geronimo-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Sunny Saxena" <Sunny_Sax...@infosys.com>
Subject RE: handling JAAS callbacks
Date Thu, 15 Jun 2006 04:26:48 GMT
 Thank you David. The solution worked. :) 

-----Original Message-----
From: David Jencks [mailto:david_jencks@yahoo.com] 
Sent: Wednesday, June 14, 2006 8:51 PM
To: user@geronimo.apache.org
Subject: Re: handling JAAS callbacks


On Jun 13, 2006, at 11:32 PM, Sunny Saxena wrote:

> Aaron,
>
> 	If I stop the geronimo/j2ee-security module, and then run my
program, 
> it picks up the login module config file from the security module, and

> everything runs fine. But I don't want to do that. As you said, there 
> is a way to bypass geronimo's security... Can you please tell me how 
> can we do it for my specific application?
> 	Or is there a reason to why the j2ee security module in geronimo
is 
> doing that?

I don't have time right now to investigate thoroughly but I think what
you need to use is a DirectConfigurationEntry gbean with your login
module gbean.  The source is in the security module.

hope this points you in a useful direction david jencks

>
> Thanks
>
>
> -----Original Message-----
> From: ammulder@gmail.com [mailto:ammulder@gmail.com] On Behalf Of 
> Aaron Mulder
> Sent: Monday, June 12, 2006 5:49 PM
> To: user@geronimo.apache.org
> Subject: Re: handling JAAS callbacks
>
> So it sounds like right now your JAAS lookup is going through a 
> Geronimo login module, whether you like it or not.  The 
> DecouplingCallbackHandler is Geronimo's way of gathering all the input

> it needs in order to populate the various login modules that may be 
> configured for that security realm.  (So it should be passing the data

> on to your login module once it gathers it.)
>
> If I recall correctly, there is a way for you to bypass Geronimo's 
> plumbing entirely and call your login module directly, if that's what 
> you want to do.  But I don't remember exactly what the procedure is.
> Alan?
>
> Thanks,
>     Aaron
>
> On 6/12/06, Sunny Saxena <Sunny_Saxena@infosys.com> wrote:
>>
>>
>>
>> heya,
>>
>>     My application uses JAAS Login Modules for authentication. I have
> created a gbean in my geronimo-application.xml specifying the 
> loginmodule in it.
>> Now, at the point in my application, where the authentication takes
> place, the loginmodule class is found, but I get the following error.
>>
>> ERROR:::
>>
>> javax.security.auth.callback.UnsupportedCallbackException: DO NOT
> PROCEED WITH THIS LOGIN
>>         at
> org.apache.geronimo.security.jaas.server.DecouplingCallbackHandler.han
> dl
> e(DecouplingCallbackHandler.java:43)
>>         ...
>> javax.security.auth.login.LoginException: Error filling callback list
>>         at
> org.apache.geronimo.security.jaas.client.ServerLoginProxy.login
> (ServerLo
> ginProxy.java:78)
>>         at
> org.apache.geronimo.security.jaas.client.JaasLoginCoordinator.performL
> og
> in(JaasLoginCoordinator.java:189)
>>         at
> org.apache.geronimo.security.jaas.client.JaasLoginCoordinator.login
> (Jaas
> LoginCoordinator.java:113)
>>         at sun.reflect.NativeMethodAccessorImpl.invoke0(Native
>> Method)
>>         at
> sun.reflect.NativeMethodAccessorImpl.invoke
> (NativeMethodAccessorImpl.jav
> a:39)
>>         at
> sun.reflect.DelegatingMethodAccessorImpl.invoke
> (DelegatingMethodAccessor
> Impl.java:25)
>>         at java.lang.reflect.Method.invoke(Method.java:324)
>>         at
> javax.security.auth.login.LoginContext.invoke(LoginContext.java:675)
>>         at
> javax.security.auth.login.LoginContext.access$000(LoginContext.java: 
> 129)
>>         at
> javax.security.auth.login.LoginContext$4.run(LoginContext.java:610)
>>         at java.security.AccessController.doPrivileged(Native Method)
>>         at
> javax.security.auth.login.LoginContext.invokeModule
> (LoginContext.java:60
> 7)
>>         at
> javax.security.auth.login.LoginContext.login(LoginContext.java:534)
>>         ...
>> Caused by: java.lang.NullPointerException
>>         at java.lang.String.<init>(String.java:166)
>>         ...
>>
>>
>> Now, I got from Aaron's previous replies, that the "DO NOT PROCEED"
> error can be ignored.
>> But, now the "Error filling callback list" is causing the problem.
>>
>> My application has a custom callbackhandler. When my login module
> handles the callback through callbackHandler.handle(callbacks[]);, it 
> does not enter my custom callback handler's handle() method. On 
> priniting the classname of the callbackhandler used, I get the 
> DecouplingCallbackHandler of geronimo. How can I make it use my 
> customcallbackHandler??? Or is it something else that I may be 
> missing.
>>
>> Thanks
>> Sunny
>>
>>
>> **************** CAUTION - Disclaimer *****************  This e-mail 
>> contains PRIVILEGED AND CONFIDENTIAL INFORMATION intended solely for
> the use of the addressee(s). If you are not the intended recipient, 
> please notify the sender by e-mail and delete the original message.
> Further, you are not to copy, disclose, or distribute this e-mail or 
> its contents to any other person and any such actions are unlawful. 
> This e-mail may contain viruses. Infosys has taken every reasonable 
> precaution to minimize this risk, but is not liable for any damage you

> may sustain as a result of any virus in this e-mail. You should carry 
> out your own virus checks before opening the e-mail or attachment.
> Infosys reserves the right to monitor and review the content of all 
> messages sent to or from this e-mail address. Messages sent to or from

> this e-mail address may be stored on the Infosys e-mail system.
>>  ***INFOSYS******** End of Disclaimer ********INFOSYS***
>>


Mime
View raw message