Technically, I guess you're limited to not just any exception but specifically a IOException or a UnsupportedCallbackException subclass, as those are the only two types of exceptions declared throwable by the handle() method: http://java.sun.com/j2se/1.4.2/docs/api/javax/security/auth/callback/CallbackHandler.html
But this raises another question, how can the SEI implementation catch the WSSecurityException that WSS4J throws in this case? My SEI implementation is oblivious to the fact that WS-Security is being used (that information is configured in the cxf-servlet.xml): package com.mycompany.webservice.service; import javax.jws.WebService; @WebService(targetNamespace = "http://www.example.org/DoubleIt";, portName="DoubleItPort", serviceName="DoubleItService", endpointInterface="org.example.doubleit.DoubleItPortType") public class DoubleItPortTypeImpl { public int doubleIt(int numberToDouble) { return numberToDouble * 2; } } Otherwise, if it is not intended for the SEI implementation to handle the WSSecurityException being thrown, what does handle it? Thanks, Glen dkulp wrote: > > > It's basically "any SecurityException you have" or, literally, anything > that > subclasses Exception. If you have your own exception, throw it. > Whatever > you throw will be caught and wrapped in a WSSecurityException and > rethrown. > > Dan > > > On Mon March 23 2009 5:07:30 pm Glen Mazza wrote: >> Hello, this page[1], within one of the ServerPasswordCallbacks, uses a >> class called "SecurityException" -- what Java package is >> SecurityException >> in? >> >> Thanks, >> Glen >> >> [1] >> http://cwiki.apache.org/CXF20DOC/ws-security.html#WS-Security-UsernameToken >>Authentication > > -- > Daniel Kulp > [email protected] > http://www.dankulp.com/blog > > -- View this message in context: http://www.nabble.com/Package-for-SecurityException--tp22669188p22678226.html Sent from the cxf-user mailing list archive at Nabble.com.
