Loading...

XML

Word

Printable

Details

Type: Bug
Resolution: Done
Priority: Critical
Fix Version/s: 11.0.0.Final
Affects Version/s: 11.0.0.Beta1, 11.0.0.CR1
Component/s: CDI / Weld, Security
Labels:
None

Steps to Reproduce:
Hide

clone Weld WildFly fork and build the project

clone Weld repo, build the project and run org.jboss.weld.tests.event.async.context.security.SecurityContextPropagationTest

$ git clone -b 11.0.0.CR1-weld3 git@github.com:weld/wildfly.git $ cd wildfly $ mvn clean install -DskipTests $ cd ../ $ git clone git@github.com:weld/core.git $ cd core $ mvn clean install -DskipTests $ export JBOSS_HOME=WFLYREPO/dist/target/wildfly-11.0.0.Beta1 $ mvn clean test -Dincontainer -Dtest=SecurityContextPropagationTest -f tests-arquillian/pom.xml
Show
clone Weld WildFly fork and build the project clone Weld repo, build the project and run org.jboss.weld.tests.event.async.context.security.SecurityContextPropagationTest $ git clone -b 11.0.0.CR1-weld3 git@github.com:weld/wildfly.git $ cd wildfly $ mvn clean install -DskipTests $ cd ../ $ git clone git@github.com:weld/core.git $ cd core $ mvn clean install -DskipTests $ export JBOSS_HOME=WFLYREPO/dist/target/wildfly-11.0.0.Beta1 $ mvn clean test -Dincontainer -Dtest=SecurityContextPropagationTest -f tests-arquillian/pom.xml

Description

The integration code used by Weld 3 to propagate the security context of the current thread to different threads (needed for async events CDI 2.0 feature) is not able to obtain the current org.wildfly.security.auth.server.SecurityDomain anymore.

~~The invocation of SecurityDomain.getCurrent() returns null.~~

UPDATE: The original description was wrong. We wrongly assumed that Elytron is active for a deployment by default which isn't the case.

NullPointerException being reported DURING calls to SecurityDomain.getCurrent():

Caused by: java.lang.NullPointerException
	at java.util.concurrent.ConcurrentHashMap.get(ConcurrentHashMap.java:936)
	at org.wildfly.security.auth.server.SecurityDomain.getCurrent(SecurityDomain.java:171)
	at org.jboss.as.ee.component.ProxyInvocationHandler.invoke(ProxyInvocationHandler.java:74)
	at org.jboss.weld.tests.event.async.context.security.Printer$$$view2.print(Unknown Source)
	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
	at java.lang.reflect.Method.invoke(Method.java:498)
	at org.jboss.weld.util.reflection.Reflections.invokeAndUnwrap(Reflections.java:411)
	at org.jboss.weld.module.ejb.EnterpriseBeanProxyMethodHandler.invoke(EnterpriseBeanProxyMethodHandler.java:128)
	at org.jboss.weld.bean.proxy.EnterpriseTargetBeanInstance.invoke(EnterpriseTargetBeanInstance.java:56)
	at org.jboss.weld.module.ejb.InjectionPointPropagatingEnterpriseTargetBeanInstance.invoke(InjectionPointPropagatingEnterpriseTargetBeanInstance.java:68)
	at org.jboss.weld.bean.proxy.ProxyMethodHandler.invoke(ProxyMethodHandler.java:106)
	at org.jboss.weld.tests.event.async.context.security.Printer$Proxy$_$$_Weld$EnterpriseProxy$.print(Unknown Source)
	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)

Note that this worked on WildFly 11.0.0.Alpha1.

It's also possible that the test (see also steps to reproduce) is wrong. A review/help from a security expert would be appreciated.

Attachments

Activity

People

Assignee:: Darran Lofthouse

Reporter:: Martin Kouba

Votes:: 0 Vote for this issue

Watchers:: 4 Start watching this issue

Dates

Created:: 2017/08/18 5:23 AM

Updated:: 2021/10/24 5:58 AM

Resolved:: 2017/09/20 10:18 AM