Uploaded image for project: 'WildFly Core'
  1. WildFly Core
  2. WFCORE-4249

WildFlyInitialContextFactory EJB proxy security behavior inconsistent with different context lookups

    Details

      Description

      WildFlyInitialContextFactory EJB proxy security behavior inconsistent with different context lookups

      Using WildFlyInitialContextFactory and calling a remote EJB server.

      Observations:

      1) If the ejb lookup is "reproducer/TestSLSB!test.Test" (basically like a RemoteNaming lookup), the ejb is invoked successfully, but the caller is seen as anonymous instead of the ejbuser which is specified in the Context properties.

      Using the ejb-client type lookup: ejb:/reproducer/TestSLSB!test.Test , then it shows up as ejbuser as expected

      2) if a client creates 2 InitialContexts and uses the lookup reproducer/TestSLSB!test.Test" on ctx1 , then uses the lookup "ejb:/reproducer/TestSLSB!test.Test " on ctx2 in that order, then they both show anonymous (as if it uses only the context that was created first).

      If you switch the order, and use ejb:/reproducer/TestSLSB!test.Test first, then they both show ejbuser

        Gliffy Diagrams

          Attachments

            Issue Links

              Activity

                People

                • Assignee:
                  baranowb Bartosz Baranowski
                  Reporter:
                  gaol Lin Gao
                • Votes:
                  0 Vote for this issue
                  Watchers:
                  1 Start watching this issue

                  Dates

                  • Created:
                    Updated:
                    Resolved:

                    Time Tracking

                    Estimated:
                    Original Estimate - 3 days
                    3d
                    Remaining:
                    Remaining Estimate - 3 days
                    3d
                    Logged:
                    Time Spent - Not Specified
                    Not Specified