Uploaded image for project: 'WildFly'
  1. WildFly
  2. WFLY-981

@RunAs/@RunAsPrincipal are ignored for @Startup/@Singleton bean

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Done
    • Icon: Major Major
    • 8.0.0.CR1
    • None
    • EJB
    • None

      The @RunAs/@RunAsPrincipal annotations get ignored when used on a singleton
      bean that is annotated with @Startup. This means the the singleton bean
      is not able to call protected EJBs.

      If the protected EJB is annotated with @PermitAll, then the
      singleton is able to invoke the method because the
      AuthorizationInterceptor create an "anonymous" user that is treated as
      authenticated. However, the @RunAsPrincipal is ignored as the
      getCallerPrincipal() returns anonymous instead of the @RunAsPrincipal.

      I dug around in the code and it looks like the @RunAs/@RunAsPrincipal
      annotations are getting handled correctly during deployment:

      Step completed: "thread=MSC service thread 1-3", org.jboss.as.ejb3.deployment.processors.merging.RunAsMergingProcessor.handleDeploymentDescriptor(), line=126 bci=249

      MSC service thread 1-3[1] print componentConfiguration.getRunAs()
      componentConfiguration.getRunAs() = "JBossAdmin"
      MSC service thread 1-3[1] print componentConfiguration.getRunAsPrincipal()
      componentConfiguration.getRunAsPrincipal() = "fred"

      However, by the time the SecurityContextInterceptor is called, the
      runAs/runAsPrincipal settings are null.

              ehugonne1@redhat.com Emmanuel Hugonnet
              rhn-support-dehort Derek Horton
              Votes:
              1 Vote for this issue
              Watchers:
              5 Start watching this issue

                Created:
                Updated:
                Resolved: