Didn't help. Apparently the extra callbacks given to the handler are not automagically transferred between client and server even though the 'implements Serializable' would hint so...
Aarrgh! I just need to send a little extra across. How hard can that be?
I want to do the same thing with jboss+tomcat. How do you specify the classname of the custom CallbackHandler?
I want to do the same thing with jboss+tomcat. How do you specify the custom callbackhandler?
The JaasSecurityManagerService MBean has a configurable attribute "CallbackHandlerClassName". This MBean is configured in the server/.../conf/jboss-service.xml file. Find the section on the JaasSecurityManager service (about 1/2 way down) and add a tag like the following:
Note that this CallbackHandler will now be invoked for all server-side logins.
It would be nice if this could be added as an config option for each security realm, rather than just as a global option for the security service.
can a custom callbackhandler be used to make the loginmodule get info from the servletcontainer about current sessionId or number of sessions?