ConnectionSecurityContext.getConnectionPrincipals() leads to IllegalStateException

Solution Verified - Updated 14 Jun 2024

Environment

Red Hat JBoss Enterprise Application Platform (JBoss EAP)
- 7.2.3

Issue

If a server instance is configured without a SecurityRealm to allow anonymous access, the call to ConnectionSecurityContext.getConnectionPrincipals() causes an IllegalStateException.

Resolution

There is a bug opened under Content from issues.jboss.org is not included.JBEAP-17658.
A permanent fix is expected in JBoss EAP 7.2.7 and will be included in JBoss EAP 7.3.0

Root Cause

When no realm is available, the constructor of new RealmUser(realm, principal.getName()) throws an IllegalStateException.

SBR

JBoss Security

Product(s)

Red Hat JBoss Enterprise Application Platform

Components

authentication

Category

Troubleshoot

Tags

security

This solution is part of Red Hat’s fast-track publication program, providing a huge library of solutions that Red Hat engineers have created while supporting our customers. To give you the knowledge you need the instant it becomes available, these articles may be presented in a raw and unedited form.