I'm migrating from glassfish to wildfly and noticed few weird things.
When you perform login through web container (request.login(user, pwd)), the principal is not propagated to EJB Container, only for web container.
To test that, this is what I did:
. BASIC AUTH
. EJB receives HttpServletRequest with user data and perform login
. Print request.getUserPrincipal() => ok, logged in
. Print EJBContext.getCallerPrincipal() => anonymous
This happens in the same request that user logged in. In the subsequent requests (using Set-Cookie response and cookie with JSESSIONID in request), the EJB is aware of the authentication.
Is that the right behavior? 'Cause in glassfish is different, the principal is propagated immediately to EJB.
Thanks in advance.