soteria icon indicating copy to clipboard operation
soteria copied to clipboard
verified publisher icon eclipse-ee4j

Principal obtained from EJBContext should be returned even if not assignable from CallerPrincipal

Open Skyllarr opened this issue 3 years ago • 0 comments

SubjectParser is not returning custom principals from EJBContext. SecurityContext.getCallerPrincipal delegates to EJBContext.getCallerPrincipal which obtains the custom principal correctly. This principal is then not returned because it is not of CallerPrincipal type here.

A custom principal from EJBContext should be returned whether it is of type CallerPrincipal or not, since there is no requirement for the principal from EJBContext to be CallerPrincipal.

Skyllarr avatar Nov 22 '22 11:11 Skyllarr