geronimo-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From David Jencks <david_jen...@yahoo.com>
Subject Re: handling JAAS callbacks
Date Wed, 14 Jun 2006 15:20:45 GMT

On Jun 13, 2006, at 11:32 PM, Sunny Saxena wrote:

> Aaron,
>
> 	If I stop the geronimo/j2ee-security module, and then run my
> program, it picks up the login module config file from the security
> module, and everything runs fine. But I don't want to do that. As you
> said, there is a way to bypass geronimo's security... Can you please
> tell me how can we do it for my specific application?
> 	Or is there a reason to why the j2ee security module in geronimo
> is doing that?

I don't have time right now to investigate thoroughly but I think  
what you need to use is a DirectConfigurationEntry gbean with your  
login module gbean.  The source is in the security module.

hope this points you in a useful direction
david jencks

>
> Thanks
>
>
> -----Original Message-----
> From: ammulder@gmail.com [mailto:ammulder@gmail.com] On Behalf Of  
> Aaron
> Mulder
> Sent: Monday, June 12, 2006 5:49 PM
> To: user@geronimo.apache.org
> Subject: Re: handling JAAS callbacks
>
> So it sounds like right now your JAAS lookup is going through a  
> Geronimo
> login module, whether you like it or not.  The  
> DecouplingCallbackHandler
> is Geronimo's way of gathering all the input it needs in order to
> populate the various login modules that may be configured for that
> security realm.  (So it should be passing the data on to your login
> module once it gathers it.)
>
> If I recall correctly, there is a way for you to bypass Geronimo's
> plumbing entirely and call your login module directly, if that's what
> you want to do.  But I don't remember exactly what the procedure is.
> Alan?
>
> Thanks,
>     Aaron
>
> On 6/12/06, Sunny Saxena <Sunny_Saxena@infosys.com> wrote:
>>
>>
>>
>> heya,
>>
>>     My application uses JAAS Login Modules for authentication. I have
> created a gbean in my geronimo-application.xml specifying the
> loginmodule in it.
>> Now, at the point in my application, where the authentication takes
> place, the loginmodule class is found, but I get the following error.
>>
>> ERROR:::
>>
>> javax.security.auth.callback.UnsupportedCallbackException: DO NOT
> PROCEED WITH THIS LOGIN
>>         at
> org.apache.geronimo.security.jaas.server.DecouplingCallbackHandler.han 
> dl
> e(DecouplingCallbackHandler.java:43)
>>         ...
>> javax.security.auth.login.LoginException: Error filling callback list
>>         at
> org.apache.geronimo.security.jaas.client.ServerLoginProxy.login 
> (ServerLo
> ginProxy.java:78)
>>         at
> org.apache.geronimo.security.jaas.client.JaasLoginCoordinator.performL 
> og
> in(JaasLoginCoordinator.java:189)
>>         at
> org.apache.geronimo.security.jaas.client.JaasLoginCoordinator.login 
> (Jaas
> LoginCoordinator.java:113)
>>         at sun.reflect.NativeMethodAccessorImpl.invoke0(Native  
>> Method)
>>         at
> sun.reflect.NativeMethodAccessorImpl.invoke 
> (NativeMethodAccessorImpl.jav
> a:39)
>>         at
> sun.reflect.DelegatingMethodAccessorImpl.invoke 
> (DelegatingMethodAccessor
> Impl.java:25)
>>         at java.lang.reflect.Method.invoke(Method.java:324)
>>         at
> javax.security.auth.login.LoginContext.invoke(LoginContext.java:675)
>>         at
> javax.security.auth.login.LoginContext.access$000(LoginContext.java: 
> 129)
>>         at
> javax.security.auth.login.LoginContext$4.run(LoginContext.java:610)
>>         at java.security.AccessController.doPrivileged(Native Method)
>>         at
> javax.security.auth.login.LoginContext.invokeModule 
> (LoginContext.java:60
> 7)
>>         at
> javax.security.auth.login.LoginContext.login(LoginContext.java:534)
>>         ...
>> Caused by: java.lang.NullPointerException
>>         at java.lang.String.<init>(String.java:166)
>>         ...
>>
>>
>> Now, I got from Aaron's previous replies, that the "DO NOT PROCEED"
> error can be ignored.
>> But, now the "Error filling callback list" is causing the problem.
>>
>> My application has a custom callbackhandler. When my login module
> handles the callback through callbackHandler.handle(callbacks[]);, it
> does not enter my custom callback handler's handle() method. On
> priniting the classname of the callbackhandler used, I get the
> DecouplingCallbackHandler of geronimo. How can I make it use my
> customcallbackHandler??? Or is it something else that I may be  
> missing.
>>
>> Thanks
>> Sunny
>>
>>
>> **************** CAUTION - Disclaimer *****************  This e-mail
>> contains PRIVILEGED AND CONFIDENTIAL INFORMATION intended solely for
> the use of the addressee(s). If you are not the intended recipient,
> please notify the sender by e-mail and delete the original message.
> Further, you are not to copy, disclose, or distribute this e-mail  
> or its
> contents to any other person and any such actions are unlawful. This
> e-mail may contain viruses. Infosys has taken every reasonable
> precaution to minimize this risk, but is not liable for any damage you
> may sustain as a result of any virus in this e-mail. You should carry
> out your own virus checks before opening the e-mail or attachment.
> Infosys reserves the right to monitor and review the content of all
> messages sent to or from this e-mail address. Messages sent to or from
> this e-mail address may be stored on the Infosys e-mail system.
>>  ***INFOSYS******** End of Disclaimer ********INFOSYS***
>>


Mime
View raw message