• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Jeanne Boyarsky
  • Ron McLeod
  • Paul Clapham
  • Liutauras Vilda
Sheriffs:
  • paul wheaton
  • Rob Spoor
  • Devaka Cooray
Saloon Keepers:
  • Stephan van Hulst
  • Tim Holloway
  • Carey Brown
  • Frits Walraven
  • Tim Moores
Bartenders:
  • Mikalai Zaikin

confusing callBackHandler

 
Ranch Hand
Posts: 30
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
In some journels i read that "An application implements a CallbackHandler and passes it to underlying security services so that they may interact with the application to retrieve specific authentication data, such as usernames and passwords" but in our projects we are creating a loginContext

loginContext = new LoginContext("LDAPPasswordLoginModule", new CallbackHandlerImpl(userName, password, ldapConfigInfo));

I am get confused whether we are passing the username and password to call back handler or call back handler retrives that from the application ?

what is it actually does please help me out.............

Thanks in advance
 
Ranch Hand
Posts: 1209
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

Originally posted by shreehari Gopalakrishnan:

whether we are passing the username and password to call back handler or call back handler retrives that from the application ?



IMO,
You can do it wither way.Sometimes you can get the user name and password interactively (active mode) while at other times you cant (say for eg in a web application). This is passive mode. In that case you can pass the username and password (by extracting it from the request object/whatever) while creating the LoginContext , the way you have in the code.

But say u have a command line interface to your application, then you might as well prompt for the user name and password in callbackHandler.handle(Callback[] callbacks) method. In this case you dont pass the user name, password to the callbackhandler when instatiating LoginContext, instead you request for that from the user in the handle() callback method.

HTH
 
shreehari Gopalakrishnan
Ranch Hand
Posts: 30
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Thanks karthk

what is the significance in using a callBackHandler
can we directly pass the id and password to LDAP and do authentication?
If CallBackHandler retrives the id and password from the application why we need to pass that throuth function or commandline??

I am still confused ....

T I Advance
 
Consider Paul's rocket mass heater.
reply
    Bookmark Topic Watch Topic
  • New Topic