global EJB client interceptor for EJB deployments that will runAs the current security identity to activate any outflow identities

    XMLWordPrintable

Details

    • ---
    • ---

    Description

      Currently, attempting to propagate an identity from a servlet within one deployment to an EJB within another deployment associated with a different security domain fails even when outflow-security-domains and trusted-security-domains are configured. The underlying problem is that outflow is not actually triggered in this case. To activate any outflow identities automatically, one option is to add a global EJB client interceptor that would ensure that we always runAs the current security identity.

      Attachments

        Issue Links

          depends on

          Task - Represents a small unit of work that is not end-user facing. WFCORE-6108 Add a new Phase constant to install global EJB client interceptors

          • Major - To be worked after higher priority work items are addressed. When the severity is high and the effort to change it is low to moderate, this term is chosen. Issues in this category likely have an existing workaround but implementation or execution may be non-trivial.
          • Closed
          is blocked by

          Enhancement - An enhancement to or refactoring of existing functionality that is not configurable by an end user (typically a change made by an internal team that affects users) WFLY-9976 EJB Client Interceptor not invoked for Local Interface

          • Major - To be worked after higher priority work items are addressed. When the severity is high and the effort to change it is low to moderate, this term is chosen. Issues in this category likely have an existing workaround but implementation or execution may be non-trivial.
          • Coding In Progress
          is incorporated by

          Bug - A problem that impairs or prevents the functions of the product. JBEAP-24228 [GSS](7.4.z) Add a global EJB client interceptor for EJB deployments that will runAs the current security identity to activate any outflow identities

          • Major - To be worked after higher priority work items are addressed. When the severity is high and the effort to change it is low to moderate, this term is chosen. Issues in this category likely have an existing workaround but implementation or execution may be non-trivial.
          • Verified

          Activity

            People

              fjuma1@redhat.com Farah Juma
              fjuma1@redhat.com Farah Juma
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: