3 Replies Latest reply on Apr 9, 2009 4:58 PM by Richard Gwozdz

    Getting Callback Handler from LoginModule

    Jerrold Eads Newbie

      I have written my own callback handler, MD5UserNamePasswordCallbackHandler, that handles TextInputCallbacks. When I logon to the app server this handler is invoked. Later when a remote datasource is accessed via a session bean the connection information is renedered through another login module. Within this module I create a TextInputCallback and pass it to the handler that is passed in the initialization of the login module. It seems that by the time the callback handler reaches the second login module it is wrapped as javax.security.auth.login.LoginContext$SecureCallbackHandler and when I pass the callback to this handler it doesn't know how to handle a TextInputCallback? I want to use the callback to prompt the user to input username and password for the remote database connection. How do I cast the handler back to the initial callback handler that knows how to handle the callback?

      Thanks
      Jerry

        • 1. Re: Getting Callback Handler from LoginModule
          Scott Stark Master

          This is on the server side? It makes little sense in general to have a server side callback handler attempt to interact with a user input which is why the default CallbackHandler does not deal with TextInputCallbacks. You can change the CallbackHandler used by jboss by setting the CallbackHandlerClassName attribute on the JaasSecurityManagerService if you have a setup where this does make sense.

           <!-- JAAS security manager and realm mapping -->
           <mbean code="org.jboss.security.plugins.JaasSecurityManagerService"
           name="jboss.security:service=JaasSecurityManager">
           <attribute name="SecurityManagerClassName">
           org.jboss.security.plugins.JaasSecurityManager
           </attribute>
           <attribute name="CallbackHandlerClassName">
           com.dot.MyCallbackHandler
           </attribute>
           </mbean>
          



          • 2. Re: Getting Callback Handler from LoginModule
            Jerrold Eads Newbie

            Scott,
            You are correct the login module being used for the remote datasource is on the server and therefore has no connection with the client. I will have to make my API aware of the need for capturing a username and password from the user when a datasource with that type of authorization is accessed.

            Thanks
            Jerry

            • 3. Re: Getting Callback Handler from LoginModule
              Richard Gwozdz Newbie

              I have writen my own CallbackHandler and when I configure it in my jboss-service.xml file:

              <!-- JAAS security manager and realm mapping -->
               <mbean code="org.jboss.security.plugins.JaasSecurityManagerService"
               name="jboss.security:service=JaasSecurityManager">
               <attribute name="ServerMode">true</attribute>
               <attribute name="SecurityManagerClassName">org.jboss.security.plugins.JaasSecurityManager</attribute>
               <attribute name="DefaultUnauthenticatedPrincipal">anonymous</attribute>
               <attribute name="CallbackHandlerClassName">com.DbCallbackHandler</attribute>

              I am getting a No ClassLoaders found for: com.DbCallbackHandler.

              The class does exist in a jar on the server. Does it need to be placed in a special location?