0 Replies Latest reply on Jan 22, 2019 8:15 PM by geturner

    External authentication in servletFilter, need authorization integration

    geturner

      I have a very successful filter configured, that when a user hits a web page, it redirects to another system where the user provides their credentials and then are re-directed back to my WildFly with JWT that contains user roles.

      NOW I need to establish that user in the web app security context, so that subsequent Principal and isUserInRole calls by an EJB (could do in servlet code IF necessary) would succeed.

      I have tried MANY options, nothing seems to work.  I do NOT have a loginConfig in my web.xml and I have set the jboss-web.xml to other, jboss-web-policy, jboss-ejb-policy, etc.  I have the session cookie code working, the client app that is calling the servlet interfaces is presenting the cookie back successfully.  I have tried setting the user and roles into the session attributes using many keys, but nothing seems to help.