is responsible for communication between the end-user of an
application and the
javax.security.auth.spi.LoginModule that is
performing authentication of that user on behalf of the
instantiated by the application. When an application needs to
authenticate a user, it creates a
CallbackHandler object for that
context. The underlying
LoginModule uses the
CallbackHandler to communicate with the end
user—for example prompting them to enter a name and password.
LoginModule passes an array of objects that
Callback interface to the
method must determine the type of
and display the information and/or prompt for the input it
Callback classes have
different purposes and must be handled differently.
PasswordCallback are two of the most commonly
used: they represent requests for the user’s name
TextOutputCallback is also common:
it represents a request to display a message (such as
“Authentication Failed”) to the
user. See the descriptions of the individual
Callback classes for information on how a
CallbackHandler should handle them.
CallbackHandler implementations are not required
to support every type of Callback and my throw an
UnsupportedCallbackException if passed a
Callback object of a type they do not recognize or
do not support.