The PasswordValidationCallback is very light on details.
Add to the javadoc some more info on what it does, for example using a hypothetical implementation:
protected void processPasswordValidation(PasswordValidationCallback pwdCallback) {
// 1. Validate the credentials
Caller caller = ContainerSpecificStore.validate(pwdCallback.getUsername(), getPassword(pwdCallback));
if (caller != null) {
// 2a. If validated set caller principal, just like CallerPrincipalCallback does
processCallerPrincipal(new CallerPrincipalCallback(pwdCallback.getSubject(), caller.getCallerPrincipal()));
if (!caller.getGroups().isEmpty()) {
// 2b. If validated and groups available set groups, just like GroupPrincipalCallback does
processGroupPrincipal(new GroupPrincipalCallback(pwdCallback.getSubject(), caller.getGroupsAsArray()));
}
pwdCallback.setResult(true);
}
}
The
PasswordValidationCallbackis very light on details.Add to the javadoc some more info on what it does, for example using a hypothetical implementation: