When using Custom Password Lookup, the CallbackHandler is invoked twice.

When using Custom Password Lookup, the CallbackHandler is invoked twice.

book

Article ID: KB0088392

calendar_today

Updated On:

Products Versions
TIBCO ActiveMatrix BusinessWorks -
Not Applicable -

Description

Resolution:
Description:

========


When printing a message, each time the handle (Callback[]) method is invoked, the CallbackHandler is invoked twice for each authentication call.

****************
Code fragment:
public class AutheticationCallbackHandler implements CallbackHandler {
      
    public void handle(Callback[] callbacks) throws IOException,
            UnsupportedCallbackException {
        System.out.println("Handler get invoked");
        for (int i = 0; i < callbacks.length; i++) {
                  WSPasswordCallback pw = (WSPasswordCallback) callbacks[i];    
                  System.out.println("User ==>" + pw. getIdentifer());
                  System.out.println("Password ==>" + pw.getPassword());
            //body
}
         }
     }

Console Output:
Handler get invoked
Password ==><password value>
User ==><user value>
Handler get invoked
User ==><user value>
Password ==>NULL
****************


Environment:
=========
TIBCO ActiveMatrix BusinessWorks: All

Cause:
=====
The first invoking is called by WSS4J, which is expected and both Identifier and Password can be retrieved.

Normally, web service authentication will fail only when an exception is thrown while executing handle (Callback[]) and does not need the real password from the target resource, such as the password file or LDAP. However, BW restricts this and requires the CallbackHandler implementation to use the WSPasswordCallback.getIdentifyer() method to obtain the username and then lookup the password for that username from a target resource. Once obtained, the password should be set back to the Callback object using the WSPasswordCallback.setPassword() method to validate the input password. The above procedure is accomplished through the second invoking. That the Callback will return a null password is because the user has to set the acquired password to it.

References:
========
TIBCO ActiveMatrix BusinessWorks// Process Design Guide// Invoking and Implementing Web Services// Using Web Services Security Policies// Custom Password Lookup

Issue/Introduction

When using Custom Password Lookup, the CallbackHandler is invoked twice.
Powered by Wolken Software