I am trying to get the contexts Principal from the AccessControlContext as documented on stackexchange <http://stackoverflow.com/questions/20970380/get-current-user-in-an-osgi-context-fuse-karaf> .
Unfortunately whenever I retrieve the subject using the current AccessControlContext, the subject is null. I basically create a very simple jaxrs server and register the CXF JAASAuthenticationFilter with the server: <bean id="authenticationFilter" class="org.apache.cxf.jaxrs.security.JAASAuthenticationFilter"> <property name="contextName" value="karaf" /> </bean> <jaxrs:server id="echoResource" address="/rest/echo"> <jaxrs:serviceBeans> <bean class="org.apache.karaf.jaas.modules.mongo.test.EchoServiceImpl" /> </jaxrs:serviceBeans> <jaxrs:providers> <ref component-id="authenticationFilter" /> </jaxrs:providers> </jaxrs:server> When I execute the REST service, I try to get the Subject in the code as below but it is always null: AccessControlContext acc = AccessController.getContext();if (acc == null) { throw new RuntimeException("access control context is null"); } Subject subject = Subject.getSubject(acc);if (subject == null) { throw new RuntimeException("subject is null"); } Interestingly if I inject the javax.ws.rs.core.SecurityContext into the CXF REST service, I do get a security principal. public Response echo(@Context SecurityContext context) { Principal user = context.getUserPrincipal(); } Is there another configuration required in Karaf or is this a bug in either Karaf or CXF? Would love to hear if anyone else came across this. Cheers, Niels BTW: I tried the same in karaf 2.3.9, 2.4.1 and 3.0.2 with exact same result.