Wildfly30 - authentication between WAR and EJB

Question

I am migrating an app from jboss 7 to wildfly30.

It is a standalone .ear file with multiple wars and ejb jars.

I am stuck at the point where I have an authenticated user in the webapp, but somehow this does not port over to the ejb side.

If not authenticated, I am redirected to the loginpage, I authenticate and I am presented with some test pages. I am able to see my authenticated user with

WebContext ctx = WebContextFactory.get();
HttpServletRequest request = ctx.getHttpServletRequest();
Principal principal = request.getUserPrincipal();
principal.getName(); ---> correctly shows my authenticated username.

I have enabled sso on the wildfly 30, and hence once authenticated in one of the wars, I am able to see the user on all of the wars.

However, when I lookup a bean (local interface)

InitialContext ctx = new InitialContext();
T service = (T) ctx.lookup(jndiName);

and call a method from it

Principal principal = context.getCallerPrincipal();
return principal != null ? principal.getName() : "unknown";

I am always getting 'anonymous'

Any ideas where to look?

I have tried adding jboss-ejb3.xml from the example on widlfly30 site - but got into some weird errors at wildfly startup:

Caused by: java.lang.IllegalStateException: WFLYEJB0530: The deployment is configured to use a legacy security domain 'xxxx' which is no longer supported. at org.jboss.as.ejb3@30.0.0.Final//org.jboss.as.ejb3.component.singleton.SingletonComponentDescription$2.configure(SingletonComponentDescription.java:115) at org.jboss.as.ee@30.0.0.Final//org.jboss.as.ee.component.deployers.EEModuleConfigurationProcessor.deploy(EEModuleConfigurationProcessor.java:65) ... 9 more

I have tried adding @RolesAllowed for the bean definition. Of course it did not work as there is no user/role at this point.

Of course, I expected that on the bean side, I can see my authenticated username.

Thanks!

Wildfly30 - authentication between WAR and EJB

Answers (0)

Related Questions