Hi,
Even though samples have the same password callback handler for both the
client and server, in a real world client and server should have
separate password callbacks. With the current implementation client
doesn't even need a password callback class. He can just say the
following.
options.setUserName("dimuthul");
options.setPassword("secret");
The key usage of Username token for plain password would be
WSPasswordCallback.UNKNOWN. At the server-side you can always check
what type of a callback.
switch (passwordCallback.getUsage()) {
case WSPasswordCallback.UNKNOWN:
........
break;
......
.......
}
Thank you,
Dimuthu
On Mon, 2008-07-14 at 09:03 -1000, Roxanne Yee wrote:
> Another question: Is the passwordCallbackClass provided in the Rampart
> samples for the server or the client? If it is for both, the what would be
> the difference? I've read http://wso2.org/node/240/print/ and am still
> confused.
>
>
> -----Original Message-----
> From: Roxanne Yee [mailto:[EMAIL PROTECTED]
> Sent: Mon 7/14/2008 8:55 AM
> To: [email protected]
> Subject: Newbie Basics: passwordCallbackHandler
>
> Does anyone know if there are any thorough tutorials on how to write a
> passwordCallbackHander explaining how the code works?
>
> Thanks.
>
> =>RY
>
