This week's book giveaways are in the Refactoring and Agile forums.
We're giving away four copies each of Re-engineering Legacy Software and Docker in Action and have the authors on-line!
See this thread and this one for details.
Win a copy of Re-engineering Legacy Software this week in the Refactoring forum
or Docker in Action in the Cloud/Virtualization forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

Determining requestor's IP in custom authenticator (JAAS)

 
Todd Buell
Greenhorn
Posts: 21
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
In a 10.3 environment I have a custom authenticator that is using NameCallback and PasswordCallback to validate against the data stored in a DB. We are now required to record the IP address of the authentication requestor for failed logins but I've not had any luck reliably determining this information.

Our authenticator is implementing javax.security.auth.spi.LoginModule so we can't modify the call to the authenticator.

Initially I tried a ContextHandlerCallback to be passed to the CallbackHandler.handle call, but an exception is thrown if the connection is made via JMX-RMI. (javax.security.auth.callback.UnsupportedCallbackException: [Security:090175]Unrecognized Callback)

Any thoughts or suggestions on how to resolve the IP address of the requestor in the LoginModule?
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic