Wildfly 15 get EJBContext in Singleton from jax rs logged in user












1















I want to get the caller principal in an singleton from the logged in user. the user is authenticating against the rest service with username/password



the security domain is in the jboss-web.xml in the war



<security-domain>application-security</security-domain>


The endpoint in the war is:



@Path("/message/{message}")

public class MyRessource

{  

   @EJB

   MySingleton singletonBean;



   @GET

   public Response resource(@PathParam("message") String message)

   {        

        singletonBean.printText(message);

        System.out.println("called from: " + ctx.getUserPrincipal().getName());

}


the singleton is in an own project, and is provided as dependency at the war.



@Stateless

public class MySingletonBean implements MySingleton

{



    @Resource

    EJBContext context;



    @Resource

    SessionContext ctx;



  public void printText(String text) {

      System.out.println(text + ":: EJBContext: " + context.getCallerPrincipal().getName() + "  SessionContext: " + ctx.getCallerPrincipal().getName());      

  }



}


my web.xml:



<web-app>

    <security-role>

        <role-name>Admin</role-name>

    </security-role>



    <security-constraint>

        <web-resource-collection>

            <url-pattern>/*</url-pattern>

            <http-method-omission>OPTIONS</http-method-omission>

        </web-resource-collection>

        <auth-constraint>

            <role-name>Admin</role-name>

        </auth-constraint>

    </security-constraint>

    <login-config>

        <auth-method>BASIC</auth-method>

    </login-config>

</web-app>


standalone-full-ha.xml



<subsystem xmlns="urn:wildfly:elytron:5.0" ...>

   [...]

   <security-domain name="application-security" default-realm="application-properties" permission-mapper="default-permission-mapper">

      <realm name="application-properties"/>

   </security-domain>

   [...]

</subsystem>

   [...]



<http-authentication-factory name="application-security-http" security-domain="application-security" http-server-mechanism-factory="global">

   <mechanism-configuration>

      <mechanism mechanism-name="BASIC"/>

   </mechanism-configuration>

</http-authentication-factory>

[...]



<security-domains>

   <security-domain name="application-security" default-realm="application-properties" permission-mapper="default-permission-mapper">

      <realm name="application-properties"/>

    </security-domain>

   [...]

</security-domains>

[...]



<subsystem xmlns="urn:jboss:domain:security:2.0">

   <security-domains>

      <security-domain name="application-security">

         <authentication>

            <login-module code="UsersRoles" flag="required">

               <module-option name="usersProperties" value="file://${jboss.server.config.dir}/context-users.properties"/>

                <module-option name="rolesProperties" value="file://${jboss.server.config.dir}/context-roles.properties"/>

             </login-module>

          </authentication>

     </security-domain>

     [...]

</subsystem>

[...]



<subsystem xmlns="urn:boss:domain:undertow"...>

    <application-security-domains>

        <application-security-domain name="application-security" http-authentication-factory="application-security-http"/>

    </application-security-domains>

    [...]

</subsystem>


But i always get anonymous as principals.



What did i do wrong?






java java-ee ejb wildfly javabeans







share|improve this question

























  • Do you have any security configuration in your web.xml? Typically you will only see a Principal when the accessed resource has been protected by a security constraint.

    – Steve C
    Jan 17 at 1:49











  • yes, my web.xml contains the security-role, the security-constraint and the login-config.

    – auryn31
    Jan 17 at 9:41






  • 1





    Please add these snippets to your question

    – Steve C
    Jan 17 at 13:23











  • i added the web.xml content

    – auryn31
    Jan 17 at 13:37






  • 1





    Please show your security configuration in WildFly

    – Steve C
    Jan 17 at 13:44
















1















I want to get the caller principal in an singleton from the logged in user. the user is authenticating against the rest service with username/password



the security domain is in the jboss-web.xml in the war



<security-domain>application-security</security-domain>


The endpoint in the war is:



@Path("/message/{message}")

public class MyRessource

{  

   @EJB

   MySingleton singletonBean;



   @GET

   public Response resource(@PathParam("message") String message)

   {        

        singletonBean.printText(message);

        System.out.println("called from: " + ctx.getUserPrincipal().getName());

}


the singleton is in an own project, and is provided as dependency at the war.



@Stateless

public class MySingletonBean implements MySingleton

{



    @Resource

    EJBContext context;



    @Resource

    SessionContext ctx;



  public void printText(String text) {

      System.out.println(text + ":: EJBContext: " + context.getCallerPrincipal().getName() + "  SessionContext: " + ctx.getCallerPrincipal().getName());      

  }



}


my web.xml:



<web-app>

    <security-role>

        <role-name>Admin</role-name>

    </security-role>



    <security-constraint>

        <web-resource-collection>

            <url-pattern>/*</url-pattern>

            <http-method-omission>OPTIONS</http-method-omission>

        </web-resource-collection>

        <auth-constraint>

            <role-name>Admin</role-name>

        </auth-constraint>

    </security-constraint>

    <login-config>

        <auth-method>BASIC</auth-method>

    </login-config>

</web-app>


standalone-full-ha.xml



<subsystem xmlns="urn:wildfly:elytron:5.0" ...>

   [...]

   <security-domain name="application-security" default-realm="application-properties" permission-mapper="default-permission-mapper">

      <realm name="application-properties"/>

   </security-domain>

   [...]

</subsystem>

   [...]



<http-authentication-factory name="application-security-http" security-domain="application-security" http-server-mechanism-factory="global">

   <mechanism-configuration>

      <mechanism mechanism-name="BASIC"/>

   </mechanism-configuration>

</http-authentication-factory>

[...]



<security-domains>

   <security-domain name="application-security" default-realm="application-properties" permission-mapper="default-permission-mapper">

      <realm name="application-properties"/>

    </security-domain>

   [...]

</security-domains>

[...]



<subsystem xmlns="urn:jboss:domain:security:2.0">

   <security-domains>

      <security-domain name="application-security">

         <authentication>

            <login-module code="UsersRoles" flag="required">

               <module-option name="usersProperties" value="file://${jboss.server.config.dir}/context-users.properties"/>

                <module-option name="rolesProperties" value="file://${jboss.server.config.dir}/context-roles.properties"/>

             </login-module>

          </authentication>

     </security-domain>

     [...]

</subsystem>

[...]



<subsystem xmlns="urn:boss:domain:undertow"...>

    <application-security-domains>

        <application-security-domain name="application-security" http-authentication-factory="application-security-http"/>

    </application-security-domains>

    [...]

</subsystem>


But i always get anonymous as principals.



What did i do wrong?






java java-ee ejb wildfly javabeans







share|improve this question

























  • Do you have any security configuration in your web.xml? Typically you will only see a Principal when the accessed resource has been protected by a security constraint.

    – Steve C
    Jan 17 at 1:49











  • yes, my web.xml contains the security-role, the security-constraint and the login-config.

    – auryn31
    Jan 17 at 9:41






  • 1





    Please add these snippets to your question

    – Steve C
    Jan 17 at 13:23











  • i added the web.xml content

    – auryn31
    Jan 17 at 13:37






  • 1





    Please show your security configuration in WildFly

    – Steve C
    Jan 17 at 13:44














1












1








1








I want to get the caller principal in an singleton from the logged in user. the user is authenticating against the rest service with username/password



the security domain is in the jboss-web.xml in the war



<security-domain>application-security</security-domain>


The endpoint in the war is:



@Path("/message/{message}")

public class MyRessource

{  

   @EJB

   MySingleton singletonBean;



   @GET

   public Response resource(@PathParam("message") String message)

   {        

        singletonBean.printText(message);

        System.out.println("called from: " + ctx.getUserPrincipal().getName());

}


the singleton is in an own project, and is provided as dependency at the war.



@Stateless

public class MySingletonBean implements MySingleton

{



    @Resource

    EJBContext context;



    @Resource

    SessionContext ctx;



  public void printText(String text) {

      System.out.println(text + ":: EJBContext: " + context.getCallerPrincipal().getName() + "  SessionContext: " + ctx.getCallerPrincipal().getName());      

  }



}


my web.xml:



<web-app>

    <security-role>

        <role-name>Admin</role-name>

    </security-role>



    <security-constraint>

        <web-resource-collection>

            <url-pattern>/*</url-pattern>

            <http-method-omission>OPTIONS</http-method-omission>

        </web-resource-collection>

        <auth-constraint>

            <role-name>Admin</role-name>

        </auth-constraint>

    </security-constraint>

    <login-config>

        <auth-method>BASIC</auth-method>

    </login-config>

</web-app>


standalone-full-ha.xml



<subsystem xmlns="urn:wildfly:elytron:5.0" ...>

   [...]

   <security-domain name="application-security" default-realm="application-properties" permission-mapper="default-permission-mapper">

      <realm name="application-properties"/>

   </security-domain>

   [...]

</subsystem>

   [...]



<http-authentication-factory name="application-security-http" security-domain="application-security" http-server-mechanism-factory="global">

   <mechanism-configuration>

      <mechanism mechanism-name="BASIC"/>

   </mechanism-configuration>

</http-authentication-factory>

[...]



<security-domains>

   <security-domain name="application-security" default-realm="application-properties" permission-mapper="default-permission-mapper">

      <realm name="application-properties"/>

    </security-domain>

   [...]

</security-domains>

[...]



<subsystem xmlns="urn:jboss:domain:security:2.0">

   <security-domains>

      <security-domain name="application-security">

         <authentication>

            <login-module code="UsersRoles" flag="required">

               <module-option name="usersProperties" value="file://${jboss.server.config.dir}/context-users.properties"/>

                <module-option name="rolesProperties" value="file://${jboss.server.config.dir}/context-roles.properties"/>

             </login-module>

          </authentication>

     </security-domain>

     [...]

</subsystem>

[...]



<subsystem xmlns="urn:boss:domain:undertow"...>

    <application-security-domains>

        <application-security-domain name="application-security" http-authentication-factory="application-security-http"/>

    </application-security-domains>

    [...]

</subsystem>


But i always get anonymous as principals.



What did i do wrong?






java java-ee ejb wildfly javabeans







share|improve this question
















I want to get the caller principal in an singleton from the logged in user. the user is authenticating against the rest service with username/password



the security domain is in the jboss-web.xml in the war



<security-domain>application-security</security-domain>


The endpoint in the war is:



@Path("/message/{message}")

public class MyRessource

{  

   @EJB

   MySingleton singletonBean;



   @GET

   public Response resource(@PathParam("message") String message)

   {        

        singletonBean.printText(message);

        System.out.println("called from: " + ctx.getUserPrincipal().getName());

}


the singleton is in an own project, and is provided as dependency at the war.



@Stateless

public class MySingletonBean implements MySingleton

{



    @Resource

    EJBContext context;



    @Resource

    SessionContext ctx;



  public void printText(String text) {

      System.out.println(text + ":: EJBContext: " + context.getCallerPrincipal().getName() + "  SessionContext: " + ctx.getCallerPrincipal().getName());      

  }



}


my web.xml:



<web-app>

    <security-role>

        <role-name>Admin</role-name>

    </security-role>



    <security-constraint>

        <web-resource-collection>

            <url-pattern>/*</url-pattern>

            <http-method-omission>OPTIONS</http-method-omission>

        </web-resource-collection>

        <auth-constraint>

            <role-name>Admin</role-name>

        </auth-constraint>

    </security-constraint>

    <login-config>

        <auth-method>BASIC</auth-method>

    </login-config>

</web-app>


standalone-full-ha.xml



<subsystem xmlns="urn:wildfly:elytron:5.0" ...>

   [...]

   <security-domain name="application-security" default-realm="application-properties" permission-mapper="default-permission-mapper">

      <realm name="application-properties"/>

   </security-domain>

   [...]

</subsystem>

   [...]



<http-authentication-factory name="application-security-http" security-domain="application-security" http-server-mechanism-factory="global">

   <mechanism-configuration>

      <mechanism mechanism-name="BASIC"/>

   </mechanism-configuration>

</http-authentication-factory>

[...]



<security-domains>

   <security-domain name="application-security" default-realm="application-properties" permission-mapper="default-permission-mapper">

      <realm name="application-properties"/>

    </security-domain>

   [...]

</security-domains>

[...]



<subsystem xmlns="urn:jboss:domain:security:2.0">

   <security-domains>

      <security-domain name="application-security">

         <authentication>

            <login-module code="UsersRoles" flag="required">

               <module-option name="usersProperties" value="file://${jboss.server.config.dir}/context-users.properties"/>

                <module-option name="rolesProperties" value="file://${jboss.server.config.dir}/context-roles.properties"/>

             </login-module>

          </authentication>

     </security-domain>

     [...]

</subsystem>

[...]



<subsystem xmlns="urn:boss:domain:undertow"...>

    <application-security-domains>

        <application-security-domain name="application-security" http-authentication-factory="application-security-http"/>

    </application-security-domains>

    [...]

</subsystem>


But i always get anonymous as principals.



What did i do wrong?






java java-ee ejb wildfly javabeans




java java-ee ejb wildfly javabeans






share|improve this question















share|improve this question













share|improve this question




share|improve this question








edited Jan 17 at 14:31







auryn31

















asked Jan 16 at 14:36









auryn31auryn31

359117




359117













  • Do you have any security configuration in your web.xml? Typically you will only see a Principal when the accessed resource has been protected by a security constraint.

    – Steve C
    Jan 17 at 1:49











  • yes, my web.xml contains the security-role, the security-constraint and the login-config.

    – auryn31
    Jan 17 at 9:41






  • 1





    Please add these snippets to your question

    – Steve C
    Jan 17 at 13:23











  • i added the web.xml content

    – auryn31
    Jan 17 at 13:37






  • 1





    Please show your security configuration in WildFly

    – Steve C
    Jan 17 at 13:44



















  • Do you have any security configuration in your web.xml? Typically you will only see a Principal when the accessed resource has been protected by a security constraint.

    – Steve C
    Jan 17 at 1:49











  • yes, my web.xml contains the security-role, the security-constraint and the login-config.

    – auryn31
    Jan 17 at 9:41






  • 1





    Please add these snippets to your question

    – Steve C
    Jan 17 at 13:23











  • i added the web.xml content

    – auryn31
    Jan 17 at 13:37






  • 1





    Please show your security configuration in WildFly

    – Steve C
    Jan 17 at 13:44

















Do you have any security configuration in your web.xml? Typically you will only see a Principal when the accessed resource has been protected by a security constraint.

– Steve C
Jan 17 at 1:49





Do you have any security configuration in your web.xml? Typically you will only see a Principal when the accessed resource has been protected by a security constraint.

– Steve C
Jan 17 at 1:49













yes, my web.xml contains the security-role, the security-constraint and the login-config.

– auryn31
Jan 17 at 9:41





yes, my web.xml contains the security-role, the security-constraint and the login-config.

– auryn31
Jan 17 at 9:41




1




1





Please add these snippets to your question

– Steve C
Jan 17 at 13:23





Please add these snippets to your question

– Steve C
Jan 17 at 13:23













i added the web.xml content

– auryn31
Jan 17 at 13:37





i added the web.xml content

– auryn31
Jan 17 at 13:37




1




1





Please show your security configuration in WildFly

– Steve C
Jan 17 at 13:44





Please show your security configuration in WildFly

– Steve C
Jan 17 at 13:44












1 Answer
1






active

oldest

votes


















1














You have at least three problems here:




  1. <subsystem xmlns="urn:jboss:domain:security:2.0"> is a legacy configuration element that does not link up with elytron;


  2. You are completely missing the ejb3 security configuration;


  3. Your EJB method is not protected with @RolesAllowed(...).



I got a similar example working:





  1. Create an elytron properties realm: 



    /subsystem=elytron/properties-realm=DemoPropsRealm:add(groups-attribute=groups,
    
   groups-properties={
    
     path=demo-roles.properties,relative-to=jboss.server.config.dir},
    
   users-properties={
    
     path=demo-users.properties,relative-to=jboss.server.config.dir,plain-text=true})



  2. Create an elytron security domain: 



    /subsystem=elytron/security-domain=DemoDomain:add(
    
   realms=[{realm=DemoPropsRealm,role-decoder=groups-to-roles}],
    
   default-realm=DemoPropsRealm,permission-mapper=default-permission-mapper)



  3. Create an elytron http-authentication factory that is mapped to our DemoDomain:



    /subsystem=elytron/http-authentication-factory=demo-http-auth:add(
    
   http-server-mechanism-factory=global,
    
   security-domain=DemoDomain,
    
   mechanism-configurations=[{
    
     mechanism-name=BASIC,
    
     mechanism-realm-configurations=[{
    
       realm-name=DemoApplicationDomain
    
     }]
    
   }])



  4. Map an ejb3 subsystem application security domain to our DemoDomain



    /subsystem=ejb3/application-security-domain=
    
    DemoApplicationDomain:add(security-domain=DemoDomain)



  5. Link an undertow subsystem application security domain to our http-authentication-factory:



    /subsystem=undertow/application-security-domain=
    
    DemoApplicationDomain:add(http-authentication-factory=demo-http-auth)


    "DemoApplicationDomain" will be the realm name in the login-config element of the web.xml and the security-domain in the jboss-web.xml file.




  6. Declare the permitted roles on your EJB method:



    @RolesAllowed("Admin")
    
public void printText(String text) {
    
    System.out.println(text + ":: EJBContext: " + context.getCallerPrincipal().getName()
    
     + "  SessionContext: " + ctx.getCallerPrincipal().getName());      
    
}



Example source is in GitHub at jax-rs-basic-auth.






share|improve this answer


























  • Thanks a lot for your help!!!!

    – auryn31
    Jan 22 at 9:23











Your Answer






StackExchange.ifUsing("editor", function () {
StackExchange.using("externalEditor", function () {
StackExchange.using("snippets", function () {
StackExchange.snippets.init();
});
});
}, "code-snippets");

StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "1"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);

StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});

function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});


}
});














draft saved

draft discarded


















StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f54219391%2fwildfly-15-get-ejbcontext-in-singleton-from-jax-rs-logged-in-user%23new-answer', 'question_page');
}
);

Post as a guest















Required, but never shown

























1 Answer
1






active

oldest

votes








1 Answer
1






active

oldest

votes









active

oldest

votes






active

oldest

votes









1














You have at least three problems here:




  1. <subsystem xmlns="urn:jboss:domain:security:2.0"> is a legacy configuration element that does not link up with elytron;


  2. You are completely missing the ejb3 security configuration;


  3. Your EJB method is not protected with @RolesAllowed(...).



I got a similar example working:





  1. Create an elytron properties realm: 



    /subsystem=elytron/properties-realm=DemoPropsRealm:add(groups-attribute=groups,
    
   groups-properties={
    
     path=demo-roles.properties,relative-to=jboss.server.config.dir},
    
   users-properties={
    
     path=demo-users.properties,relative-to=jboss.server.config.dir,plain-text=true})



  2. Create an elytron security domain: 



    /subsystem=elytron/security-domain=DemoDomain:add(
    
   realms=[{realm=DemoPropsRealm,role-decoder=groups-to-roles}],
    
   default-realm=DemoPropsRealm,permission-mapper=default-permission-mapper)



  3. Create an elytron http-authentication factory that is mapped to our DemoDomain:



    /subsystem=elytron/http-authentication-factory=demo-http-auth:add(
    
   http-server-mechanism-factory=global,
    
   security-domain=DemoDomain,
    
   mechanism-configurations=[{
    
     mechanism-name=BASIC,
    
     mechanism-realm-configurations=[{
    
       realm-name=DemoApplicationDomain
    
     }]
    
   }])



  4. Map an ejb3 subsystem application security domain to our DemoDomain



    /subsystem=ejb3/application-security-domain=
    
    DemoApplicationDomain:add(security-domain=DemoDomain)



  5. Link an undertow subsystem application security domain to our http-authentication-factory:



    /subsystem=undertow/application-security-domain=
    
    DemoApplicationDomain:add(http-authentication-factory=demo-http-auth)


    "DemoApplicationDomain" will be the realm name in the login-config element of the web.xml and the security-domain in the jboss-web.xml file.




  6. Declare the permitted roles on your EJB method:



    @RolesAllowed("Admin")
    
public void printText(String text) {
    
    System.out.println(text + ":: EJBContext: " + context.getCallerPrincipal().getName()
    
     + "  SessionContext: " + ctx.getCallerPrincipal().getName());      
    
}



Example source is in GitHub at jax-rs-basic-auth.






share|improve this answer


























  • Thanks a lot for your help!!!!

    – auryn31
    Jan 22 at 9:23
















1














You have at least three problems here:




  1. <subsystem xmlns="urn:jboss:domain:security:2.0"> is a legacy configuration element that does not link up with elytron;


  2. You are completely missing the ejb3 security configuration;


  3. Your EJB method is not protected with @RolesAllowed(...).



I got a similar example working:





  1. Create an elytron properties realm: 



    /subsystem=elytron/properties-realm=DemoPropsRealm:add(groups-attribute=groups,
    
   groups-properties={
    
     path=demo-roles.properties,relative-to=jboss.server.config.dir},
    
   users-properties={
    
     path=demo-users.properties,relative-to=jboss.server.config.dir,plain-text=true})



  2. Create an elytron security domain: 



    /subsystem=elytron/security-domain=DemoDomain:add(
    
   realms=[{realm=DemoPropsRealm,role-decoder=groups-to-roles}],
    
   default-realm=DemoPropsRealm,permission-mapper=default-permission-mapper)



  3. Create an elytron http-authentication factory that is mapped to our DemoDomain:



    /subsystem=elytron/http-authentication-factory=demo-http-auth:add(
    
   http-server-mechanism-factory=global,
    
   security-domain=DemoDomain,
    
   mechanism-configurations=[{
    
     mechanism-name=BASIC,
    
     mechanism-realm-configurations=[{
    
       realm-name=DemoApplicationDomain
    
     }]
    
   }])



  4. Map an ejb3 subsystem application security domain to our DemoDomain



    /subsystem=ejb3/application-security-domain=
    
    DemoApplicationDomain:add(security-domain=DemoDomain)



  5. Link an undertow subsystem application security domain to our http-authentication-factory:



    /subsystem=undertow/application-security-domain=
    
    DemoApplicationDomain:add(http-authentication-factory=demo-http-auth)


    "DemoApplicationDomain" will be the realm name in the login-config element of the web.xml and the security-domain in the jboss-web.xml file.




  6. Declare the permitted roles on your EJB method:



    @RolesAllowed("Admin")
    
public void printText(String text) {
    
    System.out.println(text + ":: EJBContext: " + context.getCallerPrincipal().getName()
    
     + "  SessionContext: " + ctx.getCallerPrincipal().getName());      
    
}



Example source is in GitHub at jax-rs-basic-auth.






share|improve this answer


























  • Thanks a lot for your help!!!!

    – auryn31
    Jan 22 at 9:23














1












1








1







You have at least three problems here:




  1. <subsystem xmlns="urn:jboss:domain:security:2.0"> is a legacy configuration element that does not link up with elytron;


  2. You are completely missing the ejb3 security configuration;


  3. Your EJB method is not protected with @RolesAllowed(...).



I got a similar example working:





  1. Create an elytron properties realm: 



    /subsystem=elytron/properties-realm=DemoPropsRealm:add(groups-attribute=groups,
    
   groups-properties={
    
     path=demo-roles.properties,relative-to=jboss.server.config.dir},
    
   users-properties={
    
     path=demo-users.properties,relative-to=jboss.server.config.dir,plain-text=true})



  2. Create an elytron security domain: 



    /subsystem=elytron/security-domain=DemoDomain:add(
    
   realms=[{realm=DemoPropsRealm,role-decoder=groups-to-roles}],
    
   default-realm=DemoPropsRealm,permission-mapper=default-permission-mapper)



  3. Create an elytron http-authentication factory that is mapped to our DemoDomain:



    /subsystem=elytron/http-authentication-factory=demo-http-auth:add(
    
   http-server-mechanism-factory=global,
    
   security-domain=DemoDomain,
    
   mechanism-configurations=[{
    
     mechanism-name=BASIC,
    
     mechanism-realm-configurations=[{
    
       realm-name=DemoApplicationDomain
    
     }]
    
   }])



  4. Map an ejb3 subsystem application security domain to our DemoDomain



    /subsystem=ejb3/application-security-domain=
    
    DemoApplicationDomain:add(security-domain=DemoDomain)



  5. Link an undertow subsystem application security domain to our http-authentication-factory:



    /subsystem=undertow/application-security-domain=
    
    DemoApplicationDomain:add(http-authentication-factory=demo-http-auth)


    "DemoApplicationDomain" will be the realm name in the login-config element of the web.xml and the security-domain in the jboss-web.xml file.




  6. Declare the permitted roles on your EJB method:



    @RolesAllowed("Admin")
    
public void printText(String text) {
    
    System.out.println(text + ":: EJBContext: " + context.getCallerPrincipal().getName()
    
     + "  SessionContext: " + ctx.getCallerPrincipal().getName());      
    
}



Example source is in GitHub at jax-rs-basic-auth.






share|improve this answer















You have at least three problems here:




  1. <subsystem xmlns="urn:jboss:domain:security:2.0"> is a legacy configuration element that does not link up with elytron;


  2. You are completely missing the ejb3 security configuration;


  3. Your EJB method is not protected with @RolesAllowed(...).



I got a similar example working:





  1. Create an elytron properties realm: 



    /subsystem=elytron/properties-realm=DemoPropsRealm:add(groups-attribute=groups,
    
   groups-properties={
    
     path=demo-roles.properties,relative-to=jboss.server.config.dir},
    
   users-properties={
    
     path=demo-users.properties,relative-to=jboss.server.config.dir,plain-text=true})



  2. Create an elytron security domain: 



    /subsystem=elytron/security-domain=DemoDomain:add(
    
   realms=[{realm=DemoPropsRealm,role-decoder=groups-to-roles}],
    
   default-realm=DemoPropsRealm,permission-mapper=default-permission-mapper)



  3. Create an elytron http-authentication factory that is mapped to our DemoDomain:



    /subsystem=elytron/http-authentication-factory=demo-http-auth:add(
    
   http-server-mechanism-factory=global,
    
   security-domain=DemoDomain,
    
   mechanism-configurations=[{
    
     mechanism-name=BASIC,
    
     mechanism-realm-configurations=[{
    
       realm-name=DemoApplicationDomain
    
     }]
    
   }])



  4. Map an ejb3 subsystem application security domain to our DemoDomain



    /subsystem=ejb3/application-security-domain=
    
    DemoApplicationDomain:add(security-domain=DemoDomain)



  5. Link an undertow subsystem application security domain to our http-authentication-factory:



    /subsystem=undertow/application-security-domain=
    
    DemoApplicationDomain:add(http-authentication-factory=demo-http-auth)


    "DemoApplicationDomain" will be the realm name in the login-config element of the web.xml and the security-domain in the jboss-web.xml file.




  6. Declare the permitted roles on your EJB method:



    @RolesAllowed("Admin")
    
public void printText(String text) {
    
    System.out.println(text + ":: EJBContext: " + context.getCallerPrincipal().getName()
    
     + "  SessionContext: " + ctx.getCallerPrincipal().getName());      
    
}



Example source is in GitHub at jax-rs-basic-auth.







share|improve this answer














share|improve this answer



share|improve this answer








edited Jan 20 at 7:11

























answered Jan 20 at 6:42









Steve CSteve C

14.3k42032




14.3k42032













  • Thanks a lot for your help!!!!

    – auryn31
    Jan 22 at 9:23



















  • Thanks a lot for your help!!!!

    – auryn31
    Jan 22 at 9:23

















Thanks a lot for your help!!!!

– auryn31
Jan 22 at 9:23





Thanks a lot for your help!!!!

– auryn31
Jan 22 at 9:23




















draft saved

draft discarded




















































Thanks for contributing an answer to Stack Overflow!


  • Please be sure to answer the question. Provide details and share your research!

But avoid



  • Asking for help, clarification, or responding to other answers.

  • Making statements based on opinion; back them up with references or personal experience.


To learn more, see our tips on writing great answers.




draft saved


draft discarded














StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f54219391%2fwildfly-15-get-ejbcontext-in-singleton-from-jax-rs-logged-in-user%23new-answer', 'question_page');
}
);

Post as a guest















Required, but never shown





















































Required, but never shown














Required, but never shown












Required, but never shown







Required, but never shown

































Required, but never shown














Required, but never shown












Required, but never shown







Required, but never shown







-

Popular posts from this blog

Liquibase includeAll doesn't find base path

Image
0 while migrating a project from maven to gradle I ran in the following problem. My file structure looks like this: The changelog-master.xml includes the changelog-v1-0.xml, which then should include the directory v1-0 with following line: <includeAll path="src/main/resources/liquibase/changelogs/v1-0/" errorIfMissingOrEmpty="true" /> . This works just fine. This: <includeAll path="/liquibase/changelogs/v1-0/" errorIfMissingOrEmpty="true" relativeToChangelogFile="true" /> doesn't. I get following errormessage: Cannot find base path 'src/main/resources/liquibase/changelogs/changelog-v1-0.xml' with liquibase in version 3.6.2. I also tried the versions 3.6.0, 3.6.1 and 3.5.5. I am using gradle to build my project in version 4.9
Read more

How to use setInterval in EJS file?

Image
0 I have a problem with using setInterval in my EJS file, which is part of my nodejs app (with Express). I have created function getRandomSubarray , which chooses randomly subset of images from array. I want to change this subset every three seconds. This is problematic piece of my code: <%setInterval(function(){%> <%RandomSubrecipesImg=tools.getRandomSubarray(recipesImg,4)%> <div class="navbar-image-box col-sm-3 d-none d-sm-block"><img class="navbar-image" src="<%=RandomSubrecipesImg[0].replace('public',"")%>"></div> <div class="navbar-image-box col-sm-3 d-none d-sm-block"><img class="navbar-image" src="<%=RandomSubrecipesImg[1].replace('public',"")%>">&
Read more

Petrus Granier-Deferre

Image
Petrus Granier-Deferre (Lutetiae die 27 Iulii 1927 natus; ibidem die 16 Novembris 2007 mortuus) fuit moderator cinematographicus et dux scaenarum Francicus. Pelliculae selectae | 1961 : Le Petit Garçon de l'ascenseur 1962 : Les Aventures de Salavin (sous-titré Confession de minuit) 1965 : La Métamorphose des cloportes 1965 : Paris au mois d'août 1967 : Le Grand Dadais 1970 : La Horse 1971 : Le Chat 1971 : La Veuve Couderc 1973 : Le Fils 1973 : Le Train 1974 : La Race des seigneurs 1975 : La Cage 1975 : Adieu poulet 1976 : Une femme à sa fenêtre 1976 : Le Toubib 1981 : Une étrange affaire 1982 : L'Étoile du Nord 1983 : L'Ami de Vincent 1985 : L'Homme aux yeux d'argent 1986 : Cours privé 1987 : Noyade interdite 1988 : La Couleur du vent 1990 : L'Autrichienne 1995 : Le Petit Garçon 1992 : La Voix 1993 : Archipel 1995 : Maigret et la vente à la bougie (TV) 1996 : La Dernière Fête (TV) 1997 : Maigret et l'enfant de c
Read more