I have a system configuration that doesn't seem to fit into the wss4j password-verification mechanism. I'm on the server side and I do not have direct access to passwords, so I cannot write a password CallbackHandler that fills in the password for a given user id. Rather I have programmatic access to a name/password-verification system -- I pass in a name/password pair and it answers "valid" or "not valid" (I'm oversimplifying, but that's the basic idea).
I've managed to make it work when I use PasswordText (plain text passwords) because in that case the WSPasswordCallback object includes the plain text password. But in the case where the password is digested, the WSPasswordCallback object does not include the password (digested or otherwise). So, does anyone have a suggestion for how to best utilize wss4j in this situation? Thanks, Lee --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
