Password Callback Class is required for the UsernameToken security function to specify password for username as well as for private keys in keystore for using Encryption security function. Private keys will be used to sign and/or decrypt a message.
Password callback classes are used to:
- set password for user in UsernameToken while using while using UsernameToken security action
- set password for private key used to decrypt SOAP message while using Encryption security action
- set password for private key used to sign SOAP message while using Signature security action
To specify password, an implementation of
javax.security.auth.callback.CallbackHandler is needed. A fully qualified class name of this implementation should be provided in Component Property Sheet (CPS).
Follow the below sections to understand how to create a Password Callback Class and to attach the resulting jar files to Web Service components and thereby used for UsernameToken security action as well as Encryption security action.
Create the Class file
Copy the below sample Java program and paste it in .java file and save it (save the password callback class with name 'PWCallback' as an example)
Compile the Class and archive
Compile the class and archive it into a JAR file (PWCallback.jar).
Use the implementation in WebService components
Implementation in WSStub
To use PWCallback implementation in WSStub, stop the Peer server on which WSStub is running and copy the JAR which contains Password Callback Class into the location:
Implementation in WedServiceConsumer
To use PWCallback implementation in WebserviceConsumer 4.0 component, add the JAR as resource by editing properties in the ServiceDescriptor.xml section in eStudio.