jackrabbit-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Michal Borowiecki (JIRA)" <j...@apache.org>
Subject [jira] Commented: (JCR-1584) JAAS login fails with javax.jcr.LoginException: CallbackHandler does not support: javax.security.auth.callback.NameCallback
Date Tue, 13 May 2008 11:18:55 GMT

    [ https://issues.apache.org/jira/browse/JCR-1584?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12596358#action_12596358
] 

Michal Borowiecki commented on JCR-1584:
----------------------------------------

I have narrowed this down to the code in the login method od RepositoryImpl:

 if (credentials == null) {
                // null credentials, obtain the identity of the already-authenticated
                // subject from access control context
                AccessControlContext acc = AccessController.getContext();
                Subject subject = Subject.getSubject(acc);
                if (subject != null) {
                    return createSession(subject, workspaceName);
                }
            }
            // login either using JAAS or our own LoginModule
            AuthContext authCtx;
            LoginModuleConfig lmc = repConfig.getLoginModuleConfig();
            if (lmc == null) {
                authCtx = new AuthContext.JAAS(repConfig.getAppName(), credentials);
            } else {
                authCtx = new AuthContext.Local(
                        lmc.getLoginModule(), lmc.getParameters(), credentials);
            }
            authCtx.login();

AuthContext.JAAS.login() is only called if Subject.getSubject(acc) returns null.

I verifed it and in fact is returns null in my code as well.
The code using the repository is in an ejb module.
The security-domain is configured in jboss.xml and works correctly.

Perhaps some more configuration is required?
I'll try to investigate.


> JAAS login fails with javax.jcr.LoginException: CallbackHandler does not support: javax.security.auth.callback.NameCallback
> ---------------------------------------------------------------------------------------------------------------------------
>
>                 Key: JCR-1584
>                 URL: https://issues.apache.org/jira/browse/JCR-1584
>             Project: Jackrabbit
>          Issue Type: Bug
>    Affects Versions: 1.4
>         Environment: jackrabbit-jca-1.4.rar
> JBoss-4.0.5.GA
> jdk1.6
>            Reporter: Michal Borowiecki
>
> Security configured according to http://wiki.apache.org/jackrabbit/JackrabbitOnJbossSecurity
> login() is invoked on Repository with no Credentials in order to use JAAS (according
to JCR specification section 6.9.1 JAAS), like this:
> Session session = repository.login();
> An exception is thrown:
> javax.resource.ResourceException: Failed to create session: CallbackHandler does not
support: javax.security.auth.callback.NameCallback@1b012c1: CallbackHandler does not support:
javax.security.auth.callback.NameCallback@1b012c1
>         at org.apache.jackrabbit.jca.JCAManagedConnectionFactory.openSession(JCAManagedConnectionFactory.java:145)
>         at org.apache.jackrabbit.jca.JCAManagedConnectionFactory.createManagedConnection(JCAManagedConnectionFactory.java:176)
>         at org.apache.jackrabbit.jca.JCAManagedConnectionFactory.createManagedConnection(JCAManagedConnectionFactory.java:168)
>         at org.jboss.resource.connectionmanager.InternalManagedConnectionPool.createConnectionEventListener(InternalManagedConnectionPool.java:565)
>         at org.jboss.resource.connectionmanager.InternalManagedConnectionPool.getConnection(InternalManagedConnectionPool.java:250)
>         at org.jboss.resource.connectionmanager.JBossManagedConnectionPool$BasePool.getConnection(JBossManagedConnectionPool.java:529)
>         at org.jboss.resource.connectionmanager.BaseConnectionManager2.getManagedConnection(BaseConnectionManager2.java:341)
>         at org.jboss.resource.connectionmanager.TxConnectionManager.getManagedConnection(TxConnectionManager.java:301)
>         at org.jboss.resource.connectionmanager.BaseConnectionManager2.allocateConnection(BaseConnectionManager2.java:396)
>         at org.jboss.resource.connectionmanager.BaseConnectionManager2$ConnectionManagerProxy.allocateConnection(BaseConnectionManager2.java:842)
>         at org.apache.jackrabbit.jca.JCARepositoryHandle.login(JCARepositoryHandle.java:98)
>         at org.apache.jackrabbit.jca.JCARepositoryHandle.login(JCARepositoryHandle.java:89)
>         at org.apache.jackrabbit.jca.JCARepositoryHandle.login(JCARepositoryHandle.java:65)
> ...
> Caused by: javax.jcr.LoginException: CallbackHandler does not support: javax.security.auth.callback.NameCallback@1b012c1:
CallbackHandler does not support: javax.security.auth.callback.NameCallback@1b012c1: CallbackHandler
does not support: javax.security.auth.callback.NameCallback@1b012c1
>         at org.apache.jackrabbit.core.RepositoryImpl.login(RepositoryImpl.java:1240)
>         at org.apache.jackrabbit.jca.JCAManagedConnectionFactory.openSession(JCAManagedConnectionFactory.java:140)
>         ... 139 more
> Caused by: javax.security.auth.login.LoginException: CallbackHandler does not support:
javax.security.auth.callback.NameCallback@1b012c1
>         at org.jboss.security.auth.spi.UsernamePasswordLoginModule.getUsernameAndPassword(UsernamePasswordLoginModule.java:299)
>         at org.jboss.security.auth.spi.UsernamePasswordLoginModule.login(UsernamePasswordLoginModule.java:181)
>         at sun.reflect.GeneratedMethodAccessor324.invoke(Unknown Source)
>         at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
>         at java.lang.reflect.Method.invoke(Method.java:597)
>         at javax.security.auth.login.LoginContext.invoke(LoginContext.java:769)
>         at javax.security.auth.login.LoginContext.access$000(LoginContext.java:186)
>         at javax.security.auth.login.LoginContext$4.run(LoginContext.java:683)
>         at java.security.AccessController.doPrivileged(Native Method)
>         at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680)
>         at javax.security.auth.login.LoginContext.login(LoginContext.java:579)
>         at org.apache.jackrabbit.core.security.AuthContext$JAAS.login(AuthContext.java:88)
>         at org.apache.jackrabbit.core.RepositoryImpl.login(RepositoryImpl.java:1232)
>         ... 140 more
> Caused by: javax.security.auth.callback.UnsupportedCallbackException: Unrecognized Callback
>         at org.apache.jackrabbit.core.security.CredentialsCallbackHandler.handle(CredentialsCallbackHandler.java:68)
>         at javax.security.auth.login.LoginContext$SecureCallbackHandler$1.run(LoginContext.java:955)
>         at java.security.AccessController.doPrivileged(Native Method)
>         at javax.security.auth.login.LoginContext$SecureCallbackHandler.handle(LoginContext.java:951)
>         at org.jboss.security.auth.spi.UsernamePasswordLoginModule.getUsernameAndPassword(UsernamePasswordLoginModule.java:280)
>         ... 152 more

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.


Mime
View raw message