Hi,

I've written a JASPIC authentication module that worked perfectly up to WF 9 but doesn't work with WildFly 10.0.0.Final.

After a successful authentication my module registers the authentication with the session by calling

     messageInfo.getMap().put("javax.servlet.http.registerSession", TRUE.toString())

and forwards to another url by calling

     request.getRequestDispatcher(relativeURL).forward(request, response)

Since WildFly 10 this does not work any longer. During the forwarded request itself as well as any other request a call to

     request.getUserPrincipal()

return null. After looking into this it looks to me that a new session gets created if the request is dispatched. This new session is of course unauthorized.

Unfortunately I haven't been able to provide an example project so far but I will investigate further into this issue.

Does anybody ran into a similar problem?

Thanks,

Alex