Status: Resolved (View Workflow)
Affects Version/s: 11.0.0.Beta1, 11.0.0.CR1
Fix Version/s: 11.0.0.Final
Steps to Reproduce:
clone Weld WildFly fork and build the project clone Weld repo, build the project and run org.jboss.weld.tests.event.async.context.security.SecurityContextPropagationTest $ git clone -b 11.0.0.CR1-weld3 firstname.lastname@example.org:weld/wildfly.git $ cd wildfly $ mvn clean install -DskipTests $ cd ../ $ git clone email@example.com:weld/core.git $ cd core $ mvn clean install -DskipTests $ export JBOSS_HOME=WFLYREPO/dist/target/wildfly-11.0.0.Beta1 $ mvn clean test -Dincontainer -Dtest=SecurityContextPropagationTest -f tests-arquillian/pom.xml
- clone Weld WildFly fork and build the project
- clone Weld repo, build the project and run org.jboss.weld.tests.event.async.context.security.SecurityContextPropagationTest
The integration code used by Weld 3 to propagate the security context of the current thread to different threads (needed for async events CDI 2.0 feature) is not able to obtain the current org.wildfly.security.auth.server.SecurityDomain anymore. The invocation of SecurityDomain.getCurrent() returns null.
UPDATE: The original description was wrong. We wrongly assumed that Elytron is active for a deployment by default which isn't the case.
NullPointerException being reported DURING calls to SecurityDomain.getCurrent():
Note that this worked on WildFly 11.0.0.Alpha1.
It's also possible that the test (see also steps to reproduce) is wrong. A review/help from a security expert would be appreciated.