Uploaded image for project: 'WildFly'
  1. WildFly
  2. WFLY-4385

Authentication is not propagated to EJB in the login request


      I'm migrating from glassfish to wildfly and noticed few weird things.

      When you perform login through web container (request.login(user, pwd)), the principal is not propagated to EJB Container, only for web container.
      To test that, this is what I did:
      . BASIC AUTH
      . EJB receives HttpServletRequest with user data and perform login
      . Print request.getUserPrincipal() => ok, logged in
      . Print EJBContext.getCallerPrincipal() => anonymous

      This happens in the same request that user logged in. In the subsequent requests (using Set-Cookie response and cookie with JSESSIONID in request), the EJB is aware of the authentication.

      Is that the right behavior? 'Cause in glassfish is different, the principal is propagated immediately to EJB.

      Thanks in advance.

            Unassigned Unassigned
            casmeiron Paulo Cesar Silva Reis (Inactive)
            1 Vote for this issue
            3 Start watching this issue