[jboss-dev-forums] [PicketBox Development] - WebJASPIAuthenticator ignores GroupPrincipalCallback but requires PasswordValidationCallback
arjan tijms
do-not-reply at jboss.com
Mon Jun 4 16:39:55 EDT 2012
arjan tijms [https://community.jboss.org/people/atijms] created the discussion
"WebJASPIAuthenticator ignores GroupPrincipalCallback but requires PasswordValidationCallback"
To view the discussion, visit: https://community.jboss.org/message/739801#739801
--------------------------------------------------------------
In JBoss AS 7.1.1, if a user provided ServerAuthModule provides a GroupPrincipalCallback, this is ignored by WebJASPIAuthenticator. The provider handler copies the GroupPrincipalCallback, but the authenticator then does nothing with it. Simulteanously, if the ServerAuthModule does not provide a PasswordValidationCallback to the handler, then this will result in a null pointer exception in the authenticator.
I wonder is this is correct? Reading about JASPI/JSR 196 it seems a GroupPrincipalCallback should be processed when provided and a PasswordValidationCallback should not be required.
--------------------------------------------------------------
Reply to this message by going to Community
[https://community.jboss.org/message/739801#739801]
Start a new discussion in PicketBox Development at Community
[https://community.jboss.org/choose-container!input.jspa?contentType=1&containerType=14&container=2088]
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/jboss-dev-forums/attachments/20120604/810a474e/attachment.html
More information about the jboss-dev-forums
mailing list