I have a very successful filter configured, that when a user hits a web page, it redirects to another system where the user provides their credentials and then are re-directed back to my WildFly with JWT that contains user roles.
NOW I need to establish that user in the web app security context, so that subsequent Principal and isUserInRole calls by an EJB (could do in servlet code IF necessary) would succeed.
I have tried MANY options, nothing seems to work. I do NOT have a loginConfig in my web.xml and I have set the jboss-web.xml to other, jboss-web-policy, jboss-ejb-policy, etc. I have the session cookie code working, the client app that is calling the servlet interfaces is presenting the cookie back successfully. I have tried setting the user and roles into the session attributes using many keys, but nothing seems to help.