Playground for troubleshooting security context propagation in remote EJB calls.
- Keycloak admin (http://localhost:8180/admin/): admin / admin
- Wildfly OIDC admin (http://localhost:9990/): admin / admin
- Wildfly Keycloak Adapter admin (http://localhost:9991/): admin / admin
- Example user in elitron realm: johndoe / johndoe
1. Build maven project
mvn clean install2. Start docker containers
docker compose up3. Deploy artifacts
mvn wildfly:deploy-only4. Run ServletTest or execute tests via cli
mvn verify -DskipTests=falseThe result of the tests will show, that with usage of Keycloak Adapter, the Remote EJB gets a resolved principal.
Sending request to: http://localhost:8081/service-one/
HTTP Status: 200
HTTP principal: Name: 9302f4a1-5f37-4699-9971-ca6ff56bebc6, Type: org.keycloak.KeycloakPrincipal
Local EJB principal: Name: 9302f4a1-5f37-4699-9971-ca6ff56bebc6, Type: org.keycloak.KeycloakPrincipal
Remote EJB principal: Name: 9302f4a1-5f37-4699-9971-ca6ff56bebc6, Type: org.keycloak.KeycloakPrincipal
With out of the box standalone-full.xml, the Remote EJB principal remains anonymous.
Sending request to: http://localhost:8080/service-one/
HTTP Status: 200
HTTP principal: Name: 9302f4a1-5f37-4699-9971-ca6ff56bebc6, Type: org.wildfly.security.http.oidc.OidcPrincipal
Local EJB principal: Name: 9302f4a1-5f37-4699-9971-ca6ff56bebc6, Type: org.wildfly.security.http.oidc.OidcPrincipal
Remote EJB principal: Name: anonymous, Type: org.wildfly.security.auth.principal.AnonymousPrincipal
If any changes are made to source code use: mvn clean install wildfly:deploy-only
If any changes are made to a DockerFile:
- remove running containers:
docker compose down
- rebuild the project:
mvn clean install
- build new docker images:
docker compose build
- start docker containers:
docker compose up