final SpringSecurityUser onmsUser; try { configUser = handler.userConfig().getUser(user); onmsUser = handler.springSecurityUserDao().getByUsername(user); } catch (final Exception e) { if (!handler.userConfig().comparePasswords(user, password)) { final String msg = "Login failed: passwords did not match."; LOG.debug(msg);