Bug 1243553

Summary: [GSS] (6.4.z) Reuse authenticated subject from incoming context when security domains match
Product: [JBoss] JBoss Enterprise Application Platform 6 Reporter: Derek Horton <dehort>
Component: SecurityAssignee: Derek Horton <dehort>
Status: CLOSED CURRENTRELEASE QA Contact: Ondrej Lukas <olukas>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 6.4.0CC: anmiller, bdawidow, bmaxwell, cdewolf, darran.lofthouse, istudens, jkudrnac, msvehla, pskopek, thofman
Target Milestone: CR1   
Target Release: EAP 6.4.4   
Hardware: Unspecified   
OS: Unspecified   
URL: https://github.com/jbossas/jboss-eap/pull/2544
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
: 1265805 (view as bug list) Environment:
Last Closed: Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 1235744, 1258075, 1265805    
Deadline: 2015-09-11   

Description Derek Horton 2015-07-15 19:01:15 UTC 
Description of problem:

If a web app and ejb belong to the same security-domain, the user is unnecessarily reauthenticated when the web app invokes an ejb.

This can cause issues when the web app is configured to use JASPI.
Comment 1 Derek Horton 2015-07-15 19:18:26 UTC 
6.4.x PR
https://github.com/jbossas/jboss-eap/pull/2480

Upstream is already merged
https://github.com/wildfly/wildfly/pull/7469
Comment 4 Derek Horton 2015-09-10 19:22:56 UTC 
New 6.4.x PR
https://github.com/jbossas/jboss-eap/pull/2544

Upstream is already merged
https://github.com/wildfly/wildfly/pull/7469
Comment 5 Ondrej Lukas 2015-09-23 11:20:52 UTC 
Verified in EAP 6.4.4.CP.CR3.
Comment 6 Petr Penicka 2017-01-17 10:51:24 UTC 
Retroactively bulk-closing issues from released EAP 6.4 cumulative patches.
Comment 7 Petr Penicka 2017-01-17 10:51:28 UTC 
Retroactively bulk-closing issues from released EAP 6.4 cumulative patches.