I solved my own problem, I think. Instead of passwordCallbackClass, it's passwordCallbackRef (answer discovered here: http://ws.apache.org/wss4j/config.html)
On Oct 31, 2013, at 3:34 PM, Jennifer Ruttan <[email protected]> wrote: > Hi > > I have a web service client that translates a request (in JSON) from a client > into a SOAP message that is passed along to the actual web service. Because > of the way that this "translator" needs to be configured, there will be > multiple clients connecting to it and supplying their own UsernameToken > username/password combinations. > > The way that I configure the UsernameToken has been with: > Map<String, Object> ctx = ((BindingProvider)port).getRequestContext(); > ctx.put("ws-security.username", username); > ctx.put("ws-security.password", password); > > I'm not sure that the second line is necessary, because I still have to > provide a "passwordCallbackClass" entry in the Map<String, Object> that is > used as a parameter for the WSS4JOutInterceptor. The entry points to a class > that extends CallbackHandler and supplies the password for the given username. > > All of my configuration to this point has been done without Spring. What I > want to do is supply an INSTANCE to passwordCallbackClass (or its equivalent) > and not a String representing the name of the class. That way I can create a > unique PasswordHandler for each request that includes the password for the > given username. > > Or is my configuration incorrect from the beginning? > > Thanks > Jen > > >
