Versions Compared

Old Version 6

changes.mady.by.user Unknown User (ddv)

Saved on

compared with

New Version 7

changes.mady.by.user Unknown User (ddv)

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Code Block
java
java
public class ServerPasswordCallback implements CallbackHandler {

    public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException {

        WSPasswordCallback pc = (WSPasswordCallback) callbacks[0];

        if (pc.getId().equals("joe") {
            // set the password on the callback. This will be compared to the
            // password which was sent from the client.
            pc.setPassword("password");
        }
    }

}

Note that for the special case of a plain-text password (or any other yet unknown password type), the password validation is delegated to the callback class, see org.apache.ws.security.processor.UsernameTokenProcessor#handleUsernameToken() method javadoc of the WSS4Jproject. In that case, the ServerPasswordCallback should be somethine like the following one:

Code Block
java
java

public class ServerPasswordCallback implements CallbackHandler {

    public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException {

        WSPasswordCallback pc = (WSPasswordCallback) callbacks[0];

        if (pc.getId().equals("joe") {
           if (!pc.getPassword().equals("password")) {
                throw new SecurityException("wrong password");
           }
        }
    }

}

On the Client side you'll want to configure the WSS4J outgoing properties:

...