Darran Lofthouse
Darran Lofthouse
Following on the discussions under the issue https://github.com/jakartaee/security/issues/267 and related approved PR https://github.com/jakartaee/security/pull/268 I am raising this challenge to request the ability to ignore the results of the following test...
The server side of this test case requires "nimbus-jose-jwt" however it is not guaranteed that this will be available on the application server under test, the web application should bundle...
The published version of the specification specifies this method takes one or more methods: https://jakarta.ee/specifications/security/3.0/apidocs/jakarta.security/jakarta/security/enterprise/securitycontext#hasAccessToWebResource(java.lang.String,java.lang.String...) The tests in the TCK should be adhering to the published specification / API.
Thu purpose of this test is verifying that a CDI decorator can be applied to an existing authentication mechanism, the wrapping of the response message was to delay setting the...
This is instead of wrapping the HttpServletResponse.
Callers of this method are supposed to be able to assume they will receive back the instance they called. https://github.com/jakartaee/security/blob/master/api/src/main/java/jakarta/security/enterprise/authentication/mechanism/http/HttpMessageContext.java#L143-L151 However the wrapper returns the wrapped instance instead of itself....
https://issues.redhat.com/browse/WFCORE-5526
This is the initial analysis for the removal of the legacy security subsystem. https://issues.redhat.com/browse/WFLY-15199