[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]
[jetty-dev] FormAuthenticator -->JAASLoginService --> DefaultCallbackHandler ->RequestParameterCallback

Dear Developers,

 

I came across a problem during porting a PoC from jetty 6.1.26 to Jetty 8.1.3.

It is about some security stuff involving JAAS LoginModules and the DefaultCallbackHandler.

I am actually simply trying to get the request parameters using the RequestParameterCallback as done in jetty 6.1.26,

which worked perfectly there. Now in Jetty 8.1.3 this doesn’t seem so, because i seem not to get any request parameters.

 

With some debugging, I figured out that the FormAuthenticator(BasicAuthenticator as well), which i use is calling

the LoginService, only with username and password. The LoginService instantiates the given CallbackHandler, which

in my case is the DefaultCallbackHandler.

In that case this actually does not make much sense for the DefaultCallbackHandler, which

has a Request as member and does instantiate the RequestParameterCallback.

 

The Point is I need one additional request parameter  for my LoginModule.

 

Maybe I am doing something terribly the wrong way here, I would be happy to do so.

I’d appreciate if someone’s got an idea or advice for me.

 

Thanks in advance,

 

Paul-Robert Kaestner