Bug 983942 - Security context is not propagated between service calls
Security context is not propagated between service calls
Product: JBoss Fuse Service Works 6
Classification: JBoss
Component: SwitchYard (Show other bugs)
6.0.0 GA
Unspecified Unspecified
unspecified Severity high
: ER7
: 6.0.0
Assigned To: David Ward
Jiri Pechanec
Depends On:
  Show dependency treegraph
Reported: 2013-07-12 07:04 EDT by Jiri Pechanec
Modified: 2014-06-16 19:48 EDT (History)
3 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed:
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)
modified example (17.03 KB, application/x-compressed-tar)
2013-07-12 07:05 EDT, Jiri Pechanec
no flags Details

External Trackers
Tracker ID Priority Status Summary Last Updated
JBoss Issue Tracker SWITCHYARD-1729 Major Closed Security context is not propagated between service calls 2015-05-27 15:25:51 EDT

  None (edit)
Description Jiri Pechanec 2013-07-12 07:04:49 EDT
I have modified a policy-security-basic quickstart to contain one more service BackEndService that is called from WorkService.

If the BackEnd service does not contain a security policy, everything works fine. I set a policy to require authorization and then the example broken. According to enabled message trace there is a security context present in IN phase of WorkService

------- Begin Message Trace -------
Consumer -> {urn:switchyard-quickstart-demo:policy-security-basic:0.1.0}WorkService
Provider -> [unassigned]
Operation -> doWork
Phase -> IN
State -> OK
Exchange Context -> 
        org.switchyard.exchangeInitiatedNS.start : 27373040619054
        org.switchyard.bus.camel.replyHandler : org.switchyard.SynchronousInOutHandler@12028316
        org.switchyard.bus.camel.phase : IN
        org.switchyard.bus.camel.dispatcher : org.switchyard.bus.camel.ExchangeDispatcher@25bcdbcd
        org.switchyard.bus.camel.consumer : ServiceReference [name={urn:switchyard-quickstart-demo:policy-security-basic:0.1.0}WorkService, interface=BaseServiceInterface [type=wsdl, operations=[doWork : IN_OUT : [{urn:switchyard-quickstart-demo:policy-security-basic:0.1.0}doWork, {urn:switchyard-quickstart-demo:policy-security-basic:0.1.0}doWorkResponse, null]]], domain=ServiceDomain [name=null]]
        org.switchyard.bus.camel.securityContext : SecurityContext[credentials=[NameCredentialImpl [name=kermit], ConfidentialityCredential [confidential=true], PasswordCredentialImpl [password=**********]], securityDomainsToSubjects={}]
        org.switchyard.bus.camel.contract : org.switchyard.metadata.BaseExchangeContract@1cb6ceb5
        CamelCreatedTimestamp : Fri Jul 12 12:54:11 CEST 2013
        CamelToEndpoint : direct://%7Burn:switchyard-quickstart-demo:policy-security-basic:0.1.0%7DWorkService
Message Context -> 
        org.switchyard.bus.camel.labels : {org.switchyard.contentType=[org.switchyard.label.behavior.transient], org.switchyard.bus.camel.messageSent=[TRANSIENT]}
        org.switchyard.bus.camel.messageSent : true
        org.switchyard.messageId : ID-jpechane-44660-1373621375570-11-1
        org.switchyard.soap.messageName : doWork
        breadcrumbId : ID-jpechane-44660-1373621375570-11-1
        org.switchyard.contentType : {urn:switchyard-quickstart-demo:policy-security-basic:0.1.0}doWork
Message Content -> 
<?xml version="1.0" encoding="UTF-8"?><policy-security-basic:doWork xmlns:policy-security-basic="urn:switchyard-quickstart-demo:policy-security-basic:0.1.0">
------ End Message Trace -------

But when the BackEnd service is called then the security context is already missing

------- Begin Message Trace -------
Consumer -> {urn:switchyard-quickstart-demo:policy-security-basic:0.1.0}BackEndService
Provider -> [unassigned]
Operation -> process
Phase -> IN
State -> OK
Exchange Context -> 
        org.switchyard.bus.camel.dispatcher : org.switchyard.bus.camel.ExchangeDispatcher@69c99f97
        org.switchyard.bus.camel.phase : IN
        CamelCreatedTimestamp : Fri Jul 12 12:54:11 CEST 2013
        org.switchyard.bus.camel.labels : {org.switchyard.policy.required=[org.switchyard.label.behavior.transient]}
        CamelToEndpoint : direct://%7Burn:switchyard-quickstart-demo:policy-security-basic:0.1.0%7DBackEndService
        org.switchyard.bus.camel.contract : org.switchyard.metadata.BaseExchangeContract@455f2645
        org.switchyard.bus.camel.consumer : ServiceReference [name={urn:switchyard-quickstart-demo:policy-security-basic:0.1.0}BackEndService, interface=BaseServiceInterface [type=java, operations=[process : IN_OUT : [java:java.lang.String, java:java.lang.String, null]]], domain=ServiceDomain [name=null]]
        org.switchyard.exchangeInitiatedNS.start : 27373047075956
        org.switchyard.bus.camel.replyHandler : org.switchyard.SynchronousInOutHandler@340ca8c3
        org.switchyard.policy.required : [authorization]
Message Context -> 
        org.switchyard.contentType : java:java.lang.String
        org.switchyard.bus.camel.labels : {org.switchyard.contentType=[org.switchyard.label.behavior.transient], org.switchyard.bus.camel.messageSent=[TRANSIENT]}
        org.switchyard.bus.camel.messageSent : true
        org.switchyard.messageId : ID-jpechane-44660-1373621375570-11-3
        breadcrumbId : ID-jpechane-44660-1373621375570-11-3
Message Content -> 
------ End Message Trace -------
12:54:11,466 INFO  [org.switchyard.handlers.MessageTrace] (http-/
Comment 1 Jiri Pechanec 2013-07-12 07:05:31 EDT
Created attachment 772642 [details]
modified example
Comment 2 Keith Babo 2013-08-02 11:01:03 EDT
David - there are actually a number of things in play here:

1) Access to the security context itself in downstream services.
2) Interpretation of policy requirements for downstream services.

That second one is tricky since the downstream service could be a reference binding.  We should probably meet up on this and discuss some options to pull it all together.
Comment 3 David Ward 2013-08-09 10:30:07 EDT
I'm not saying this is desired behavior moving forward, but I will say this is EXPECTED behavior currently. Specifically, the SecurityContext is not propagated across Service boundaries.  Because I didn't know what people wanted originally, I went with the "more safe" option.  I can foresee, though, some kind of flag saying "propagate" the SecurityContext.  Yes, we should meet to talk about this.
Comment 8 JBoss JIRA Server 2013-10-24 10:57:03 EDT
Keith Babo <kbabo@redhat.com> made a comment on jira SWITCHYARD-1729

Comment 9 Jiri Pechanec 2013-12-18 04:33:56 EST
Verified in ER7
Comment 10 JBoss JIRA Server 2014-06-16 19:48:39 EDT
Keith Babo <kbabo@redhat.com> updated the status of jira SWITCHYARD-1729 to Closed

Note You need to log in before you can comment on or make changes to this bug.