rzo1 commented on code in PR #2807:
URL: https://github.com/apache/cxf/pull/2807#discussion_r2818685842
##########
rt/transports/http/src/main/java/org/apache/cxf/transport/http/AbstractHTTPDestination.java:
##########
@@ -416,23 +416,24 @@ private boolean isWSAddressingReplyToSpecified(Exchange
ex) {
inMessage.put(Message.FIXED_PARAMETER_ORDER, isFixedParameterOrder());
inMessage.put(Message.ASYNC_POST_RESPONSE_DISPATCH, Boolean.TRUE);
- SecurityContext httpSecurityContext = new SecurityContext() {
+ final HttpServletRequest reqFromInMessage =
(HttpServletRequest)exchange.getInMessage().get(HTTP_REQUEST);
+ final SecurityContext httpSecurityContext = new SecurityContext() {
Review Comment:
@reta I think, that this change lead to some issues in TomEE. Some details
are here: https://lists.apache.org/thread/bfxq109lwqzht7x8hlrjgltogh79t9sh (due
to caching the principal early instead of evaluating it on demand (after some
processing has happened). For us in TomEE, it leads to some downstream issues
in the MicroProfile JWT TCK.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
