1 Reply Latest reply on Nov 6, 2009 10:44 AM by mwx.dennis

Cannot use custom CallbackHandler with LoginContext

mwx.dennis Nov 5, 2009 12:07 PM

I'm connecting to a JBoss 5.1.0.GA from a standalone client. I use a custom LoginModule. This is my client side security config:

admin-securitydomain {
 org.jboss.security.ClientLoginModule required;
};

This is my client side login code:

URL authenticationConfigURL = getClass().getResource(AUTH_PROP_CONFIG_FILENAME);
System.setProperty(AUTH_PROP_KEY, authenticationConfigURL.toExternalForm());
LoginCallbackHandler callbackHandler = new LoginCallbackHandler(username, password, Role.ADMINISTRATOR, Market.de);
LoginContext loginContext = new LoginContext(SECURITY_DOMAIN, callbackHandler);
loginContext.login();

I'd like to use my own CallbackHandler but it doesn't work as expected - the CallbackHandler that is passed into the LoginModule is of type javax.security.auth.login.LoginContext$SecureCallbackHandler.

As a consequence, when I try to login, I get a

javax.security.auth.callback.UnsupportedCallbackException: Unrecognized Callback
at org.jboss.security.auth.callback.JBossCallbackHandler.handle(JBossCallbackHandler.java:126)
at javax.security.auth.login.LoginContext$SecureCallbackHandler$1.run(LoginContext.java:955)
...

Any ideas how I can fix this?

1. Re: Cannot use custom CallbackHandler with LoginContext

mwx.dennis Nov 6, 2009 10:44 AM (in response to mwx.dennis)

I guess the actual problem is the ClientLoginModule - it only handles username and password callbacks but I have two additional ones. My problem is that I'm not sure how the ClientLoginModule (which I'm supposed to use?!) relates to my custom LoginModule so I'm quite helpless here :-/
Actions