As far as this interceptor is concerned, it can be configured with
custom callback handlers, I don't remember the name of the property
right now, but you can set whatever custom handlers are required.
Cheers, Sergey
On 11/03/16 17:26, matteo wrote:
Ok, I narrowed down a little bit my question.
I see that it is possible to leverage Jaas to populate the SecurityContext
principal via the JAASAuthenticationFilter. Now the point is I would like to
manage my users and passwords via datasources as explained in karaf
documentation
<https://karaf.apache.org/manual/latest/developers-guide/security-framework.html>
. The point is that my users' passwords are stored in the database as
encrypted tokens.
So my previous question becomes: how to specify a
javax.security.auth.callback.CallbackHandler to compute received password
hash before jaas login?
All other steps should be performed transparently by CXF
JAASAuthenticationFilter, right?
Thank you very much.
matteo
-----
matteo
--
View this message in context:
http://cxf.547215.n5.nabble.com/How-to-manage-resource-owner-login-in-CXF-tp5766808p5766839.html
Sent from the cxf-user mailing list archive at Nabble.com.
--
Sergey Beryozkin
Talend Community Coders
http://coders.talend.com/
