Versions Compared

Old Version 21

changes.mady.by.user Glen Mazza

Saved on

compared with

New Version 22

changes.mady.by.user Glen Mazza

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Note that for the special case of a plain-text password (or any other yet unknown password type), the password validation is delegated to the callback class, see org.apache.ws.security.processor.UsernameTokenProcessor#handleUsernameToken() method javadoc of the WSS4Jproject. In that case, the ServerPasswordCallback should be somethine something like the following one:

Code Block
java
java
public class ServerPasswordCallback implements CallbackHandler {

    public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException {

        WSPasswordCallback pc = (WSPasswordCallback) callbacks[0];

        if (pc.getId().equals("joe") {
           if (!pc.getPassword().equals("password")) {
                throw new SecurityException("wrong password");
           }
        }
    }

}

...