Wednesday, September 22, 2010

UnsupportedCallbackException: Accessing the HttpServletRequest from a custom auth provider

There could be more than one cause of this problem but here is what cause it for me:

My custom provider was the first provider in the list and was set to sufficient.

I got an UnsupportedCallbackException when I tried to use the ContextHandlerCallback to retrieve the request in my provider.

This was due to the fact that weblogic log in was using my provider and it uses the SimpleCallbackHandler (boo hiss).

Here is my code: (I throw an login exception and fail the login if the callbacks are null for my login)

  private Callback[] getCallbacks() throws LoginException{
    Callback[] callbacks = new Callback[3]; // need one for the user name
    callbacks[CALLBACK_USERNAME_POSITION] = new NameCallback("username: ");
    callbacks[CALLBACK_PASSWORD_POSITION] = new PasswordCallback("password: ", false);
    callbacks[CALLBACK_CONTEXT_POSITION] = new ContextHandlerCallback();

    } catch (IOException e){
    } catch (UnsupportedCallbackException e){
      System.err.println("UnsupportedCallbackException:" + e.getMessage());
      return null;
  return callbacks;
Get the Request after obtaining the callback:
private HttpServletRequest getRequestCallback(Callback[] callbacks){
  ContextHandlerCallback cb = (ContextHandlerCallback)callbacks[CALLBACK_CONTEXT_POSITION];
  if (cb != null){
    return (HttpServletRequest)cb.getContextHandler().getValue("com.bea.contextelement.servlet.HttpServletRequest");
  return null;

No comments:

Post a Comment