If authentication failed, the callback handler is invoked with a single TextOutputCallback which contains an ERROR type message "Login failed for user: $", where USER is the username of the last NameCallback. Further, if a "cancel" is detected, the callback handler is invoked with a single TextOutputCallback which contains an INFORMATION type message "Login cancelled by user.". Note: The "cancel" check works for all logins, including the first try. This is quite unintuitive and might make it more difficult to find bugs in your code where the values are unintentionally null, so an alternative way might be better. The cancel is detected by setting either the NameCallback or PasswordCallback's value to null. If you specify 0 login tries, then it will keep trying until either a successful authentication or the user cancelled. If no successful authentication occurred during these tries it will fail with the FailedLoginException (as it does currently). If you specify an integer great or equal to 0, it will perform the given amount of tries. If you supply an invalid value for an option (any value that would raise a NumberFormatException when calling "Integer.parseInt()"), it will default to the current behaviour of "1" try. If you omit this option, it will default to the current behaviour of "1" try. It does so by supplying an optional extra "option", which can be specified in the gbean configuration, like so: #JIRA CLIENT LOGIN FAILED PATCH#
The attached patch is a modification of .OpenejbRemoteLoginModule.
This all works, except a failed login isn't retried and there is no way for the application to even detect this (nor a cancel if such an option existed). When an application client is configured to authenticate with a JAAS realm and a CallbackHandler, the login is performed before the application's main method is called, thus outside the context of the client application itself.
0 kommentar(er)
