posted 17 years ago
It's not clear whether you are able to login or not. Generally the password is stored in internal LDAP. You can see the content of ldap in ldift files stored in your domain directory. Password is hashed and stored so you can't see the clear text however, under your domain\server directory you will find ldap directory which contains log and backup entries. You can try to figure out from the log whether the update has been carried out. It's not going to be easy to recover or fix expect to restore from the backup directory or creating a new admin user.
To understand how PasswordCallback is populated you need to look at your CallbackHandler implementation, instance of this calls is passed from LoginContext to LoginModule. LoginModule creates instance of PasswordCallback and NameCallback objects and passes as argument to CallbackHandler.handle(...). This method takes cares of populating the NameCallback and PasswordCallback and return those objects to LoginModule.