Description
Hi,
It seems that starting Wildfly 26 in DEBUG mode breaks the ejb3 security context. My ejb3s run as "user" (i.e any authenticated user (in a Keycloak SSO context)).
> ERROR [org.jboss.as.ejb3.invocation] (default task-1) WFLYEJB0034: Jakarta Enterprise Beans Invocation failed on component xxxxx for method public abstract yyyyy ..... throws java.lang.Exception of bean: xxxx is not allowed.
When I start wildfly in "Run" mode. It works.
What drove me crazy is that was totally inconsistent. Sometimes OK for both mode sometimes not for both, sometimes OK only for RUN mode
— >>> I finally found that deleting standalone_xml_history make the "RUN" and DEBUG mode working again.
In the ejb3 subsystem I set :
<default-missing-method-permissions-deny-access value="false"/>
I have added a "keycloak-user-mapper" role-mapper to the security Domain (which is now the default ApplicationDomain and not a dedicated custom Domain for Keycloak)
...
<security-domain name="ApplicationDomain" default-realm="ApplicationRealm" permission-mapper="default-permission-mapper" role-mapper="keycloak-user-mapper">
...
<constant-role-mapper name="keycloak-user-mapper">
<role name="user"/>
</constant-role-mapper>
In jboss-ejb3.xml of my project , I set
<s:missing-method-permissions-deny-access>false</s:missing-method-permissions-deny-access>
- First of all, when I start Wilfly using the standalone.ps1 script, uncommenting the line below of standalone.conf does not work to enable debug mode (not listening on port 8787).
- JAVA_OPTS="$JAVA_OPTS -agentlib:jdwp=transport=dt_socket,address=8787,server=y,suspend=n"
I have to run standalone.ps1 --debug to enable debug mode
- Second I'm used to start my server from Eclipse. Neither DEBUG nor RUN work from there... Any Attempt to start from Eclispe breaks things again and sometimes I have to delete standalone_xml_history twice in a row to make things to work again. This is driving me crazy.