OIDC in Wildfly 26 does not propagate security context to EJB

andriusk · June 14, 2022, 1:39pm

Hi,
We are moving to Wildfly 26. I switched from keycloak adapter to OIDC following

After login in a servlet, I get org.wildfly.security.http.oidc.OidcSecurityContext as http request attribute and I can see an authenticated user name and the roles.

But when I inject @Resource SessionContext in Stateless bean, sessionContext.getCallerPrincipal() is returned as org.wildfly.security.auth.principal.AnonymousPrincipal. Keycloak adapter used to return a KeycloakPrincipal with full info.

Any other configuration needed to propagate security to EJB level?

Thanks

Topic		Replies	Views
How to programmatically login from Wildfly/Elytron web application Securing applications authentication , oidc	0	73	October 31, 2024
IllegalStateException when using WildFly adapter with WildFly 26 Securing applications	2	1362	July 12, 2024
Keycloak + Wildfly Adapter -> Custom principal Getting advice	0	393	March 8, 2021
Is the keycloak adapter compatible / installable in wildfly domain mode? Configuring the server	1	445	March 25, 2020
Keycloak springboot not working when deploy as war again in Wildfly 24.0.1.Final	0	516	October 26, 2021

OIDC in Wildfly 26 does not propagate security context to EJB

Related topics