Originally posted by shreehari Gopalakrishnan:
whether we are passing the username and password to call back handler or call back handler retrives that from the application ?
IMO,
You can do it wither way.Sometimes you can get the user name and password interactively (active mode) while at other times you cant (say for eg in a web application). This is passive mode. In that case you can pass the username and password (by extracting it from the request object/whatever) while creating the LoginContext , the way you have in the code.
But say u have a command line interface to your application, then you might as well prompt for the user name and password in callbackHandler.handle(Callback[] callbacks) method. In this case you dont pass the user name, password to the callbackhandler when instatiating LoginContext, instead you request for that from the user in the handle() callback method.
HTH