SwitchYard's AuthorizationHeaderCredentialsExtractor can extract both Name and Password from an HTTP Basic Authorization header, creating a NameCredential and PasswordCredential to be made available later on to the NamePasswordCallbackHandler, and thus JAAS.

However, when it comes to HTTP Digest Authorization, only a NameCredential is created. Further works needs to be done to complete the handling of the digest directives per RFC2617.