TomEE security context is not getting propagated with WorkManagers

["seenu.atluri" <se...@gmail.com>]

Hi Romain,

We are using few async servlets so that when the request comes, it will be
processed by another thread from thread pool.It is working fine. but,
security context is not being propagated to EJB. We are always getting
principal name as guest from EJBContext. We do authentication suing
request.login().

I do agree that it is not recommended to create custom threads inside
container since context is not propagated properly. Java EE work managers
are intended to solve this issue. I tried with CommonJ WorkManger and
Execututor Service in TomEE. Still, security context is not being
propagated. 

Can you please advise?

Thanks & Regards,
Srinivas Atluri.



--
View this message in context: http://tomee-openejb.979440.n4.nabble.com/TomEE-security-context-is-not-getting-propagated-with-WorkManagers-tp4677483.html
Sent from the TomEE Dev mailing list archive at Nabble.com.

Re: TomEE security context is not getting propagated with WorkManagers

[Romain Manni-Bucau <rm...@gmail.com>]

Le 20 janv. 2016 23:43, "seenu.atluri" <se...@gmail.com> a écrit :
>
> Thanks for the quick turnaround Romain. When can we expect the next
release
> (7.0.0-M2)?
>

We are waiting for bval release thzn we ll go I guess.

> BTW, what is the difference between 1.7 and 7.0?
> I understand that 1.7 is based on JavaEE6 where as 7.0 is based on
javaEE7.
> version from 1.7 to 7.0 seems like a major jump.
>

Agree but users asked for it - we did a vote on the list.

> Once again, Thanks a lot for your timely response.
>
> Thanks & Regards,
> Srinivas Atluri.
>
>
>
> --
> View this message in context:
http://tomee-openejb.979440.n4.nabble.com/TomEE-security-context-is-not-getting-propagated-with-WorkManagers-tp4677483p4677504.html
> Sent from the TomEE Dev mailing list archive at Nabble.com.

Re: TomEE security context is not getting propagated with WorkManagers

["seenu.atluri" <se...@gmail.com>]

Thanks for the quick turnaround Romain. When can we expect the next release
(7.0.0-M2)?

BTW, what is the difference between 1.7 and 7.0?
I understand that 1.7 is based on JavaEE6 where as 7.0 is based on javaEE7.
version from 1.7 to 7.0 seems like a major jump.

Once again, Thanks a lot for your timely response.

Thanks & Regards,
Srinivas Atluri.



--
View this message in context: http://tomee-openejb.979440.n4.nabble.com/TomEE-security-context-is-not-getting-propagated-with-WorkManagers-tp4677483p4677504.html
Sent from the TomEE Dev mailing list archive at Nabble.com.

Re: TomEE security context is not getting propagated with WorkManagers

[Romain Manni-Bucau <rm...@gmail.com>]

Hi Srinivas,

for TomEE 1.7 not sure what to say, we can only propagate the security
context in the environment we know. ee-concurrency utilities is
like any custom executor service for JavaEE 6 (= not known).

for TomEE 7 it will get fixed for next release (
https://issues.apache.org/jira/browse/TOMEE-1695).



Romain Manni-Bucau
@rmannibucau <https://twitter.com/rmannibucau> |  Blog
<http://rmannibucau.wordpress.com> | Github <https://github.com/rmannibucau> |
LinkedIn <https://www.linkedin.com/in/rmannibucau> | Tomitriber
<http://www.tomitribe.com>

2016-01-20 9:48 GMT+01:00 seenu.atluri <se...@gmail.com>:

> Hi Romain,
>
> I created a sample app on top of tomee example "rest-jaas". It is
> exhibiting
> the same behavior. Security context is not being propagated when request is
> processed asynchronously. Otherwise, it is working fine.
>
> Here is the sample I created.
>
> https://github.com/atluri64/tomee-jaas
>
> Try accessing the URL "http://localhost:8080/rest-jaas/async" to test it.
>
> Thanks & Regards,
> Srinivas Atluri.
>
>
>
> --
> View this message in context:
> http://tomee-openejb.979440.n4.nabble.com/TomEE-security-context-is-not-getting-propagated-with-WorkManagers-tp4677483p4677502.html
> Sent from the TomEE Dev mailing list archive at Nabble.com.
>

Re: TomEE security context is not getting propagated with WorkManagers

["seenu.atluri" <se...@gmail.com>]

Hi Romain,

I created a sample app on top of tomee example "rest-jaas". It is exhibiting
the same behavior. Security context is not being propagated when request is
processed asynchronously. Otherwise, it is working fine. 

Here is the sample I created. 

https://github.com/atluri64/tomee-jaas

Try accessing the URL "http://localhost:8080/rest-jaas/async" to test it.

Thanks & Regards,
Srinivas Atluri.



--
View this message in context: http://tomee-openejb.979440.n4.nabble.com/TomEE-security-context-is-not-getting-propagated-with-WorkManagers-tp4677483p4677502.html
Sent from the TomEE Dev mailing list archive at Nabble.com.

Re: TomEE security context is not getting propagated with WorkManagers

[Romain Manni-Bucau <rm...@gmail.com>]

2016-01-19 16:48 GMT+01:00 seenu.atluri <se...@gmail.com>:

> Thanks for the reply Romain and Sorry for addressing the post directly to
> you.
>
> We are using DataSource Realm. It is working fine if the same thread makes
> call to the EJB. The problem arises when we use Async servlet and process
> the request asynchronously with a separate thread.
>
> Do you mean it would work fine if we use JAAS instead of DataSource Realm?
>
>
Should yes. If you have a sample we can dig further if we miss something
more.


> Thanks & Regards,
> Srinivas Atluri.
>
>
>
> --
> View this message in context:
> http://tomee-openejb.979440.n4.nabble.com/TomEE-security-context-is-not-getting-propagated-with-WorkManagers-tp4677483p4677491.html
> Sent from the TomEE Dev mailing list archive at Nabble.com.
>

Re: TomEE security context is not getting propagated with WorkManagers

["seenu.atluri" <se...@gmail.com>]

Thanks for the reply Romain and Sorry for addressing the post directly to
you.

We are using DataSource Realm. It is working fine if the same thread makes
call to the EJB. The problem arises when we use Async servlet and process
the request asynchronously with a separate thread.

Do you mean it would work fine if we use JAAS instead of DataSource Realm?

Thanks & Regards,
Srinivas Atluri.



--
View this message in context: http://tomee-openejb.979440.n4.nabble.com/TomEE-security-context-is-not-getting-propagated-with-WorkManagers-tp4677483p4677491.html
Sent from the TomEE Dev mailing list archive at Nabble.com.

Re: TomEE security context is not getting propagated with WorkManagers

[Romain Manni-Bucau <rm...@gmail.com>]

Hi

if you dont use jaas as realm in tomcat it is normal.


Romain Manni-Bucau
@rmannibucau <https://twitter.com/rmannibucau> |  Blog
<http://rmannibucau.wordpress.com> | Github <https://github.com/rmannibucau> |
LinkedIn <https://www.linkedin.com/in/rmannibucau> | Tomitriber
<http://www.tomitribe.com>

2016-01-19 12:07 GMT+01:00 seenu.atluri <se...@gmail.com>:

> Hi Romain,
>
> We are using few async servlets so that when the request comes, it will be
> processed by another thread from thread pool.It is working fine. but,
> security context is not being propagated to EJB. We are always getting
> principal name as guest from EJBContext. We do authentication suing
> request.login().
>
> I do agree that it is not recommended to create custom threads inside
> container since context is not propagated properly. Java EE work managers
> are intended to solve this issue. I tried with CommonJ WorkManger and
> Execututor Service in TomEE. Still, security context is not being
> propagated.
>
> Can you please advise?
>
> Thanks & Regards,
> Srinivas Atluri.
>
>
>
> --
> View this message in context:
> http://tomee-openejb.979440.n4.nabble.com/TomEE-security-context-is-not-getting-propagated-with-WorkManagers-tp4677483.html
> Sent from the TomEE Dev mailing list archive at Nabble.com.
>