Hi Jon In meecrowave and in geronimo tck we adapted owb spi impl to use a request scope impl of the provider, tomee has to do the same
Le ven. 2 nov. 2018 14:53, Jonathan Gallimore <[email protected]> a écrit : > Following up on a discussion on the TomEE mailing list here: > http://tomee-openejb.979440.n4.nabble.com/MicroProfile-JWT-1-1-td4684741.html > > I have created a PR with an additional test for principal injection: > https://github.com/apache/geronimo-jwt-auth/pull/3 > > This tests injection with two different tokens for two different requests > to ensure the correct principal is injected into the endpoint. At present > this test fails - as far as I can see, the ProviderBasedProducer used by > the PrincipalBean in OWB caches the Principal object returned, so > subsequent calls always get the first Principal fetched from the security > service. > > Although I suspect it may be an OWB issue, I am posting here first in case > its a configuration issue or similar that I am missing. I'm happy to follow > up on the OWB list. Using this change in OWB, this additional test does > pass. https://github.com/apache/openwebbeans/pull/12 > > Please note, I initially ran into this while working on TomEE, but I don't > believe this is a TomEE specific issue. The test I have added doesn't use > TomEE in any way (it should be using OWB/Meecrowave), and should run with a > simple "mvn clean install" on the geronimo-jwt-auth project. > > My build output is attached for reference. > > I'm happy to do further investigation, and could probably put together a > sample using the pure Geronimo JWT library and Meecrowave if that helps. > > Jon >
