Password Callbacks
The v.7.0.0 release of the Edge Java SDK adds a more secure mechanism than the JDK's Security Claims username/password for authentication. Called password callbacks, this mechanism of the 7.0.x Edge Java SDK must be used to supply application keys, proxy passwords, and other secrets when connecting to the ThingWorx Platform. In the examples/steamsensor/src/main/java directory of the Edge Java SDK installation, there is a SamplePasswordCallback.java file that you can use as a starting point for implementing password callbacks in your application.
 |
The supplied example callback class, SamplePasswordCallback.java, is not directly suitable for production environments.
|
Here is the code from SamplePasswordCallback.java:
package com.thingworx.sdk.steam;
import com.thingworx.communications.client.IPasswordCallback;
/**
* Sample password callback to retrieve an app key from a specified environment variable.
*
* Provided for demonstration purposes only.
*
* Not suitable for production environments.
*
*/
public class SamplePasswordCallback implements IPasswordCallback {
private String appKey = null;
public SamplePasswordCallback(String appKey) {
this.appKey = appKey;
}
@Override
public char[] getSecret() {
return appKey.toCharArray();
}
}
Use the method, ClientConfigurator.setSecurityClaims() to configure a ClientConfigurator with the password callback. For example, the SteamSensor example accomplishes this via:
config.setSecurityClaims( new SamplePasswordCallback( cmd.getOptionValue("k") ) );