Uploaded image for project: 'WildFly'
  1. WildFly
  2. WFLY-12518

ConnectionSecurityContext.getConnectionPrincipals leads to IllegalStateException getConnectionPrincipals

    XMLWordPrintable

Details

    • Bug
    • Resolution: Done
    • Major
    • 18.0.0.Final
    • 18.0.0.Beta1
    • Security
    • None
    • Hide

      Our application use an ejb-interceptor to switch the user context of an remote invocation. The interceptor uses ConnectionSecurityContext.getConnectionPrincipals() to check the current connected user. But some server instances are configured without an SecurityRealm, to allow anonymous access. At this instances a IllegalStateException "realm is null' stops the remote call.

      Breakpoint hit: "thread=default task-12", org.jboss.as.security.api.ConnectionSecurityContext.getConnectionPrincipals(), line=75 bci=54

      default task-12[1] locals
      Method arguments:
      Local variables:
      con = instance of org.jboss.as.security.remoting.RemotingContext$RemotingRemoteConnection(id=39556)
      principals = instance of java.util.HashSet(id=39557)
      localIdentity = instance of org.wildfly.security.auth.server.SecurityIdentity(id=39558)
      principal = instance of org.wildfly.security.auth.principal.AnonymousPrincipal(id=39559)
      realm = null

      Show
      Our application use an ejb-interceptor to switch the user context of an remote invocation. The interceptor uses ConnectionSecurityContext.getConnectionPrincipals() to check the current connected user. But some server instances are configured without an SecurityRealm, to allow anonymous access. At this instances a IllegalStateException "realm is null' stops the remote call. Breakpoint hit: "thread=default task-12", org.jboss.as.security.api.ConnectionSecurityContext.getConnectionPrincipals(), line=75 bci=54 default task-12 [1] locals Method arguments: Local variables: con = instance of org.jboss.as.security.remoting.RemotingContext$RemotingRemoteConnection(id=39556) principals = instance of java.util.HashSet(id=39557) localIdentity = instance of org.wildfly.security.auth.server.SecurityIdentity(id=39558) principal = instance of org.wildfly.security.auth.principal.AnonymousPrincipal(id=39559) realm = null

    Description

      The commit https://github.com/wildfly/wildfly/commit/121c02b004adaca76e306bf3e8c16b3056bd0db1#diff-554f8ec76c02b6cbacc688356f164fe8 leads direct to an IllegalStateException during anonymous login.
      In this case is no Realm available and the constructor of new RealmUser(realm, principal.getName()) throws an IllegalStateException.

      Attachments

        Issue Links

          is cloned by

          Bug - A problem that impairs or prevents the functions of the product. JBEAP-18271 [GSS](7.3.z) WFLY-12518 - ConnectionSecurityContext.getConnectionPrincipals leads to IllegalStateException getConnectionPrincipals

          • Major - To be worked after higher priority work items are addressed. When the severity is high and the effort to change it is low to moderate, this term is chosen. Issues in this category likely have an existing workaround but implementation or execution may be non-trivial.
          • Verified

          Activity

            People

              danielstraub Daniel Straub
              danielstraub Daniel Straub
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: