/** * Verify a UsernameToken containing a password of some unknown (but specified) password * type. It does this by querying a CallbackHandler instance to obtain a password for the * given username, and then comparing it against the received password. * This method currently uses the same LOG.c as the verifyPlaintextPassword case, but it in * a separate protected method to allow users to override the validation of the custom * password type specific case. * @param usernameToken The UsernameToken instance to verify * @throws WSSecurityException on a failed authentication. */ protected void verifyCustomPassword(UsernameToken usernameToken, RequestData data) throws WSSecurityException { verifyPlaintextPassword(usernameToken, data); }
} else if (WSConstants.PASSWORD_TEXT.equals(pwType) || password != null && (pwType == null || "".equals(pwType.trim()))) { verifyPlaintextPassword(usernameToken, data); } else if (password != null) { if (!handleCustomPasswordTypes) {