Description of problem: Since EAP6.4.4, PolicyContext("javax.security.auth.subject.container") in CXF web service with STS returns null. Version-Release number of selected component (if applicable): How reproducible: Steps to Reproduce: 1. 2. 3. Actual results: Expected results: Additional info:
Created attachment 1279195 [details] SimpleSecurityManager.java.diff
Created attachment 1286401 [details] security domain settings
Created attachment 1286402 [details] JAX-WS settings
Created attachment 1286403 [details] STS Provider
Created attachment 1286404 [details] Service provider
Created attachment 1286406 [details] WS Client
Created attachment 1286407 [details] Exception thrown during test
Created attachment 1286408 [details] Output if all is good
How to reproduce: 1. Start EAP 6.4 2. Run jboss-cli.sh --file=add-security-domain.cli 3. Run jboss-cli.sh --file=add-jaxws-endpoint.cli 4. Restart server 5. Deploy STS Provider application 6. Deploy Service Provider application 7. Run WS client and observe server log. Actual results: exception is thrown (see attached exception.txt) Expected results: no exception should be thrown, method should be invoked and PolicyContext.getContext("javax.security.auth.Subject.container") should not be null see attached log output note: this result I got with applied fix
Regression tests passed Verified with EAP 6.4.20.CP.CR1