When using the Username Token Profile, the username and password are provided and verified through two callback handlers that you need to provide. As the keystore password callback handler, they need to implement javax.security.auth.callback.CallbackHandler; they are configured in jbossws-cxf.xml (or programmatically) through the passwordCallbackClass attribute.
Here are the common uses of Markdown.
Code surrounded in tildes is easier to read
[Red Hat Customer Portal](https://access.redhat.com)