Hi Sergey, Thanks for the reply! It does not report a user principal. I can try the ContainerRequestFilter or if the UriInfo is also accessible from the MessageContext I might be able to bypass the code that breaks as well.
Regards Kiren On Wed, May 6, 2015 at 12:47 PM, Sergey Beryozkin <[email protected]> wrote: > Hi Kiren, > > sorry for a delay. > is the actual security context is returned as null or it does not report a > user principal ? > > If it is the latter then it would explain it, the default SecurityContext > is set at the HTTP transport level which is bypassed in the local case. > > What you can do though is to register a pre-matching > ContainerRequestFilter and set a custom SecurityContext from there; the > filter has the access to UriInfo, so you can check if the address is not > http-based and then set a custom context to cover the local path... > > HTH > Sergey > > On 04/05/15 16:17, Kiren Pillay wrote: > >> Hi All, >> >> I have a Webclient in one application calling a local endpoint of another >> application in the same container. >> >> It seems that the security context is being lost in the local call. Is >> there a way to preserve the Security Context? >> >> //Working >> 1. WebClient localClient = WebClient.create( >> "http://localhost:8080/xxx/rest", "test","test", null); >> >> //Not working >> 2. WebClient localClient = >> WebClient.create("local://rsservice/xxx/rest", "test", "test", null); >> >> //Code below breaks because it depends on the security worker >> >> SecurityUser securityUser = securityWorker >> >> .lookupSecurityUser(messageContext.getSecurityContext()); >> >> My application config below. >> >> >> <!-- local transport --> >> <jaxrs:server id="localRestContainer" >> address="local://rsservice/xxx/rest" >> transportId="http://cxf.apache.org/transports/local"> >> <jaxrs:serviceBeans> >> <ref bean="service1" /> >> <ref bean="service2" /> >> </jaxrs:serviceBeans> >> <jaxrs:providers> >> <ref bean="jaxbProvider" /> >> <ref bean="xxxExceptionMapper" /> >> <ref bean="xxxRuntimeExceptionMapper" /> >> </jaxrs:providers> >> >> Regards >> Kiren >> >> > > -- > Sergey Beryozkin > > Talend Community Coders > http://coders.talend.com/ > > Blog: http://sberyozkin.blogspot.com >
