1 Reply Latest reply on Jan 16, 2020 10:28 AM by fjuma

    Elytron - EJB Principal Anonymous

    dnovo
    dnovo Jan 16, 2020 6:02 AM

      Hi,

       

      I have a simple ear ( one war plus one ejb module ).

       

      I'm trying to use Elytron security with wildfly 18.0.1 and AdoptOpenJDK 11.

       

      standalone.xml

       

      <subsystem xmlns="urn:wildfly:elytron:8.0" final-providers="combined-providers" disallowed-providers="OracleUcrypto">

       

      <security-domains>

      ...

      <security-domain name="MyDomain" default-realm="MyRealm" permission-mapper="default-permission-mapper">

              <realm name="MyRealm"/>

               </security-domain>

      ....

      </security-domains>

       

      <security-realms>

      ...

      <jdbc-realm name="MyRealm">

                          <principal-query sql="SELECT password, 'MyRole' from USER where username = ? " data-source="AppDS">

                              <attribute-mapping>

                                  <attribute to="Roles" index="2"/>

                              </attribute-mapping>

                              <simple-digest-mapper algorithm="simple-digest-sha-512" password-index="1"/>

                          </principal-query>

                      </jdbc-realm>

      ...

      </security-realms>

      ...

      <http>

      ...

      <http-authentication-factory name="my-http-authentication" security-domain="MyDomain" http-server-mechanism-factory="global">

                          <mechanism-configuration>

                              <mechanism mechanism-name="FORM">

                                  <mechanism-realm realm-name="MyRealm"/>

                              </mechanism>

                          </mechanism-configuration>

                      </http-authentication-factory>

      ...

      </http>

      ...

      </subsystem>

       

      <subsystem xmlns="urn:jboss:domain:undertow:10.0" default-server="default-server" default-virtual-host="default-host" default-servlet-container="default" default-security-domain="other" statistics-enabled="${wildfly.undertow.statistics-enabled:${wildfly.statistics-enabled:false}}">

      ...

      <application-security-domains>

                      <application-security-domain name="MyDomain" http-authentication-factory="my-http-authentication"/>

      </application-security-domains>

      </subsystem>

       

      After successful login on my webapp (j_security_check), my named bean call ejb method.

       

      In my EJB, trying to get Principal always returns anonymous.

       

      I'v tried 3 different ways:

       

      @Inject

      private Principal principal; -> returns anonymous

       

      @Resource

      private SessionContext sessionContext; -> returns anonymous

       

      @Resource

      private EJBContext ejbContext; -> returns anonymous

       

      Injecting Principal in named bean (war) returns the correct principal. Seams like the principal is not being propagated to ejb layer.

       

      I'm i missing something in elytron setup? Or is this a bug? Is there another way to get principal in ejb.

      • 214 Views
      • Tags: