Bug 10335 - [RFE,patch] Make JAASRealm more flexible
Summary: [RFE,patch] Make JAASRealm more flexible
Alias: None
Product: Tomcat 4
Classification: Unclassified
Component: Catalina (show other bugs)
Version: Unknown
Hardware: Other other
: P3 enhancement (vote)
Target Milestone: ---
Assignee: Tomcat Developers Mailing List
Depends on:
Reported: 2002-06-28 17:55 UTC by Marcelo Vanzin
Modified: 2010-12-14 17:34 UTC (History)
1 user (show)

Patch to JAASRealm.java (1.66 KB, patch)
2002-06-28 17:56 UTC, Marcelo Vanzin
Details | Diff
Correct patch (previous was missing an import) (2.02 KB, patch)
2002-06-28 21:54 UTC, Marcelo Vanzin
Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Marcelo Vanzin 2002-06-28 17:55:35 UTC
Currently, JAASRealm depends on its own CallbackHandler implementation to work,
which only supports NameCallback and PasswordCallback.

This makes it impossible to work with, for example, Weblogic 7.0's
UsernamePasswordLoginModule, which nees a Weblogic's own "UrlCallback" to know
where to find the remote server to query for the login information.

The patch moves the instantiation of the CallbackHandler object to a protected
method, so that one is able to easily override the method and use any custom
CallbackHandler by subclassing JAASRealm.
Comment 1 Marcelo Vanzin 2002-06-28 17:56:14 UTC
Created attachment 2216 [details]
Patch to JAASRealm.java
Comment 2 Marcelo Vanzin 2002-06-28 21:54:47 UTC
Created attachment 2217 [details]
Correct patch (previous was missing an import)
Comment 3 Trejkaz (pen name) 2006-05-09 05:25:34 UTC
*** Bug 39524 has been marked as a duplicate of this bug. ***
Comment 4 Mark Thomas 2010-12-14 17:34:51 UTC
The JAAS realm has been refactored in all current versions (5.5.x, 6.0.x and 7.0.x). There are three places where the CallbackHandler is created but they are easily over-ridden if required. There is little value in explicitly pulling out those calls into separate methods.