You are viewing a plain text version of this content. The canonical link for it is here.
Posted to user@jspwiki.apache.org by Lo...@log-net.com on 2009/03/27 16:01:15 UTC
unsupported callbacks?
I'm in the process of implementing a custom LoginModule and I ran into an
issue (maybe). I need to access the HTTPRequest and possibly the
WikiEngine so I included them as callbacks:
HttpRequestCallback hcb = new HttpRequestCallback();
WikiEngineCallback wcb = new WikiEngineCallback();
Callback[] callbacks = new Callback[]{ hcb, wcb };
The trouble is, when I try the "handle" call, it excepts with the
following:
javax.security.auth.callback.UnsupportedCallbackException
at
com.ecyrd.jspwiki.auth.login.WikiCallbackHandler.handle(WikiCallbackHandler.java:89)
at
com.lognet.wiki.auth.login.AnyoneAuthenticationLoginModule.login(AnyoneAuthenticationLoginModule.java:36)
I noticed the WikiCallbackHandler.java only supports UserDatabase, Name
and Password callbacks - do I need to add handling for theHttpRequest and
WikiEngine or should I create a custom callback handler and use it? Sorry
if this is a simple question, but I am new to writing LoginModules and
callbacks.
Thanks,
Lou
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
LOG-NET, Inc.
The Logistics Network Management System
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
230 Half Mile Road
Third Floor
Red Bank, NJ 07701
PH: 732-758-6800
FAX: 732-747-7497
http://www.LOG-NET.com
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
CONFIDENTIAL & PRIVILEGED
Unless otherwise indicated or if obvious from the nature of the content,
the information contained herein is privileged and confidential
information/work product. The communication is intended for the use of the
individual or entity named above. If the reader of this transmission is
not the intended recipient, you are hereby notified that any
dissemination, distribution or copying of this communication is strictly
prohibited. If you have received this communication in error, please
notify the sender immediately by telephone (732-758-6800) or by electronic
mail (postmaster@LOG-NET.com), and destroy any copies, electronic, paper
or otherwise, which you may have of this communication. Thank you.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Re: unsupported callbacks? - almost done?
Posted by Lo...@log-net.com.
Andrew:
This is great! Thanks.
I'll try it and let you know.
-Lou
Andrew Jaquith <an...@gmail.com>
04/07/2009 09:00 AM
Please respond to
jspwiki-user@incubator.apache.org
To
jspwiki-user@incubator.apache.org
cc
Subject
Re: unsupported callbacks? - almost done?
Lou --
I've made some changes to the local 2.8.3 branch that should work. The
tweaks I've made add support for HttpRequestCallback and
WikiEngineCallback to the WikiCallbackHandler; that is, for custom
authentication. This should also help you, and anyone else who has
needed access to request attributes (and the WikiEngine) from inside
LoginModules used with custom auth.
It's in the trunk now. If you check out the latest code, please let me
know if this helps you.
Andrew
On Mon, Apr 6, 2009 at 12:32 PM, <Lo...@log-net.com> wrote:
> Andrew:
>
> I've got an external deadline for this, so I'll try to push back a bit.
>
> I'll send you the files after I have cleaned them up a bit. The last
day
> or so has resulted in quite a bit of "trial and error" in my files.
>
> So far I have the following:
>
> CustomCallbackHandler: accepts WikiEngine engine, HttpServletRequest
> request, Authorizer authorizer - not sure if I am setting this up
> correctly, but it does set the engine and request OK.
> AnyoneAuthenticationLoginModule: my custom login module
> AuthenticationManager: a tweaked version that has:
>
> public final boolean login( HttpServletRequest request ) throws
> WikiSecurityException
>
> method and uses my custom callbackhandler:
>
> handler = new com.lognet.wiki.auth.login.CustomCallbackHandler(
> m_engine, request, authorizationMgr.getAuthorizer() );
>
> I just can't figure out where it is losing or not setting the
> subject/principals between the requests.
>
> -Lou
>
>
>
> Andrew Jaquith <an...@gmail.com>
> 04/06/2009 12:14 PM
> Please respond to
> jspwiki-user@incubator.apache.org
>
>
> To
> jspwiki-user@incubator.apache.org
> cc
>
> Subject
> Re: unsupported callbacks? - almost done?
>
>
>
>
>
>
> Lou -- can this wait until the 2.8.3 timeframe? I'd like to solve this
> issue for you, and for others.
>
> If you send me the patches (privately is ok), I'll use them as a
starting
> point.
>
> BTW, the short answer to your earlier question is that the
> WikiCallbackHandler class needs to be able to support the
> HttpRequestCallback and the WikiEngineCallback. But it's not so
> simple, because it's instantiated via login(WikiSession,String,String)
> which does not contain an HttpServletRequest parameter. So ultimately
> the total set of tweaks we need are these:
>
> - New constructor in WikiCallbackHandler that accepts an
> HttpServletRequest, plus code that returns an HttpRequestCallback when
> requested by a LoginModule
> - New method in AuthenticationManager: login( HttpServletRequest,
> String String ) that constructs the WikiCallbackHander with the
> request
>
> Doing these things will open up a lot of possibilities, including
> writing an OpenID LoginModule (because it will be able to get access
> to the request).
>
> Andrew
>
> On Mon, Apr 6, 2009 at 11:48 AM, <Lo...@log-net.com> wrote:
>> Harry:
>> Thanks.
>>
>> OK, I modified the source and created my own auth manager and callback
>> handler. I created an initial jsp page that calls the login:
>>
>> if ( mgr.login( request ) )
>> {
>> log.debug( "mgr login OK for principal return " +
>> wikiSession.getUserPrincipal().getName() + " and session id " +
>> request.getSession().getId());
>> }
>> else
>> {
>> log.info( "Failed to authenticate user " +
>> request.getParameter( "user" ) );
>> }
>>
>> This seems to be working OK (I get the following message):
>>
>> 11:41:22,516 INFO [SecurityLog] WikiSecurityEvent.LOGIN_AUTHENTICATED
>> [source=com.ecyrd.jspwiki.auth.AuthenticationManager@18c2ccd,
>> princpal=com.ecyrd.jspwiki.auth.WikiPrincipal lmasters,
>> target=com.ecyrd.jspwiki.WikiSession@1f05c75]
>>
>> However, at the bottom of my jsp, there is same redirect from the
>> loginform jsp:
>>
>> response.sendRedirect( viewUrl );
>>
>> This generates an error with my security:
>>
>> 11:41:22,547 ERROR [AnyoneAuthenticationLoginModule] General exception
-
>> not logging in.
>> javax.security.auth.login.FailedLoginException: No user found to
>> authenticate
>> at
>>
>
com.lognet.wiki.auth.login.AnyoneAuthenticationLoginModule.login(AnyoneAuthenticationLoginModule.java:96)
>> at
>>
>
com.ecyrd.jspwiki.auth.AuthenticationManager.doJAASLogin(AuthenticationManager.java:621)
>> at
>>
>
com.ecyrd.jspwiki.auth.AuthenticationManager.login(AuthenticationManager.java:271)
>> at
>>
>
com.ecyrd.jspwiki.ui.WikiServletFilter.doFilter(WikiServletFilter.java:156)
>> at
>> com.ecyrd.jspwiki.ui.WikiJSPFilter.doFilter(WikiJSPFilter.java:111)
>>
>> It looks like the "WikiServletFilter" login can't find the subject or
> the
>> session is messed up. I'm at a loss as to where I should even start
>> looking. I'm adding the principals just like the user db login module:
>>
>> m_principals.add( principal );
>> m_principals.add(Role.AUTHENTICATED);
>> m_principals.add(Role.ALL); //added to debug
>> m_principalsToRemove.add(Role.AUTHENTICATED); //added
to
>> debug
>> m_principalsToOverwrite.add(WikiPrincipal.GUEST);
> //added
>> to debug
>> m_principalsToOverwrite.add(Role.ANONYMOUS); //added to
>> debug
>> m_principalsToOverwrite.add(Role.ASSERTED); //added to
>> debug
>>
>> Have I missed a step?
>>
>> Thanks,
>> Lou
>>
>>
>>
>>
>>
>> Harry Metske <ha...@gmail.com>
>> 04/01/2009 02:37 PM
>> Please respond to
>> jspwiki-user@incubator.apache.org
>>
>>
>> To
>> jspwiki-user@incubator.apache.org
>> cc
>>
>> Subject
>> Re: unsupported callbacks?
>>
>>
>>
>>
>>
>>
>> eeuuhh, I wouldn't know how, the only way I can think of is modifying
> the
>> source and building it again. (AuthenticationManager has the reference
> to
>> WikiCallbackHandler)
>>
>> (or I misunderstood your question...)
>> Harry
>>
>>
>> 2009/4/1 <Lo...@log-net.com>
>>
>>> OK, thanks. Is there any way to override/specify the CallbackHandler
> so
>> I
>>> don't need to mess around with the one in the JAR?
>>>
>>>
>>>
>>>
>>>
>>> Harry Metske <ha...@gmail.com>
>>> 03/31/2009 03:18 PM
>>> Please respond to
>>> jspwiki-user@incubator.apache.org
>>>
>>>
>>> To
>>> jspwiki-user@incubator.apache.org
>>> cc
>>>
>>> Subject
>>> Re: unsupported callbacks?
>>>
>>>
>>>
>>>
>>>
>>>
>>> I think you should add handling to the WikiCallbackHandler, actually
>> that
>>> already has been done for 3.0 to support TextOutput Callbacks.
>>> See also https://issues.apache.org/jira/browse/JSPWIKI-464
>>>
>>> Harry
>>>
>>> 2009/3/27 <Lo...@log-net.com>
>>>
>>> > I'm in the process of implementing a custom LoginModule and I ran
> into
>>> an
>>> > issue (maybe). I need to access the HTTPRequest and possibly the
>>> > WikiEngine so I included them as callbacks:
>>> >
>>> >
>>> > HttpRequestCallback hcb = new HttpRequestCallback();
>>> > WikiEngineCallback wcb = new WikiEngineCallback();
>>> > Callback[] callbacks = new Callback[]{ hcb, wcb };
>>> >
>>> > The trouble is, when I try the "handle" call, it excepts with the
>>> > following:
>>> >
>>> > javax.security.auth.callback.UnsupportedCallbackException
>>> > at
>>> >
>>> >
>>>
>>>
>>
>
com.ecyrd.jspwiki.auth.login.WikiCallbackHandler.handle(WikiCallbackHandler.java:89)
>>> > at
>>> >
>>> >
>>>
>>>
>>
>
com.lognet.wiki.auth.login.AnyoneAuthenticationLoginModule.login(AnyoneAuthenticationLoginModule.java:36)
>>> >
>>> > I noticed the WikiCallbackHandler.java only supports UserDatabase,
>> Name
>>> > and Password callbacks - do I need to add handling for
theHttpRequest
>>> and
>>> > WikiEngine or should I create a custom callback handler and use it?
>>> Sorry
>>> > if this is a simple question, but I am new to writing LoginModules
> and
>>> > callbacks.
>>> >
>>> > Thanks,
>>> > Lou
>>> >
>>> >
>>> > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>>> > LOG-NET, Inc.
>>> > The Logistics Network Management System
>>> > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>>> > 230 Half Mile Road
>>> > Third Floor
>>> > Red Bank, NJ 07701
>>> > PH: 732-758-6800
>>> > FAX: 732-747-7497
>>> > http://www.LOG-NET.com
>>> > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>>> > CONFIDENTIAL & PRIVILEGED
>>> > Unless otherwise indicated or if obvious from the nature of the
>> content,
>>> > the information contained herein is privileged and confidential
>>> > information/work product. The communication is intended for the use
> of
>>> the
>>> > individual or entity named above. If the reader of this
transmission
>> is
>>> > not the intended recipient, you are hereby notified that any
>>> > dissemination, distribution or copying of this communication is
>> strictly
>>> > prohibited. If you have received this communication in error,
please
>>> > notify the sender immediately by telephone (732-758-6800) or by
>>> electronic
>>> > mail (postmaster@LOG-NET.com), and destroy any copies, electronic,
>> paper
>>> > or otherwise, which you may have of this communication. Thank you.
>>> > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>>>
>>>
>>
>>
>
>
Re: unsupported callbacks? - almost done?
Posted by Andrew Jaquith <an...@gmail.com>.
Lou --
I've made some changes to the local 2.8.3 branch that should work. The
tweaks I've made add support for HttpRequestCallback and
WikiEngineCallback to the WikiCallbackHandler; that is, for custom
authentication. This should also help you, and anyone else who has
needed access to request attributes (and the WikiEngine) from inside
LoginModules used with custom auth.
It's in the trunk now. If you check out the latest code, please let me
know if this helps you.
Andrew
On Mon, Apr 6, 2009 at 12:32 PM, <Lo...@log-net.com> wrote:
> Andrew:
>
> I've got an external deadline for this, so I'll try to push back a bit.
>
> I'll send you the files after I have cleaned them up a bit. The last day
> or so has resulted in quite a bit of "trial and error" in my files.
>
> So far I have the following:
>
> CustomCallbackHandler: accepts WikiEngine engine, HttpServletRequest
> request, Authorizer authorizer - not sure if I am setting this up
> correctly, but it does set the engine and request OK.
> AnyoneAuthenticationLoginModule: my custom login module
> AuthenticationManager: a tweaked version that has:
>
> public final boolean login( HttpServletRequest request ) throws
> WikiSecurityException
>
> method and uses my custom callbackhandler:
>
> handler = new com.lognet.wiki.auth.login.CustomCallbackHandler(
> m_engine, request, authorizationMgr.getAuthorizer() );
>
> I just can't figure out where it is losing or not setting the
> subject/principals between the requests.
>
> -Lou
>
>
>
> Andrew Jaquith <an...@gmail.com>
> 04/06/2009 12:14 PM
> Please respond to
> jspwiki-user@incubator.apache.org
>
>
> To
> jspwiki-user@incubator.apache.org
> cc
>
> Subject
> Re: unsupported callbacks? - almost done?
>
>
>
>
>
>
> Lou -- can this wait until the 2.8.3 timeframe? I'd like to solve this
> issue for you, and for others.
>
> If you send me the patches (privately is ok), I'll use them as a starting
> point.
>
> BTW, the short answer to your earlier question is that the
> WikiCallbackHandler class needs to be able to support the
> HttpRequestCallback and the WikiEngineCallback. But it's not so
> simple, because it's instantiated via login(WikiSession,String,String)
> which does not contain an HttpServletRequest parameter. So ultimately
> the total set of tweaks we need are these:
>
> - New constructor in WikiCallbackHandler that accepts an
> HttpServletRequest, plus code that returns an HttpRequestCallback when
> requested by a LoginModule
> - New method in AuthenticationManager: login( HttpServletRequest,
> String String ) that constructs the WikiCallbackHander with the
> request
>
> Doing these things will open up a lot of possibilities, including
> writing an OpenID LoginModule (because it will be able to get access
> to the request).
>
> Andrew
>
> On Mon, Apr 6, 2009 at 11:48 AM, <Lo...@log-net.com> wrote:
>> Harry:
>> Thanks.
>>
>> OK, I modified the source and created my own auth manager and callback
>> handler. I created an initial jsp page that calls the login:
>>
>> if ( mgr.login( request ) )
>> {
>> log.debug( "mgr login OK for principal return " +
>> wikiSession.getUserPrincipal().getName() + " and session id " +
>> request.getSession().getId());
>> }
>> else
>> {
>> log.info( "Failed to authenticate user " +
>> request.getParameter( "user" ) );
>> }
>>
>> This seems to be working OK (I get the following message):
>>
>> 11:41:22,516 INFO [SecurityLog] WikiSecurityEvent.LOGIN_AUTHENTICATED
>> [source=com.ecyrd.jspwiki.auth.AuthenticationManager@18c2ccd,
>> princpal=com.ecyrd.jspwiki.auth.WikiPrincipal lmasters,
>> target=com.ecyrd.jspwiki.WikiSession@1f05c75]
>>
>> However, at the bottom of my jsp, there is same redirect from the
>> loginform jsp:
>>
>> response.sendRedirect( viewUrl );
>>
>> This generates an error with my security:
>>
>> 11:41:22,547 ERROR [AnyoneAuthenticationLoginModule] General exception -
>> not logging in.
>> javax.security.auth.login.FailedLoginException: No user found to
>> authenticate
>> at
>>
> com.lognet.wiki.auth.login.AnyoneAuthenticationLoginModule.login(AnyoneAuthenticationLoginModule.java:96)
>> at
>>
> com.ecyrd.jspwiki.auth.AuthenticationManager.doJAASLogin(AuthenticationManager.java:621)
>> at
>>
> com.ecyrd.jspwiki.auth.AuthenticationManager.login(AuthenticationManager.java:271)
>> at
>>
> com.ecyrd.jspwiki.ui.WikiServletFilter.doFilter(WikiServletFilter.java:156)
>> at
>> com.ecyrd.jspwiki.ui.WikiJSPFilter.doFilter(WikiJSPFilter.java:111)
>>
>> It looks like the "WikiServletFilter" login can't find the subject or
> the
>> session is messed up. I'm at a loss as to where I should even start
>> looking. I'm adding the principals just like the user db login module:
>>
>> m_principals.add( principal );
>> m_principals.add(Role.AUTHENTICATED);
>> m_principals.add(Role.ALL); //added to debug
>> m_principalsToRemove.add(Role.AUTHENTICATED); //added to
>> debug
>> m_principalsToOverwrite.add(WikiPrincipal.GUEST);
> //added
>> to debug
>> m_principalsToOverwrite.add(Role.ANONYMOUS); //added to
>> debug
>> m_principalsToOverwrite.add(Role.ASSERTED); //added to
>> debug
>>
>> Have I missed a step?
>>
>> Thanks,
>> Lou
>>
>>
>>
>>
>>
>> Harry Metske <ha...@gmail.com>
>> 04/01/2009 02:37 PM
>> Please respond to
>> jspwiki-user@incubator.apache.org
>>
>>
>> To
>> jspwiki-user@incubator.apache.org
>> cc
>>
>> Subject
>> Re: unsupported callbacks?
>>
>>
>>
>>
>>
>>
>> eeuuhh, I wouldn't know how, the only way I can think of is modifying
> the
>> source and building it again. (AuthenticationManager has the reference
> to
>> WikiCallbackHandler)
>>
>> (or I misunderstood your question...)
>> Harry
>>
>>
>> 2009/4/1 <Lo...@log-net.com>
>>
>>> OK, thanks. Is there any way to override/specify the CallbackHandler
> so
>> I
>>> don't need to mess around with the one in the JAR?
>>>
>>>
>>>
>>>
>>>
>>> Harry Metske <ha...@gmail.com>
>>> 03/31/2009 03:18 PM
>>> Please respond to
>>> jspwiki-user@incubator.apache.org
>>>
>>>
>>> To
>>> jspwiki-user@incubator.apache.org
>>> cc
>>>
>>> Subject
>>> Re: unsupported callbacks?
>>>
>>>
>>>
>>>
>>>
>>>
>>> I think you should add handling to the WikiCallbackHandler, actually
>> that
>>> already has been done for 3.0 to support TextOutput Callbacks.
>>> See also https://issues.apache.org/jira/browse/JSPWIKI-464
>>>
>>> Harry
>>>
>>> 2009/3/27 <Lo...@log-net.com>
>>>
>>> > I'm in the process of implementing a custom LoginModule and I ran
> into
>>> an
>>> > issue (maybe). I need to access the HTTPRequest and possibly the
>>> > WikiEngine so I included them as callbacks:
>>> >
>>> >
>>> > HttpRequestCallback hcb = new HttpRequestCallback();
>>> > WikiEngineCallback wcb = new WikiEngineCallback();
>>> > Callback[] callbacks = new Callback[]{ hcb, wcb };
>>> >
>>> > The trouble is, when I try the "handle" call, it excepts with the
>>> > following:
>>> >
>>> > javax.security.auth.callback.UnsupportedCallbackException
>>> > at
>>> >
>>> >
>>>
>>>
>>
> com.ecyrd.jspwiki.auth.login.WikiCallbackHandler.handle(WikiCallbackHandler.java:89)
>>> > at
>>> >
>>> >
>>>
>>>
>>
> com.lognet.wiki.auth.login.AnyoneAuthenticationLoginModule.login(AnyoneAuthenticationLoginModule.java:36)
>>> >
>>> > I noticed the WikiCallbackHandler.java only supports UserDatabase,
>> Name
>>> > and Password callbacks - do I need to add handling for theHttpRequest
>>> and
>>> > WikiEngine or should I create a custom callback handler and use it?
>>> Sorry
>>> > if this is a simple question, but I am new to writing LoginModules
> and
>>> > callbacks.
>>> >
>>> > Thanks,
>>> > Lou
>>> >
>>> >
>>> > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>>> > LOG-NET, Inc.
>>> > The Logistics Network Management System
>>> > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>>> > 230 Half Mile Road
>>> > Third Floor
>>> > Red Bank, NJ 07701
>>> > PH: 732-758-6800
>>> > FAX: 732-747-7497
>>> > http://www.LOG-NET.com
>>> > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>>> > CONFIDENTIAL & PRIVILEGED
>>> > Unless otherwise indicated or if obvious from the nature of the
>> content,
>>> > the information contained herein is privileged and confidential
>>> > information/work product. The communication is intended for the use
> of
>>> the
>>> > individual or entity named above. If the reader of this transmission
>> is
>>> > not the intended recipient, you are hereby notified that any
>>> > dissemination, distribution or copying of this communication is
>> strictly
>>> > prohibited. If you have received this communication in error, please
>>> > notify the sender immediately by telephone (732-758-6800) or by
>>> electronic
>>> > mail (postmaster@LOG-NET.com), and destroy any copies, electronic,
>> paper
>>> > or otherwise, which you may have of this communication. Thank you.
>>> > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>>>
>>>
>>
>>
>
>
Re: unsupported callbacks? - almost done?
Posted by Lo...@log-net.com.
Andrew:
I've got an external deadline for this, so I'll try to push back a bit.
I'll send you the files after I have cleaned them up a bit. The last day
or so has resulted in quite a bit of "trial and error" in my files.
So far I have the following:
CustomCallbackHandler: accepts WikiEngine engine, HttpServletRequest
request, Authorizer authorizer - not sure if I am setting this up
correctly, but it does set the engine and request OK.
AnyoneAuthenticationLoginModule: my custom login module
AuthenticationManager: a tweaked version that has:
public final boolean login( HttpServletRequest request ) throws
WikiSecurityException
method and uses my custom callbackhandler:
handler = new com.lognet.wiki.auth.login.CustomCallbackHandler(
m_engine, request, authorizationMgr.getAuthorizer() );
I just can't figure out where it is losing or not setting the
subject/principals between the requests.
-Lou
Andrew Jaquith <an...@gmail.com>
04/06/2009 12:14 PM
Please respond to
jspwiki-user@incubator.apache.org
To
jspwiki-user@incubator.apache.org
cc
Subject
Re: unsupported callbacks? - almost done?
Lou -- can this wait until the 2.8.3 timeframe? I'd like to solve this
issue for you, and for others.
If you send me the patches (privately is ok), I'll use them as a starting
point.
BTW, the short answer to your earlier question is that the
WikiCallbackHandler class needs to be able to support the
HttpRequestCallback and the WikiEngineCallback. But it's not so
simple, because it's instantiated via login(WikiSession,String,String)
which does not contain an HttpServletRequest parameter. So ultimately
the total set of tweaks we need are these:
- New constructor in WikiCallbackHandler that accepts an
HttpServletRequest, plus code that returns an HttpRequestCallback when
requested by a LoginModule
- New method in AuthenticationManager: login( HttpServletRequest,
String String ) that constructs the WikiCallbackHander with the
request
Doing these things will open up a lot of possibilities, including
writing an OpenID LoginModule (because it will be able to get access
to the request).
Andrew
On Mon, Apr 6, 2009 at 11:48 AM, <Lo...@log-net.com> wrote:
> Harry:
> Thanks.
>
> OK, I modified the source and created my own auth manager and callback
> handler. I created an initial jsp page that calls the login:
>
> if ( mgr.login( request ) )
> {
> log.debug( "mgr login OK for principal return " +
> wikiSession.getUserPrincipal().getName() + " and session id " +
> request.getSession().getId());
> }
> else
> {
> log.info( "Failed to authenticate user " +
> request.getParameter( "user" ) );
> }
>
> This seems to be working OK (I get the following message):
>
> 11:41:22,516 INFO [SecurityLog] WikiSecurityEvent.LOGIN_AUTHENTICATED
> [source=com.ecyrd.jspwiki.auth.AuthenticationManager@18c2ccd,
> princpal=com.ecyrd.jspwiki.auth.WikiPrincipal lmasters,
> target=com.ecyrd.jspwiki.WikiSession@1f05c75]
>
> However, at the bottom of my jsp, there is same redirect from the
> loginform jsp:
>
> response.sendRedirect( viewUrl );
>
> This generates an error with my security:
>
> 11:41:22,547 ERROR [AnyoneAuthenticationLoginModule] General exception -
> not logging in.
> javax.security.auth.login.FailedLoginException: No user found to
> authenticate
> at
>
com.lognet.wiki.auth.login.AnyoneAuthenticationLoginModule.login(AnyoneAuthenticationLoginModule.java:96)
> at
>
com.ecyrd.jspwiki.auth.AuthenticationManager.doJAASLogin(AuthenticationManager.java:621)
> at
>
com.ecyrd.jspwiki.auth.AuthenticationManager.login(AuthenticationManager.java:271)
> at
>
com.ecyrd.jspwiki.ui.WikiServletFilter.doFilter(WikiServletFilter.java:156)
> at
> com.ecyrd.jspwiki.ui.WikiJSPFilter.doFilter(WikiJSPFilter.java:111)
>
> It looks like the "WikiServletFilter" login can't find the subject or
the
> session is messed up. I'm at a loss as to where I should even start
> looking. I'm adding the principals just like the user db login module:
>
> m_principals.add( principal );
> m_principals.add(Role.AUTHENTICATED);
> m_principals.add(Role.ALL); //added to debug
> m_principalsToRemove.add(Role.AUTHENTICATED); //added to
> debug
> m_principalsToOverwrite.add(WikiPrincipal.GUEST);
//added
> to debug
> m_principalsToOverwrite.add(Role.ANONYMOUS); //added to
> debug
> m_principalsToOverwrite.add(Role.ASSERTED); //added to
> debug
>
> Have I missed a step?
>
> Thanks,
> Lou
>
>
>
>
>
> Harry Metske <ha...@gmail.com>
> 04/01/2009 02:37 PM
> Please respond to
> jspwiki-user@incubator.apache.org
>
>
> To
> jspwiki-user@incubator.apache.org
> cc
>
> Subject
> Re: unsupported callbacks?
>
>
>
>
>
>
> eeuuhh, I wouldn't know how, the only way I can think of is modifying
the
> source and building it again. (AuthenticationManager has the reference
to
> WikiCallbackHandler)
>
> (or I misunderstood your question...)
> Harry
>
>
> 2009/4/1 <Lo...@log-net.com>
>
>> OK, thanks. Is there any way to override/specify the CallbackHandler
so
> I
>> don't need to mess around with the one in the JAR?
>>
>>
>>
>>
>>
>> Harry Metske <ha...@gmail.com>
>> 03/31/2009 03:18 PM
>> Please respond to
>> jspwiki-user@incubator.apache.org
>>
>>
>> To
>> jspwiki-user@incubator.apache.org
>> cc
>>
>> Subject
>> Re: unsupported callbacks?
>>
>>
>>
>>
>>
>>
>> I think you should add handling to the WikiCallbackHandler, actually
> that
>> already has been done for 3.0 to support TextOutput Callbacks.
>> See also https://issues.apache.org/jira/browse/JSPWIKI-464
>>
>> Harry
>>
>> 2009/3/27 <Lo...@log-net.com>
>>
>> > I'm in the process of implementing a custom LoginModule and I ran
into
>> an
>> > issue (maybe). I need to access the HTTPRequest and possibly the
>> > WikiEngine so I included them as callbacks:
>> >
>> >
>> > HttpRequestCallback hcb = new HttpRequestCallback();
>> > WikiEngineCallback wcb = new WikiEngineCallback();
>> > Callback[] callbacks = new Callback[]{ hcb, wcb };
>> >
>> > The trouble is, when I try the "handle" call, it excepts with the
>> > following:
>> >
>> > javax.security.auth.callback.UnsupportedCallbackException
>> > at
>> >
>> >
>>
>>
>
com.ecyrd.jspwiki.auth.login.WikiCallbackHandler.handle(WikiCallbackHandler.java:89)
>> > at
>> >
>> >
>>
>>
>
com.lognet.wiki.auth.login.AnyoneAuthenticationLoginModule.login(AnyoneAuthenticationLoginModule.java:36)
>> >
>> > I noticed the WikiCallbackHandler.java only supports UserDatabase,
> Name
>> > and Password callbacks - do I need to add handling for theHttpRequest
>> and
>> > WikiEngine or should I create a custom callback handler and use it?
>> Sorry
>> > if this is a simple question, but I am new to writing LoginModules
and
>> > callbacks.
>> >
>> > Thanks,
>> > Lou
>> >
>> >
>> > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>> > LOG-NET, Inc.
>> > The Logistics Network Management System
>> > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>> > 230 Half Mile Road
>> > Third Floor
>> > Red Bank, NJ 07701
>> > PH: 732-758-6800
>> > FAX: 732-747-7497
>> > http://www.LOG-NET.com
>> > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>> > CONFIDENTIAL & PRIVILEGED
>> > Unless otherwise indicated or if obvious from the nature of the
> content,
>> > the information contained herein is privileged and confidential
>> > information/work product. The communication is intended for the use
of
>> the
>> > individual or entity named above. If the reader of this transmission
> is
>> > not the intended recipient, you are hereby notified that any
>> > dissemination, distribution or copying of this communication is
> strictly
>> > prohibited. If you have received this communication in error, please
>> > notify the sender immediately by telephone (732-758-6800) or by
>> electronic
>> > mail (postmaster@LOG-NET.com), and destroy any copies, electronic,
> paper
>> > or otherwise, which you may have of this communication. Thank you.
>> > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>>
>>
>
>
Re: unsupported callbacks? - almost done?
Posted by Andrew Jaquith <an...@gmail.com>.
Lou -- can this wait until the 2.8.3 timeframe? I'd like to solve this
issue for you, and for others.
If you send me the patches (privately is ok), I'll use them as a starting point.
BTW, the short answer to your earlier question is that the
WikiCallbackHandler class needs to be able to support the
HttpRequestCallback and the WikiEngineCallback. But it's not so
simple, because it's instantiated via login(WikiSession,String,String)
which does not contain an HttpServletRequest parameter. So ultimately
the total set of tweaks we need are these:
- New constructor in WikiCallbackHandler that accepts an
HttpServletRequest, plus code that returns an HttpRequestCallback when
requested by a LoginModule
- New method in AuthenticationManager: login( HttpServletRequest,
String String ) that constructs the WikiCallbackHander with the
request
Doing these things will open up a lot of possibilities, including
writing an OpenID LoginModule (because it will be able to get access
to the request).
Andrew
On Mon, Apr 6, 2009 at 11:48 AM, <Lo...@log-net.com> wrote:
> Harry:
> Thanks.
>
> OK, I modified the source and created my own auth manager and callback
> handler. I created an initial jsp page that calls the login:
>
> if ( mgr.login( request ) )
> {
> log.debug( "mgr login OK for principal return " +
> wikiSession.getUserPrincipal().getName() + " and session id " +
> request.getSession().getId());
> }
> else
> {
> log.info( "Failed to authenticate user " +
> request.getParameter( "user" ) );
> }
>
> This seems to be working OK (I get the following message):
>
> 11:41:22,516 INFO [SecurityLog] WikiSecurityEvent.LOGIN_AUTHENTICATED
> [source=com.ecyrd.jspwiki.auth.AuthenticationManager@18c2ccd,
> princpal=com.ecyrd.jspwiki.auth.WikiPrincipal lmasters,
> target=com.ecyrd.jspwiki.WikiSession@1f05c75]
>
> However, at the bottom of my jsp, there is same redirect from the
> loginform jsp:
>
> response.sendRedirect( viewUrl );
>
> This generates an error with my security:
>
> 11:41:22,547 ERROR [AnyoneAuthenticationLoginModule] General exception -
> not logging in.
> javax.security.auth.login.FailedLoginException: No user found to
> authenticate
> at
> com.lognet.wiki.auth.login.AnyoneAuthenticationLoginModule.login(AnyoneAuthenticationLoginModule.java:96)
> at
> com.ecyrd.jspwiki.auth.AuthenticationManager.doJAASLogin(AuthenticationManager.java:621)
> at
> com.ecyrd.jspwiki.auth.AuthenticationManager.login(AuthenticationManager.java:271)
> at
> com.ecyrd.jspwiki.ui.WikiServletFilter.doFilter(WikiServletFilter.java:156)
> at
> com.ecyrd.jspwiki.ui.WikiJSPFilter.doFilter(WikiJSPFilter.java:111)
>
> It looks like the "WikiServletFilter" login can't find the subject or the
> session is messed up. I'm at a loss as to where I should even start
> looking. I'm adding the principals just like the user db login module:
>
> m_principals.add( principal );
> m_principals.add(Role.AUTHENTICATED);
> m_principals.add(Role.ALL); //added to debug
> m_principalsToRemove.add(Role.AUTHENTICATED); //added to
> debug
> m_principalsToOverwrite.add(WikiPrincipal.GUEST); //added
> to debug
> m_principalsToOverwrite.add(Role.ANONYMOUS); //added to
> debug
> m_principalsToOverwrite.add(Role.ASSERTED); //added to
> debug
>
> Have I missed a step?
>
> Thanks,
> Lou
>
>
>
>
>
> Harry Metske <ha...@gmail.com>
> 04/01/2009 02:37 PM
> Please respond to
> jspwiki-user@incubator.apache.org
>
>
> To
> jspwiki-user@incubator.apache.org
> cc
>
> Subject
> Re: unsupported callbacks?
>
>
>
>
>
>
> eeuuhh, I wouldn't know how, the only way I can think of is modifying the
> source and building it again. (AuthenticationManager has the reference to
> WikiCallbackHandler)
>
> (or I misunderstood your question...)
> Harry
>
>
> 2009/4/1 <Lo...@log-net.com>
>
>> OK, thanks. Is there any way to override/specify the CallbackHandler so
> I
>> don't need to mess around with the one in the JAR?
>>
>>
>>
>>
>>
>> Harry Metske <ha...@gmail.com>
>> 03/31/2009 03:18 PM
>> Please respond to
>> jspwiki-user@incubator.apache.org
>>
>>
>> To
>> jspwiki-user@incubator.apache.org
>> cc
>>
>> Subject
>> Re: unsupported callbacks?
>>
>>
>>
>>
>>
>>
>> I think you should add handling to the WikiCallbackHandler, actually
> that
>> already has been done for 3.0 to support TextOutput Callbacks.
>> See also https://issues.apache.org/jira/browse/JSPWIKI-464
>>
>> Harry
>>
>> 2009/3/27 <Lo...@log-net.com>
>>
>> > I'm in the process of implementing a custom LoginModule and I ran into
>> an
>> > issue (maybe). I need to access the HTTPRequest and possibly the
>> > WikiEngine so I included them as callbacks:
>> >
>> >
>> > HttpRequestCallback hcb = new HttpRequestCallback();
>> > WikiEngineCallback wcb = new WikiEngineCallback();
>> > Callback[] callbacks = new Callback[]{ hcb, wcb };
>> >
>> > The trouble is, when I try the "handle" call, it excepts with the
>> > following:
>> >
>> > javax.security.auth.callback.UnsupportedCallbackException
>> > at
>> >
>> >
>>
>>
> com.ecyrd.jspwiki.auth.login.WikiCallbackHandler.handle(WikiCallbackHandler.java:89)
>> > at
>> >
>> >
>>
>>
> com.lognet.wiki.auth.login.AnyoneAuthenticationLoginModule.login(AnyoneAuthenticationLoginModule.java:36)
>> >
>> > I noticed the WikiCallbackHandler.java only supports UserDatabase,
> Name
>> > and Password callbacks - do I need to add handling for theHttpRequest
>> and
>> > WikiEngine or should I create a custom callback handler and use it?
>> Sorry
>> > if this is a simple question, but I am new to writing LoginModules and
>> > callbacks.
>> >
>> > Thanks,
>> > Lou
>> >
>> >
>> > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>> > LOG-NET, Inc.
>> > The Logistics Network Management System
>> > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>> > 230 Half Mile Road
>> > Third Floor
>> > Red Bank, NJ 07701
>> > PH: 732-758-6800
>> > FAX: 732-747-7497
>> > http://www.LOG-NET.com
>> > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>> > CONFIDENTIAL & PRIVILEGED
>> > Unless otherwise indicated or if obvious from the nature of the
> content,
>> > the information contained herein is privileged and confidential
>> > information/work product. The communication is intended for the use of
>> the
>> > individual or entity named above. If the reader of this transmission
> is
>> > not the intended recipient, you are hereby notified that any
>> > dissemination, distribution or copying of this communication is
> strictly
>> > prohibited. If you have received this communication in error, please
>> > notify the sender immediately by telephone (732-758-6800) or by
>> electronic
>> > mail (postmaster@LOG-NET.com), and destroy any copies, electronic,
> paper
>> > or otherwise, which you may have of this communication. Thank you.
>> > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>>
>>
>
>
Re: unsupported callbacks? - almost done?
Posted by Lo...@log-net.com.
Harry:
Thanks.
OK, I modified the source and created my own auth manager and callback
handler. I created an initial jsp page that calls the login:
if ( mgr.login( request ) )
{
log.debug( "mgr login OK for principal return " +
wikiSession.getUserPrincipal().getName() + " and session id " +
request.getSession().getId());
}
else
{
log.info( "Failed to authenticate user " +
request.getParameter( "user" ) );
}
This seems to be working OK (I get the following message):
11:41:22,516 INFO [SecurityLog] WikiSecurityEvent.LOGIN_AUTHENTICATED
[source=com.ecyrd.jspwiki.auth.AuthenticationManager@18c2ccd,
princpal=com.ecyrd.jspwiki.auth.WikiPrincipal lmasters,
target=com.ecyrd.jspwiki.WikiSession@1f05c75]
However, at the bottom of my jsp, there is same redirect from the
loginform jsp:
response.sendRedirect( viewUrl );
This generates an error with my security:
11:41:22,547 ERROR [AnyoneAuthenticationLoginModule] General exception -
not logging in.
javax.security.auth.login.FailedLoginException: No user found to
authenticate
at
com.lognet.wiki.auth.login.AnyoneAuthenticationLoginModule.login(AnyoneAuthenticationLoginModule.java:96)
at
com.ecyrd.jspwiki.auth.AuthenticationManager.doJAASLogin(AuthenticationManager.java:621)
at
com.ecyrd.jspwiki.auth.AuthenticationManager.login(AuthenticationManager.java:271)
at
com.ecyrd.jspwiki.ui.WikiServletFilter.doFilter(WikiServletFilter.java:156)
at
com.ecyrd.jspwiki.ui.WikiJSPFilter.doFilter(WikiJSPFilter.java:111)
It looks like the "WikiServletFilter" login can't find the subject or the
session is messed up. I'm at a loss as to where I should even start
looking. I'm adding the principals just like the user db login module:
m_principals.add( principal );
m_principals.add(Role.AUTHENTICATED);
m_principals.add(Role.ALL); //added to debug
m_principalsToRemove.add(Role.AUTHENTICATED); //added to
debug
m_principalsToOverwrite.add(WikiPrincipal.GUEST); //added
to debug
m_principalsToOverwrite.add(Role.ANONYMOUS); //added to
debug
m_principalsToOverwrite.add(Role.ASSERTED); //added to
debug
Have I missed a step?
Thanks,
Lou
Harry Metske <ha...@gmail.com>
04/01/2009 02:37 PM
Please respond to
jspwiki-user@incubator.apache.org
To
jspwiki-user@incubator.apache.org
cc
Subject
Re: unsupported callbacks?
eeuuhh, I wouldn't know how, the only way I can think of is modifying the
source and building it again. (AuthenticationManager has the reference to
WikiCallbackHandler)
(or I misunderstood your question...)
Harry
2009/4/1 <Lo...@log-net.com>
> OK, thanks. Is there any way to override/specify the CallbackHandler so
I
> don't need to mess around with the one in the JAR?
>
>
>
>
>
> Harry Metske <ha...@gmail.com>
> 03/31/2009 03:18 PM
> Please respond to
> jspwiki-user@incubator.apache.org
>
>
> To
> jspwiki-user@incubator.apache.org
> cc
>
> Subject
> Re: unsupported callbacks?
>
>
>
>
>
>
> I think you should add handling to the WikiCallbackHandler, actually
that
> already has been done for 3.0 to support TextOutput Callbacks.
> See also https://issues.apache.org/jira/browse/JSPWIKI-464
>
> Harry
>
> 2009/3/27 <Lo...@log-net.com>
>
> > I'm in the process of implementing a custom LoginModule and I ran into
> an
> > issue (maybe). I need to access the HTTPRequest and possibly the
> > WikiEngine so I included them as callbacks:
> >
> >
> > HttpRequestCallback hcb = new HttpRequestCallback();
> > WikiEngineCallback wcb = new WikiEngineCallback();
> > Callback[] callbacks = new Callback[]{ hcb, wcb };
> >
> > The trouble is, when I try the "handle" call, it excepts with the
> > following:
> >
> > javax.security.auth.callback.UnsupportedCallbackException
> > at
> >
> >
>
>
com.ecyrd.jspwiki.auth.login.WikiCallbackHandler.handle(WikiCallbackHandler.java:89)
> > at
> >
> >
>
>
com.lognet.wiki.auth.login.AnyoneAuthenticationLoginModule.login(AnyoneAuthenticationLoginModule.java:36)
> >
> > I noticed the WikiCallbackHandler.java only supports UserDatabase,
Name
> > and Password callbacks - do I need to add handling for theHttpRequest
> and
> > WikiEngine or should I create a custom callback handler and use it?
> Sorry
> > if this is a simple question, but I am new to writing LoginModules and
> > callbacks.
> >
> > Thanks,
> > Lou
> >
> >
> > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> > LOG-NET, Inc.
> > The Logistics Network Management System
> > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> > 230 Half Mile Road
> > Third Floor
> > Red Bank, NJ 07701
> > PH: 732-758-6800
> > FAX: 732-747-7497
> > http://www.LOG-NET.com
> > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> > CONFIDENTIAL & PRIVILEGED
> > Unless otherwise indicated or if obvious from the nature of the
content,
> > the information contained herein is privileged and confidential
> > information/work product. The communication is intended for the use of
> the
> > individual or entity named above. If the reader of this transmission
is
> > not the intended recipient, you are hereby notified that any
> > dissemination, distribution or copying of this communication is
strictly
> > prohibited. If you have received this communication in error, please
> > notify the sender immediately by telephone (732-758-6800) or by
> electronic
> > mail (postmaster@LOG-NET.com), and destroy any copies, electronic,
paper
> > or otherwise, which you may have of this communication. Thank you.
> > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>
>
Re: unsupported callbacks?
Posted by Harry Metske <ha...@gmail.com>.
eeuuhh, I wouldn't know how, the only way I can think of is modifying the
source and building it again. (AuthenticationManager has the reference to
WikiCallbackHandler)
(or I misunderstood your question...)
Harry
2009/4/1 <Lo...@log-net.com>
> OK, thanks. Is there any way to override/specify the CallbackHandler so I
> don't need to mess around with the one in the JAR?
>
>
>
>
>
> Harry Metske <ha...@gmail.com>
> 03/31/2009 03:18 PM
> Please respond to
> jspwiki-user@incubator.apache.org
>
>
> To
> jspwiki-user@incubator.apache.org
> cc
>
> Subject
> Re: unsupported callbacks?
>
>
>
>
>
>
> I think you should add handling to the WikiCallbackHandler, actually that
> already has been done for 3.0 to support TextOutput Callbacks.
> See also https://issues.apache.org/jira/browse/JSPWIKI-464
>
> Harry
>
> 2009/3/27 <Lo...@log-net.com>
>
> > I'm in the process of implementing a custom LoginModule and I ran into
> an
> > issue (maybe). I need to access the HTTPRequest and possibly the
> > WikiEngine so I included them as callbacks:
> >
> >
> > HttpRequestCallback hcb = new HttpRequestCallback();
> > WikiEngineCallback wcb = new WikiEngineCallback();
> > Callback[] callbacks = new Callback[]{ hcb, wcb };
> >
> > The trouble is, when I try the "handle" call, it excepts with the
> > following:
> >
> > javax.security.auth.callback.UnsupportedCallbackException
> > at
> >
> >
>
> com.ecyrd.jspwiki.auth.login.WikiCallbackHandler.handle(WikiCallbackHandler.java:89)
> > at
> >
> >
>
> com.lognet.wiki.auth.login.AnyoneAuthenticationLoginModule.login(AnyoneAuthenticationLoginModule.java:36)
> >
> > I noticed the WikiCallbackHandler.java only supports UserDatabase, Name
> > and Password callbacks - do I need to add handling for theHttpRequest
> and
> > WikiEngine or should I create a custom callback handler and use it?
> Sorry
> > if this is a simple question, but I am new to writing LoginModules and
> > callbacks.
> >
> > Thanks,
> > Lou
> >
> >
> > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> > LOG-NET, Inc.
> > The Logistics Network Management System
> > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> > 230 Half Mile Road
> > Third Floor
> > Red Bank, NJ 07701
> > PH: 732-758-6800
> > FAX: 732-747-7497
> > http://www.LOG-NET.com
> > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> > CONFIDENTIAL & PRIVILEGED
> > Unless otherwise indicated or if obvious from the nature of the content,
> > the information contained herein is privileged and confidential
> > information/work product. The communication is intended for the use of
> the
> > individual or entity named above. If the reader of this transmission is
> > not the intended recipient, you are hereby notified that any
> > dissemination, distribution or copying of this communication is strictly
> > prohibited. If you have received this communication in error, please
> > notify the sender immediately by telephone (732-758-6800) or by
> electronic
> > mail (postmaster@LOG-NET.com), and destroy any copies, electronic, paper
> > or otherwise, which you may have of this communication. Thank you.
> > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>
>
Re: unsupported callbacks?
Posted by Lo...@log-net.com.
OK, thanks. Is there any way to override/specify the CallbackHandler so I
don't need to mess around with the one in the JAR?
Harry Metske <ha...@gmail.com>
03/31/2009 03:18 PM
Please respond to
jspwiki-user@incubator.apache.org
To
jspwiki-user@incubator.apache.org
cc
Subject
Re: unsupported callbacks?
I think you should add handling to the WikiCallbackHandler, actually that
already has been done for 3.0 to support TextOutput Callbacks.
See also https://issues.apache.org/jira/browse/JSPWIKI-464
Harry
2009/3/27 <Lo...@log-net.com>
> I'm in the process of implementing a custom LoginModule and I ran into
an
> issue (maybe). I need to access the HTTPRequest and possibly the
> WikiEngine so I included them as callbacks:
>
>
> HttpRequestCallback hcb = new HttpRequestCallback();
> WikiEngineCallback wcb = new WikiEngineCallback();
> Callback[] callbacks = new Callback[]{ hcb, wcb };
>
> The trouble is, when I try the "handle" call, it excepts with the
> following:
>
> javax.security.auth.callback.UnsupportedCallbackException
> at
>
>
com.ecyrd.jspwiki.auth.login.WikiCallbackHandler.handle(WikiCallbackHandler.java:89)
> at
>
>
com.lognet.wiki.auth.login.AnyoneAuthenticationLoginModule.login(AnyoneAuthenticationLoginModule.java:36)
>
> I noticed the WikiCallbackHandler.java only supports UserDatabase, Name
> and Password callbacks - do I need to add handling for theHttpRequest
and
> WikiEngine or should I create a custom callback handler and use it?
Sorry
> if this is a simple question, but I am new to writing LoginModules and
> callbacks.
>
> Thanks,
> Lou
>
>
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> LOG-NET, Inc.
> The Logistics Network Management System
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> 230 Half Mile Road
> Third Floor
> Red Bank, NJ 07701
> PH: 732-758-6800
> FAX: 732-747-7497
> http://www.LOG-NET.com
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> CONFIDENTIAL & PRIVILEGED
> Unless otherwise indicated or if obvious from the nature of the content,
> the information contained herein is privileged and confidential
> information/work product. The communication is intended for the use of
the
> individual or entity named above. If the reader of this transmission is
> not the intended recipient, you are hereby notified that any
> dissemination, distribution or copying of this communication is strictly
> prohibited. If you have received this communication in error, please
> notify the sender immediately by telephone (732-758-6800) or by
electronic
> mail (postmaster@LOG-NET.com), and destroy any copies, electronic, paper
> or otherwise, which you may have of this communication. Thank you.
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Re: unsupported callbacks?
Posted by Harry Metske <ha...@gmail.com>.
I think you should add handling to the WikiCallbackHandler, actually that
already has been done for 3.0 to support TextOutput Callbacks.
See also https://issues.apache.org/jira/browse/JSPWIKI-464
Harry
2009/3/27 <Lo...@log-net.com>
> I'm in the process of implementing a custom LoginModule and I ran into an
> issue (maybe). I need to access the HTTPRequest and possibly the
> WikiEngine so I included them as callbacks:
>
>
> HttpRequestCallback hcb = new HttpRequestCallback();
> WikiEngineCallback wcb = new WikiEngineCallback();
> Callback[] callbacks = new Callback[]{ hcb, wcb };
>
> The trouble is, when I try the "handle" call, it excepts with the
> following:
>
> javax.security.auth.callback.UnsupportedCallbackException
> at
>
> com.ecyrd.jspwiki.auth.login.WikiCallbackHandler.handle(WikiCallbackHandler.java:89)
> at
>
> com.lognet.wiki.auth.login.AnyoneAuthenticationLoginModule.login(AnyoneAuthenticationLoginModule.java:36)
>
> I noticed the WikiCallbackHandler.java only supports UserDatabase, Name
> and Password callbacks - do I need to add handling for theHttpRequest and
> WikiEngine or should I create a custom callback handler and use it? Sorry
> if this is a simple question, but I am new to writing LoginModules and
> callbacks.
>
> Thanks,
> Lou
>
>
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> LOG-NET, Inc.
> The Logistics Network Management System
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> 230 Half Mile Road
> Third Floor
> Red Bank, NJ 07701
> PH: 732-758-6800
> FAX: 732-747-7497
> http://www.LOG-NET.com
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> CONFIDENTIAL & PRIVILEGED
> Unless otherwise indicated or if obvious from the nature of the content,
> the information contained herein is privileged and confidential
> information/work product. The communication is intended for the use of the
> individual or entity named above. If the reader of this transmission is
> not the intended recipient, you are hereby notified that any
> dissemination, distribution or copying of this communication is strictly
> prohibited. If you have received this communication in error, please
> notify the sender immediately by telephone (732-758-6800) or by electronic
> mail (postmaster@LOG-NET.com), and destroy any copies, electronic, paper
> or otherwise, which you may have of this communication. Thank you.
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~