1 Reply Latest reply on Mar 12, 2007 2:11 PM by Erica Kane

    Unexpected Principal (Security Identity) Propagation Switch

    Erica Kane Newbie

      I am experiencing a similar (identical?) bug that was reported in http://jira.jboss.com/jira/browse/JBAS-1852?page=com.cenqua.fisheye.jira:fisheye-tabpanel and reported fixed in JBoss 4.0.3.

      I access a session bean twice from the web tier, as an unauthenticated user. The session bean function is basically a wrapper to ctx.isCallerInRole(roleName). On the second time that function is called I get

      javax.security.auth.login.FailedLoginException: No matching username found in Principals


      On the first call, there is no problem. Setting the unauthenticatedIdentity option does not help.

      I have tried both 4.0.4GA and 4.0.5GA and the problem is still there. I wanted to do a sanity check before filing a JIRA report. Any comments?