[jira] Commented: (GERONIMO-4781) Not getting the callbacks filled in means the logn module should be ignored, not an auth failure.

["David Jencks (JIRA)" <ji...@apache.org>]

    [ https://issues.apache.org/jira/browse/GERONIMO-4781?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12737969#action_12737969 ] 

David Jencks commented on GERONIMO-4781:
----------------------------------------

I wrote a test to try to understand this better...   framework/modules/geronimo-security/src/test/java/org/apache/geronimo/security/realm/providers/FlagsMeaningTest.java

The only time it makes a difference whether we return false or throw an exception is if the login module is marked REQUIRED or REQUISITE.  I'm really not sure how to proceed here.  I'm pretty sure it doesn't make a lot of difference because just about any desired behavior can be configured with the flags.

> Not getting the callbacks filled in means the logn module should be ignored, not an auth failure.
> -------------------------------------------------------------------------------------------------
>
>                 Key: GERONIMO-4781
>                 URL: https://issues.apache.org/jira/browse/GERONIMO-4781
>             Project: Geronimo
>          Issue Type: Bug
>      Security Level: public(Regular issues) 
>          Components: security
>    Affects Versions: 2.2
>            Reporter: David Jencks
>            Assignee: David Jencks
>             Fix For: 2.2
>
>
> I think our loign module have another problem.
> Suppose you have 2 login modules configured in a realm, either one of which is sufficitent to authenticate.  They use different kinds of callbacks.  Given a callback handler that accepts callbacks for one of the login mdoule but not the other, we want the one that doesn't get the info it needs to just say "I dunno" by returning false, not "login failure" by throwing an exception.

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.