The provider relies on a CallbackHandler to obtain authentication information from the caller (a PIN, for example). If the caller passes a null handler to this method, the provider uses the handler set in the setCallbackHandler method. If no handler was set in that method, the provider queries the auth.login.defaultCallbackHandler security property for the fully qualified class name of a default handler implementation. If the security property is not set, the provider is assumed to have alternative means for obtaining authentication information.
@param subject the Subject which may containprincipals/credentials used for authentication, or may be populated with additional principals/credentials after successful authentication has completed. This parameter may be null.
@param handler the CallbackHandler used bythis provider to obtain authentication information from the caller, which may be null
@exception LoginException if the login operation fails
@exception SecurityException if the caller does not pass asecurity check for SecurityPermission("authProvider.name"), where name is the value returned by this provider's getName method
| |