[jboss-user] [Security] - Custom CallbackHandler with jboss 4.2 AS

hisnamewasjaan do-not-reply at jboss.com
Fri Nov 20 04:01:49 EST 2009


Hi all

I have 2 related questions:

1) Is it possible to configure a custom CallbackHandler with JBoss4.2 AS?

I found a posting stating how to do it for JBoss5: 
http://anil-identity.blogspot.com/2009/05/as51-specifying-custom-call-back.html 

Are any these methods applicable with JBoss4.2?

2) I would like to configure my application for web authentication, using an auth-method that does not prompt the user. Is this possible? Which auth-method can I use for this? I guess I'm failing to understand what exactly causes the container to prompt the user when using e.g. BASIC auth? Can it be controlled with the CallbackHandler?

For those interested, my scenario is:
Users are authenticating in a foreign system (of which I basically know nothing), and requests (including a simple username parameter) are then sent to an application in my jboss. The application in JBoss is configured for web authentication, but I do not want the users to be prompted for credentials when they are coming from the foreign system. I just want my custom login modules to create the necessary prinipals based on the username (from request parameter).
That's why I'm planning on putting a custom callbackhandler in place to provide the username without prompting.
And, I also need to figure out with which auth-method to configure my applications so that users are NOT prompted.

Thanks

View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4266697#4266697

Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4266697



More information about the jboss-user mailing list