Issue

A connection from an EJB client via remoting/sasl ends in an UnsupportedCallbackException, if the remoting connector is protected by SecurityRealm with a configured JAAS authentication. The JAAS configuration contains only one custom LoginModule which is placed in the JBoss module repositiory and configured via module attribute as described in https://issues.jboss.org/browse/AS7-3905.

Detailed description:
During login the PlainSaslServer - Class (line 88 et sqq.) calls the SecurityRealmService twice. The first call reaches the LoginModule as
expected. The login and also the commit methods are called. The second call seems to be a authorization request. It contains only the AuthorizeCallback. Passing the SecurityRealmService (line 157 et sqq.) in that call, adds a SubjectCallback to the list of callbacks. But the JaasCallbackHandler () (which dispatches the request to the LoginModules) is only supporting the AuthorizedCallback, if it is the only Callback in the list of callbacks. So the JaasCallbackHandler (line 110 et sqq.) throws an UnsuportedCallbackException. The authentication request fails.

This is not an application problem, because the problem happens before accessing application code within the JBoss domain-management, sasl Modules. We are using jboss-as-domain-management-7.1.2.Final-redhat.1 and jboss-sasl-1.0.1.Final-redhat-1.