Validate the credential argument. It must contain a non-null UsernameToken. A
CallbackHandler implementation is also required to be set.
If the password type is either digest or plaintext, it extracts a password from the
CallbackHandler and then compares the passwords appropriately.
If the password is null it queries a hook to allow the user to validate UsernameTokens
of this type.