Why does JBoss EAP 6 and 7 lose the run-as (@RunAs) identity when an unsecured EJB is in the call stack?

Solution In Progress - Updated -

Issue

Why does JBoss EAP 6 and 7 lose the run-as (@RunAs) identity when an unsecured EJB is in the call stack?

unsecured web app (RunAs: JBossAdmin) -> unsecured HelloBean EJB -> secured GoodBye EJB (RolesAllowed: JBossAdmin)

This will fail (access to the GoodBye EJB is denied) as the unsecured ejb causes the RunAs identity to get dropped/lost.

Environment

  • Red Hat JBoss Enterprise Application Platform (EAP)
    • 6
    • 7

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase of over 48,000 articles and solutions.

Current Customers and Partners

Log in for full access

Log In
Close

Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.