Mailing-List: contact user-help@geronimo.apache.org; run by ezmlm
Precedence: bulk
Reply-To: user@geronimo.apache.org
Received-SPF: pass (asf.osuosl.org: domain of ammulder@gmail.com designates
 64.233.184.237 as permitted sender)
DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws;
        s=beta; d=gmail.com;
        h=received:message-id:date:from:sender:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references:x-google-sender-auth;
        b=S7DwveaJzoM/2hx+GbumEi2s5vYTXxP29ygq9QF1MOLn44jPp8gIDMFeYCEyZyILRvldevGgcAWC3bPFM4m3iN6on5gwWVxW9bkAsF+BrJZ6D2nRv/ImuQAGgG38F86ACM3HbuOkcSuvUvEY2CHzVI2CtXxHMcWAC5CsObfFiNU=
Message-ID: <74e15baa0606120518r1fdf807dyda0d1bc526a3b81b@mail.gmail.com>
Date: Mon, 12 Jun 2006 08:18:33 -0400
From: "Aaron Mulder" <ammulder@alumni.princeton.edu>
Sender: ammulder@gmail.com
To: user@geronimo.apache.org
Subject: Re: handling JAAS callbacks
In-Reply-To: 
 <AC2BF25044F0BD49AE8CF34898FC52B80102702B@HYDHTCMSG01.ad.infosys.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
References: 
 <AC2BF25044F0BD49AE8CF34898FC52B80102702B@HYDHTCMSG01.ad.infosys.com>

So it sounds like right now your JAAS lookup is going through a
Geronimo login module, whether you like it or not.  The
DecouplingCallbackHandler is Geronimo's way of gathering all the input
it needs in order to populate the various login modules that may be
configured for that security realm.  (So it should be passing the data
on to your login module once it gathers it.)

If I recall correctly, there is a way for you to bypass Geronimo's
plumbing entirely and call your login module directly, if that's what
you want to do.  But I don't remember exactly what the procedure is.
Alan?

Thanks,
    Aaron

On 6/12/06, Sunny Saxena <Sunny_Saxena@infosys.com> wrote:
>
>
>
> heya,
>
>     My application uses JAAS Login Modules for authentication. I have created a gbean in my geronimo-application.xml specifying the loginmodule in it.
> Now, at the point in my application, where the authentication takes place, the loginmodule class is found, but I get the following error.
>
> ERROR:::
>
> javax.security.auth.callback.UnsupportedCallbackException: DO NOT PROCEED WITH THIS LOGIN
>         at org.apache.geronimo.security.jaas.server.DecouplingCallbackHandler.handle(DecouplingCallbackHandler.java:43)
>         ...
> javax.security.auth.login.LoginException: Error filling callback list
>         at org.apache.geronimo.security.jaas.client.ServerLoginProxy.login(ServerLoginProxy.java:78)
>         at org.apache.geronimo.security.jaas.client.JaasLoginCoordinator.performLogin(JaasLoginCoordinator.java:189)
>         at org.apache.geronimo.security.jaas.client.JaasLoginCoordinator.login(JaasLoginCoordinator.java:113)
>         at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
>         at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
>         at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
>         at java.lang.reflect.Method.invoke(Method.java:324)
>         at javax.security.auth.login.LoginContext.invoke(LoginContext.java:675)
>         at javax.security.auth.login.LoginContext.access$000(LoginContext.java:129)
>         at javax.security.auth.login.LoginContext$4.run(LoginContext.java:610)
>         at java.security.AccessController.doPrivileged(Native Method)
>         at javax.security.auth.login.LoginContext.invokeModule(LoginContext.java:607)
>         at javax.security.auth.login.LoginContext.login(LoginContext.java:534)
>         ...
> Caused by: java.lang.NullPointerException
>         at java.lang.String.<init>(String.java:166)
>         ...
>
>
> Now, I got from Aaron's previous replies, that the "DO NOT PROCEED" error can be ignored.
> But, now the "Error filling callback list" is causing the problem.
>
> My application has a custom callbackhandler. When my login module handles the callback through callbackHandler.handle(callbacks[]);, it does not enter my custom callback handler's handle() method. On priniting the classname of the callbackhandler used, I get the DecouplingCallbackHandler of geronimo. How can I make it use my customcallbackHandler??? Or is it something else that I may be missing.
>
> Thanks
> Sunny
>
>
> **************** CAUTION - Disclaimer *****************
>  This e-mail contains PRIVILEGED AND CONFIDENTIAL INFORMATION intended solely for the use of the addressee(s). If you are not the intended recipient, please notify the sender by e-mail and delete the original message. Further, you are not to copy, disclose, or distribute this e-mail or its contents to any other person and any such actions are unlawful. This e-mail may contain viruses. Infosys has taken every reasonable precaution to minimize this risk, but is not liable for any damage you may sustain as a result of any virus in this e-mail. You should carry out your own virus checks before opening the e-mail or attachment. Infosys reserves the right to monitor and review the content of all messages sent to or from this e-mail address. Messages sent to or from this e-mail address may be stored on the Infosys e-mail system.
>  ***INFOSYS******** End of Disclaimer ********INFOSYS***
>