incubator-jspwiki-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Andrew Jaquith <andrew.r.jaqu...@gmail.com>
Subject Re: unsupported callbacks? - almost done?
Date Mon, 06 Apr 2009 16:13:34 GMT
Lou -- can this wait until the 2.8.3 timeframe? I'd like to solve this
issue for you, and for others.

If you send me the patches (privately is ok), I'll use them as a starting point.

BTW, the short answer to your earlier question is that the
WikiCallbackHandler class needs to be able to support the
HttpRequestCallback and the WikiEngineCallback. But it's not so
simple, because it's instantiated via login(WikiSession,String,String)
which does not contain an HttpServletRequest parameter. So ultimately
the total set of tweaks we need are these:

- New constructor in WikiCallbackHandler that accepts an
HttpServletRequest, plus code that returns an HttpRequestCallback when
requested by a LoginModule
- New method in AuthenticationManager: login( HttpServletRequest,
String String ) that constructs the WikiCallbackHander with the
request

Doing these things will open up a lot of possibilities, including
writing an OpenID LoginModule (because it will be able to get access
to the request).

Andrew

On Mon, Apr 6, 2009 at 11:48 AM,  <Louis.Masters@log-net.com> wrote:
> Harry:
> Thanks.
>
> OK, I modified the source and created my own auth manager and callback
> handler.  I created an initial jsp page that calls the login:
>
>            if ( mgr.login( request ) )
>            {
>                log.debug( "mgr login OK for principal return " +
> wikiSession.getUserPrincipal().getName() + " and session id " +
> request.getSession().getId());
>            }
>            else
>            {
>                log.info( "Failed to authenticate user " +
> request.getParameter( "user" ) );
>            }
>
> This seems to be working OK (I get the following message):
>
> 11:41:22,516 INFO  [SecurityLog] WikiSecurityEvent.LOGIN_AUTHENTICATED
> [source=com.ecyrd.jspwiki.auth.AuthenticationManager@18c2ccd,
> princpal=com.ecyrd.jspwiki.auth.WikiPrincipal lmasters,
> target=com.ecyrd.jspwiki.WikiSession@1f05c75]
>
> However, at the bottom of my jsp, there is same redirect from the
> loginform jsp:
>
>        response.sendRedirect( viewUrl );
>
> This generates an error with my security:
>
> 11:41:22,547 ERROR [AnyoneAuthenticationLoginModule] General exception -
> not logging in.
> javax.security.auth.login.FailedLoginException: No user found to
> authenticate
>        at
> com.lognet.wiki.auth.login.AnyoneAuthenticationLoginModule.login(AnyoneAuthenticationLoginModule.java:96)
>        at
> com.ecyrd.jspwiki.auth.AuthenticationManager.doJAASLogin(AuthenticationManager.java:621)
>        at
> com.ecyrd.jspwiki.auth.AuthenticationManager.login(AuthenticationManager.java:271)
>        at
> com.ecyrd.jspwiki.ui.WikiServletFilter.doFilter(WikiServletFilter.java:156)
>        at
> com.ecyrd.jspwiki.ui.WikiJSPFilter.doFilter(WikiJSPFilter.java:111)
>
> It looks like the "WikiServletFilter" login can't find the subject or the
> session is messed up.  I'm at a loss as to where I should even start
> looking.  I'm adding the principals just like the user db login module:
>
>                m_principals.add( principal );
>                m_principals.add(Role.AUTHENTICATED);
>                m_principals.add(Role.ALL);  //added to debug
>                m_principalsToRemove.add(Role.AUTHENTICATED);  //added to
> debug
>                m_principalsToOverwrite.add(WikiPrincipal.GUEST);  //added
> to debug
>                m_principalsToOverwrite.add(Role.ANONYMOUS);  //added to
> debug
>                m_principalsToOverwrite.add(Role.ASSERTED);  //added to
> debug
>
> Have I missed a step?
>
> Thanks,
> Lou
>
>
>
>
>
> Harry Metske <harry.metske@gmail.com>
> 04/01/2009 02:37 PM
> Please respond to
> jspwiki-user@incubator.apache.org
>
>
> To
> jspwiki-user@incubator.apache.org
> cc
>
> Subject
> Re: unsupported callbacks?
>
>
>
>
>
>
> eeuuhh, I wouldn't know how, the only way I can think of is modifying the
> source and building it again. (AuthenticationManager has the reference to
> WikiCallbackHandler)
>
> (or I misunderstood your question...)
> Harry
>
>
> 2009/4/1 <Louis.Masters@log-net.com>
>
>> OK, thanks.  Is there any way to override/specify the CallbackHandler so
> I
>> don't need to mess around with the one in the JAR?
>>
>>
>>
>>
>>
>> Harry Metske <harry.metske@gmail.com>
>> 03/31/2009 03:18 PM
>> Please respond to
>> jspwiki-user@incubator.apache.org
>>
>>
>> To
>> jspwiki-user@incubator.apache.org
>> cc
>>
>> Subject
>> Re: unsupported callbacks?
>>
>>
>>
>>
>>
>>
>> I think you should add handling to the WikiCallbackHandler, actually
> that
>> already has been done for 3.0 to support TextOutput Callbacks.
>> See also https://issues.apache.org/jira/browse/JSPWIKI-464
>>
>> Harry
>>
>> 2009/3/27 <Louis.Masters@log-net.com>
>>
>> > I'm in the process of implementing a custom LoginModule and I ran into
>> an
>> > issue (maybe).  I need to access the HTTPRequest and possibly the
>> > WikiEngine so I included them as callbacks:
>> >
>> >
>> > HttpRequestCallback hcb = new HttpRequestCallback();
>> > WikiEngineCallback wcb = new WikiEngineCallback();
>> >  Callback[] callbacks = new Callback[]{ hcb, wcb };
>> >
>> > The trouble is, when I try the "handle" call, it excepts with the
>> > following:
>> >
>> > javax.security.auth.callback.UnsupportedCallbackException
>> >        at
>> >
>> >
>>
>>
> com.ecyrd.jspwiki.auth.login.WikiCallbackHandler.handle(WikiCallbackHandler.java:89)
>> >        at
>> >
>> >
>>
>>
> com.lognet.wiki.auth.login.AnyoneAuthenticationLoginModule.login(AnyoneAuthenticationLoginModule.java:36)
>> >
>> > I noticed the WikiCallbackHandler.java only supports UserDatabase,
> Name
>> > and Password callbacks - do I need to add handling for theHttpRequest
>> and
>> > WikiEngine or should I create a custom callback handler and use it?
>> Sorry
>> > if this is a simple question, but I am new to writing LoginModules and
>> > callbacks.
>> >
>> > Thanks,
>> > Lou
>> >
>> >
>> > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>> > LOG-NET, Inc.
>> > The Logistics Network Management System
>> > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>> > 230 Half Mile Road
>> > Third Floor
>> > Red Bank, NJ 07701
>> > PH: 732-758-6800
>> > FAX: 732-747-7497
>> > http://www.LOG-NET.com
>> > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>> > CONFIDENTIAL & PRIVILEGED
>> > Unless otherwise indicated or if obvious from the nature of the
> content,
>> > the information contained herein is privileged and confidential
>> > information/work product. The communication is intended for the use of
>> the
>> > individual or entity named above.  If the reader of this transmission
> is
>> > not the intended recipient, you are  hereby notified that any
>> > dissemination, distribution or copying of this communication is
> strictly
>> > prohibited.  If you have received this communication in error, please
>> > notify the sender immediately by telephone (732-758-6800) or by
>> electronic
>> > mail (postmaster@LOG-NET.com), and destroy any copies, electronic,
> paper
>> > or otherwise, which you may have of this communication.  Thank you.
>> > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>>
>>
>
>

Mime
View raw message