The download zip/tar.gz are available over here. Pick the latest possible build at the bottom of the page
https://repository.apache.org/content/groups/snapshots/org/apache/tomee/apache-tomee/8.0.7-SNAPSHOT/ Mind that we have some Maven issues with our build. So the build might be broken. -- Jean-Louis Monteiro http://twitter.com/jlouismonteiro http://www.tomitribe.com On Fri, Apr 23, 2021 at 10:58 AM Pramod (Jira) <[email protected]> wrote: > > [ > https://issues.apache.org/jira/browse/TOMEE-3725?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17330228#comment-17330228 > ] > > Pramod commented on TOMEE-3725: > ------------------------------- > > Can you please let us know where can I download 8.0.7-SNAPSHOT? > > > Returns invalid principal - Java EE Security - Inject > javax.security.enterprise.SecurityContext > > > ------------------------------------------------------------------------------------------------- > > > > Key: TOMEE-3725 > > URL: https://issues.apache.org/jira/browse/TOMEE-3725 > > Project: TomEE > > Issue Type: Bug > > Components: TomEE Core Server > > Affects Versions: 8.0.6 > > Reporter: Pramod > > Priority: Major > > Fix For: 8.0.6 > > > > > > We used apache-tomee-plume-8.0.6 for this issue reproduce. > > We use our own JASPIC implementation for security, which works fine so > far. It creates a CallerPrincipalCallback with subject and our own > AuthenticatedUser principal. But if we call in an EJB > ctx.getCallerPrincipal we get "GenericPrincipal" > > "getCallerPrincipal >[TomcatUser: > GenericPrincipal[XXXXX(JFOXXXST.administrator,JFOXXXST.users,)]]" > > > > & NOT AuthenticatedUser principal- It seems our REQUIRED principal is > not propagated correctly from servlet container to EJB container, the same > works fine in OpenLiberty 21.0.0.X > > > > After spending some more check in security - looks > like tomee-security-8.0.6.jar has below implementation which is returning > empty set - is this expected? or future implementation will be provided? > > public Principal getCallerPrincipal() > > { > > return this.securityService.getCallerPrincipal(); > > } > > public <T extends Principal> Set<T> getPrincipalsByType(Class<T> pType) > > { return Collections.emptySet(); } > > > > -- > This message was sent by Atlassian Jira > (v8.3.4#803005) >
