Skip to Content
author's profile photo Former Member
Former Member

CallbackHandler of type CERTIFICATE

Does anyone have any examples of using the CallbackHandler for type CERTIFICATE? I'm attempting to modify a LoginModule to examine the certificate sent by the client for some special processing, but I seem to always get a null pointer back. An example code snippet follows...

.
.
.
Callback[] callbacks new Callback[1];
callbacks[0] new HttpGetterCallback();

((HttpGetterCallback) callbacks[0]).setType(HttpCallback.CERTIFICATE);

try {
    callbackHandler.handle(callbacks);
    } catch (UnsupportedCallbackException e) {
	return false;
    } catch (IOException e) {
	throwUserLoginException(e, LoginExceptionDetails.IO_EXCEPTION);
    }
.
.
.

For some reason,

((HttpGetterCallback) callbacks[1]).getValue()

always returns null.

Add a comment
10|10000 characters needed characters exceeded

Related questions

1 Answer

  • Posted on Jun 09, 2005 at 01:14 PM

    There are some errors in your source code but they are not in the way the certificate is obtained. Here is the source fixed without these errors:

    HttpGetterCallback cb = new HttpGetterCallback();
    cb.setType(HttpCallback.CERTIFICATE);
    Callback[] callbacks = new Callback[] {cb};
    
    try {
      callbackHandler.handle(callbacks);
    } catch (UnsupportedCallbackException e) {
      return false;
    } catch (IOException e) {
      throwUserLoginException(e, LoginExceptionDetails.IO_EXCEPTION);
    }
    
    X509Certificate[] cert = (X509Certificate[]) cb.getValue();

    If at the value in the callback is still null after it is handled successfully module means that there is no certificate in the request. This may happen if you have not configured the server to request client certificate. Information how to do this you can find in NetWeaver documentation on http://help.sap.com :

    SAP NetWeaver -> Security -> Network and Transport Layer Security -> Transport Layer Security on the SAP J2EE Engine -> Configuring the Use of SSL on the SAP J2EE Engine

    SAP NetWeaver -> Security -> Network and Transport Layer Security -> Transport Layer Security on the SAP J2EE Engine -> Additional Keystore and Cryptographic Functions -> Managing the Credentials and Trusted Certificates to Use SSL

    Add a comment
    10|10000 characters needed characters exceeded

Before answering

You should only submit an answer when you are proposing a solution to the poster's problem. If you want the poster to clarify the question or provide more information, please leave a comment instead, requesting additional details. When answering, please include specifics, such as step-by-step instructions, context for the solution, and links to useful resources. Also, please make sure that you answer complies with our Rules of Engagement.
You must be Logged in to submit an answer.

Up to 10 attachments (including images) can be used with a maximum of 1.0 MB each and 10.5 MB total.