in redback-authentication/redback-authentication-providers/redback-authentication-users/src/main/java/org/apache/archiva/redback/authentication/users/UserManagerAuthenticator.java [87:180]
public AuthenticationResult authenticate( AuthenticationDataSource ds )
throws AuthenticationException, AccountLockedException, MustChangePasswordException
{
boolean authenticationSuccess = false;
String username = null;
Exception resultException = null;
PasswordBasedAuthenticationDataSource source = (PasswordBasedAuthenticationDataSource) ds;
List<AuthenticationFailureCause> authenticationFailureCauses = new ArrayList<AuthenticationFailureCause>();
try
{
log.debug( "Authenticate: {}", source );
User user = userManager.findUser( source.getUsername() );
username = user.getUsername();
if ( user.isLocked() )
{
throw new AccountLockedException( "Account " + source.getUsername() + " is locked.", user );
}
if ( user.isPasswordChangeRequired() && source.isEnforcePasswordChange() )
{
throw new MustChangePasswordException( "Password expired.", user );
}
PasswordEncoder encoder = securityPolicy.getPasswordEncoder();
log.debug( "PasswordEncoder: {}", encoder.getClass().getName() );
boolean isPasswordValid = encoder.isPasswordValid( user.getEncodedPassword(), source.getPassword() );
if ( isPasswordValid )
{
log.debug( "User {} provided a valid password", source.getUsername() );
try
{
securityPolicy.extensionPasswordExpiration( user );
}
catch ( MustChangePasswordException e )
{
user.setPasswordChangeRequired( true );
throw e;
}
authenticationSuccess = true;
//REDBACK-151 do not make unnessesary updates to the user object
if ( user.getCountFailedLoginAttempts() > 0 )
{
user.setCountFailedLoginAttempts( 0 );
userManager.updateUser( user );
}
return new AuthenticationResult( true, source.getUsername(), null );
}
else
{
log.warn( "Password is Invalid for user {}.", source.getUsername() );
authenticationFailureCauses.add(
new AuthenticationFailureCause( AuthenticationConstants.AUTHN_NO_SUCH_USER,
"Password is Invalid for user " + source.getUsername() + "." ) );
try
{
securityPolicy.extensionExcessiveLoginAttempts( user );
}
finally
{
userManager.updateUser( user );
}
return new AuthenticationResult( false, source.getUsername(), null, authenticationFailureCauses );
}
}
catch ( UserNotFoundException e )
{
log.warn( "Login for user {} failed. user not found.", source.getUsername() );
resultException = e;
authenticationFailureCauses.add( new AuthenticationFailureCause( AuthenticationConstants.AUTHN_NO_SUCH_USER,
"Login for user " + source.getUsername()
+ " failed. user not found." ) );
}
catch ( UserManagerException e )
{
log.warn( "Login for user {} failed, message: {}", source.getUsername(), e.getMessage() );
resultException = e;
authenticationFailureCauses.add(
new AuthenticationFailureCause( AuthenticationConstants.AUTHN_RUNTIME_EXCEPTION,
"Login for user " + source.getUsername() + " failed, message: "
+ e.getMessage() ) );
}
return new AuthenticationResult( authenticationSuccess, username, resultException,
authenticationFailureCauses );
}