10 Replies Latest reply on Mar 25, 2014 5:45 AM by sergiu_pienar

    Login-Principal is not propagated to Ejb's SessionContext


      Deployment as ear with war and jar (containing the ejb service) on the nightly build of 2010-10-08

      I'm using the DatabaseServerLoginModule, see this excerpt of my standalone.xml


                      <security-domain name="mysecurity">


                              <login-module code="org.jboss.security.auth.spiDatabaseServerLoginModule" flag="required">

                                  <module-option name="debug" value="true" />

                                  <module-option name="dsJndiName" value="java:/mydb" />

                                  <module-option name="principalsQuery" value="SELECT passwd etc" />

                                  <module-option name="rolesQuery" value="SELECT role etc." />

                                  <module-option name="unauthenticatedIdentity" value="nobody" />                       





      My EJB is defined like this, the SessionContext is injected




      @SecurityDomain(value = "mysecurity")

      public class MyServiceBean {


      @Resource SessionContext ctx;


      The principal created during the login is correct, but it is not propagated to the ejb serviceContext:

      ctx.getCallerPrincipal() delivers "anonymous"


      Is this a bug, or is there another way to retrieve the caller principal in ejb?