- All Implemented Interfaces:
- CallbackHandler
public class SoapSTSConsumerCallbackHandler
extends Object
implements CallbackHandler
The CallbackHandler which supports all of the possible Callback types required by the SoapSTSConsumer. This CallbackHandler
is invoked by the CXF STS client encapsulated within the SoapSTSConsumer to provide password state required from
within the CXF STS client runtime.
The cases are as follow:
1. OpenAMSessionTokenCallback instances, in order to set the OpenAM session id necessary to consume sts instances
protected by an OpenAMSessionToken Assertion. Consumed by the OpenAMSessionTokenClientAssertionBuilder.
2. org.apache.ws.security.WSPasswordCallback instances, with DECRYPT and SIGNATURE usages, to set the KeyStore
password corresponding to the KeyStore alias necessary to decrypt and sign messages. Necessary for the asymmetric
binding, when messages from client to server must be signed by the client's private key, and where messages
from server to client are encrypted with the client's public key.
3. org.apache.ws.security.WSPasswordCallback instances, with USERNAME_TOKEN usage, to provide the password set in
the UsernameTokens created to consume soap-sts instances protected by SecurityPolicy bindings specifying
UsernameToken SupportingTokens. Will provide the password corresponding to the usernameTokenUsername parameter below.
Most soap-sts consumers will only use a subset of this functionality, but this CallbackHandler is provided as an
example of how to satisfy the various Callback scenarios.