@Override public void onLoginSuccess(Request request, Response response, Authentication authentication) { UserPrincipal user = authentication.getUser(); if(user instanceof UserDetails){ String rememberMe = request.getParameter(securityConfig.getRememberMeParameterName()); if(Converts.toBoolean(rememberMe, false)){ setRememberMeCookie(request,response,user.getLoginName(),((UserDetails) user).getPassword()); }else{ removeCookie(request, response); } } }
String signed = sign(username, user.getPassword(), expires); if(null == signed){ return null;
@Override public boolean authenticate(CredentialsAuthenticationContext context, Credentials credentials, Out<UserPrincipal> principal) throws AuthenticationException { if(credentials instanceof UsernamePasswordCredentials){ UsernamePasswordCredentials usernamePassword = (UsernamePasswordCredentials)credentials; UserDetails details = resolveUserDetails(context, usernamePassword.getUsername(), usernamePassword.getParameters()); if(null == details) { return true; } //Check password String rawPassword = Strings.nullToEmpty(usernamePassword.getPassword()); if(!sc.getPasswordEncoder().matches(rawPassword, details.getPassword())){ log.debug("Incorrect password of user '{}'",usernamePassword.getUsername()); context.validation().addError(UsernamePasswordCredentials.PASSWORD, INCORRECT_PASSWORD_MESSAGE_KEY,"Incorrect password"); }else{ principal.set(details); } return true; } return false; } }