Loading...

XML

Word

Printable

Type: Task
Resolution: Done
Priority: Major
Fix Version/s: 28.0.0.Beta1, 28.0.0.Final
Affects Version/s: None
Component/s: EJB, Security
Labels:
None

[QE] How to address?:
---
[QE] Why QE missed?:
---

Currently, attempting to propagate an identity from a servlet within one deployment to an EJB within another deployment associated with a different security domain fails even when outflow-security-domains and trusted-security-domains are configured. The underlying problem is that outflow is not actually triggered in this case. To activate any outflow identities automatically, one option is to add a global EJB client interceptor that would ensure that we always runAs the current security identity.

depends on

WFCORE-6108 Add a new Phase constant to install global EJB client interceptors

Closed

is blocked by

WFLY-9976 EJB Client Interceptor not invoked for Local Interface

Coding In Progress

is incorporated by

JBEAP-24228 [GSS](7.4.z) Add a global EJB client interceptor for EJB deployments that will runAs the current security identity to activate any outflow identities

Verified

Assignee:: Farah Juma

Reporter:: Farah Juma

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Created:: 2022/11/04 9:48 PM

Updated:: 2023/07/31 6:51 PM

Resolved:: 2022/12/30 9:13 PM

Details

Description

Attachments

Issue Links

Activity

People

Dates