Martin, It's coming to me slow ( but steady ) -
The idea of the password callback is to abstract the means for loading the password into msg. Because passwords might be stored in many different modes of hashing and encryption, the handler needs the extra layer of abstraction. ( Is this the idea ? ) For my simple test cases, I'm loading the password into property. It is good to hear from someone that this is "ok" way to go w/ Axis. Thanks for the reply... Shawn --- Martin Stemplinger <[EMAIL PROTECTED]> wrote: > Shawn McKinney schrieb am 04/28/2005 04:16 PM: > But, in a B2B scenario there is no user > interaction > > (obviously). So - how am I suppose to plug > passwords > > into the callback? I can't query LDAP for the > > password. I don't want to stick then in a file. > I > > need a way to plug the password into my handler in > a > > parameterized fashion. > > As I understand it the PWCallback ic called to find > the password for the > username provided. It is up to you how you implement > this. You could > fill a file, a database table or provide it as a > property on the command > line. I'd recommend a LDAP dircetory if you need to > deal with a large > number of users or a properties file for a small > user base. Beware that > you need to have access to the plaintext password > even if you use > PasswordDigest! So you may want to encrypt it. > > Does this help? > > Cheers > Martin >
