/** * 认证回调函数,登录时调用. */ @Override protected AuthenticationInfo doGetAuthenticationInfo( AuthenticationToken authcToken) throws AuthenticationException { UsernamePassword2Token token = (UsernamePassword2Token) authcToken; String username = token.getUsername(); if (username == null || null == username) { throw new AccountException( "Null usernames are not allowed by this realm."); } User entity = new User(); entity.setEmail(username); entity.setStatus(Constant.STATUS_ENABLED); entity = (User) service.iUserService.select(entity); if (null == entity) { throw new UnknownAccountException("No account found for user [" + username + "]"); } byte[] key = Encode.decodeHex(entity.getRandom()); return new SimpleAuthenticationInfo(new Shiro(entity.getId(), entity.getEmail(), entity.getName()), entity.getPassword(), ByteSource.Util.bytes(key), getName()); }
/** * 授权查询回调函数, 进行鉴权但缓存中无用户的授权信息时调用. */ @Override protected AuthorizationInfo doGetAuthorizationInfo( PrincipalCollection principalCollection) { if (principalCollection == null) { throw new AuthorizationException("Principal is not null!"); } Shiro shiro = (Shiro) principalCollection.getPrimaryPrincipal(); User entity = new User(); entity.setId(shiro.getId()); entity = (User) service.iUserService.select(entity); if (null == entity) { throw new UnknownAccountException("No account found for user [" + shiro.getId() + "]"); } SimpleAuthorizationInfo info = new SimpleAuthorizationInfo(); return info; }
@RequestMapping(value = "/login", method = { RequestMethod.POST}) public String dashboard(ModelMap map, Admin admin) { String error = null; UsernamePasswordToken token = new UsernamePasswordToken(admin.getUsername(), admin.getPassword()); token.setRememberMe(false); try { SecurityUtils.getSubject().login(token); return "redirect:/video/all"; } catch (UnknownAccountException uae) { error = "用户名错误!"; } catch (IncorrectCredentialsException ice) { error = "密码错误!"; } catch (LockedAccountException lae) { error = "用户被锁定!"; } map.addAttribute("error", error); return "login.ftl"; }
/** * 用户认证-验证用户是否登录、用户名密码是否匹配 */ protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException { logger.info(">>> 【用户认证】token = {}", token); String userName = (String)token.getPrincipal(); AdminUser user = getPrincipalService().getPrincipalObject(userName); if(user == null) { throw new UnknownAccountException("Unknown account: " + userName);//没找到帐号 } if(AdminUserStatusEnum.ADMIN_USER_STATUS_DISABLED.getStatusCode().equals(user.getStatus())) { throw new LockedAccountException("Account[" + userName + "] has been locked!"); //帐号锁定 } //交给AuthenticatingRealm使用CredentialsMatcher进行密码匹配 SimpleAuthenticationInfo authenticationInfo = new SimpleAuthenticationInfo( user.getUserName(), //用户名 user.getPassword(), //密码 ByteSource.Util.bytes(user.getPasswordSalt()),//salt getName() //realm name ); return authenticationInfo; }
@RequestMapping(value = "/login") public String showLoginForm(HttpServletRequest req, Model model) { if(req.getMethod().equalsIgnoreCase("get")){ return "login"; } String exceptionClassName = (String)req.getAttribute("shiroLoginFailure"); String error = null; if(UnknownAccountException.class.getName().equals(exceptionClassName)) { error = "用户名/密码错误"; } else if(IncorrectCredentialsException.class.getName().equals(exceptionClassName)) { error = "用户名/密码错误"; } else if(exceptionClassName != null) { error = "其他错误:" + exceptionClassName; } if(error!=null){ model.addAttribute("shiroLoginFailure", error); return "login"; } return "redirect:/main"; }
public boolean tryLogin(String email, String password, Boolean rememberMe) { org.apache.shiro.subject.Subject currentUser = SecurityUtils.getSubject(); UsernamePasswordToken token = new UsernamePasswordToken(email, password); token.setRememberMe(rememberMe); try { currentUser.login(token); System.out.println("User [" + currentUser.getPrincipal().toString() + "] logged in successfully."); // save username in the session currentUser.getSession().setAttribute("username", email); return true; } catch (UnknownAccountException uae) { System.out.println("There is no user with username of " + token.getPrincipal()); } catch (IncorrectCredentialsException ice) { System.out.println("Password for account " + token.getPrincipal() + " was incorrect!"); } catch (LockedAccountException lae) { System.out.println("The account for username " + token.getPrincipal() + " is locked. " + "Please contact your administrator to unlock it."); } return false; }
@RequestMapping("/login") public String login(HttpServletRequest request) throws Exception{ String exceptionClassName = (String) request.getAttribute("shiroLoginFailure"); //根据shiro返回的异常类路径判断,抛出指定异常信息 if(exceptionClassName!=null){ if (UnknownAccountException.class.getName().equals(exceptionClassName)) { //最终会抛给异常处理器 throw new UnknownAccountException("账号不存在"); } else if (IncorrectCredentialsException.class.getName().equals( exceptionClassName)) { throw new IncorrectCredentialsException("用户名/密码错误"); }else { throw new Exception();//最终在异常处理器生成未知错误 } } return "login"; }
/** * 登录失败调用事件 */ @Override protected boolean onLoginFailure(AuthenticationToken token, AuthenticationException e, ServletRequest request, ServletResponse response) { String className = e.getClass().getName(), message = ""; if (IncorrectCredentialsException.class.getName().equals(className) || UnknownAccountException.class.getName().equals(className)){ message = "用户或密码错误, 请重试."; } else if (e.getMessage() != null && StringUtils.startsWith(e.getMessage(), "msg:")){ message = StringUtils.replace(e.getMessage(), "msg:", ""); } else{ message = "系统出现点问题,请稍后再试!"; e.printStackTrace(); // 输出到控制台 } request.setAttribute(getFailureKeyAttribute(), className); request.setAttribute(getMessageParam(), message); return true; }
@RequestMapping(value = "/signin", method = { RequestMethod.POST}) public String signin(ModelMap map, User user, HttpServletRequest request) { String error; UsernamePasswordToken token = new UsernamePasswordToken(user.getUsername(), user.getPasswd()); token.setRememberMe(null != request.getParameter("rememberme") ? true : false); try { Subject subject = SecurityUtils.getSubject(); subject.login(token); subject.getSession().setAttribute("curUser", userService.findByUsername((String) subject.getPrincipal())); return "redirect:/dashboard/console"; } catch (UnknownAccountException uae) { error = "用户名错误!"; } catch (IncorrectCredentialsException ice) { error = "密码错误!"; } catch (LockedAccountException lae) { error = "用户被锁定!"; } map.addAttribute("error", error); return "signin"; }
@RequestMapping(value = "/changepwd", method = { RequestMethod.POST}) public String changepwd(ModelMap map, User user, @RequestParam(value = "passwdnew", required = true) String passwdnew) { //验证当前账号 UsernamePasswordToken token = new UsernamePasswordToken(user.getUsername(), user.getPasswd()); token.setRememberMe(false); try { SecurityUtils.getSubject().login(token); //验证通过更新用户密码 user.setId(getCurrentUser().getId()); user.setPasswd(passwdnew); passwordHelper.encryptPassword(user); userService.updateById(user); return "redirect:/dashboard/console"; } catch (UnknownAccountException | IncorrectCredentialsException | LockedAccountException e) { map.addAttribute("exception", e.getMessage()); return "common/error"; } }
/** * 登录失败调用事件 */ @Override protected boolean onLoginFailure(AuthenticationToken token, AuthenticationException e, ServletRequest request, ServletResponse response) { String className = e.getClass().getName(), message = ""; if (IncorrectCredentialsException.class.getName().equals(className) || UnknownAccountException.class.getName().equals(className)) { message = "用户或密码错误, 请重试."; } else if (e.getMessage() != null && StringUtils.startsWith(e.getMessage(), "msg:")) { message = StringUtils.replace(e.getMessage(), "msg:", ""); } else { message = "系统出现点问题,请稍后再试!"; e.printStackTrace(); // 输出到控制台 } request.setAttribute(getFailureKeyAttribute(), className); request.setAttribute(getMessageParam(), message); return true; }
/** * 执行登录请求 * * @param username * @param request * @return */ private String login(String username, String accessToken, HttpServletRequest request) { String ret = getView(Views.LOGIN); if (StringUtils.isNotBlank(username)) { AuthenticationToken token = createToken(username, accessToken); try { SecurityUtils.getSubject().login(token); ret = Views.REDIRECT_HOME; } catch (AuthenticationException e) { logger.error(e); if (e instanceof UnknownAccountException) { throw new MtonsException("用户不存在"); } else if (e instanceof LockedAccountException) { throw new MtonsException("用户被禁用"); } else { throw new MtonsException("用户认证失败"); } } return ret; } throw new MtonsException("登录失败!"); }
@Override protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException { String phoneNumber = (String)token.getPrincipal(); if(StringUtils.trimToNull(phoneNumber) == null){ throw new IncorrectCredentialsException();//账号或密码错误 } CdMember query = new CdMember(); query.setPhoneNumber(phoneNumber); CdMember member = memberService.findMember(query); if(member == null) { throw new UnknownAccountException();//没找到帐号 } SimpleAuthenticationInfo authenticationInfo = new SimpleAuthenticationInfo( phoneNumber, //用户名 member.getPassword(), //密码 ByteSource.Util.bytes(AppConstants.PC_PASSWORD_SALT),//salt=phoneNumber getName() //realm name ); return authenticationInfo; }
@Override protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException { String username = (String)token.getPrincipal(); SysUsers user = userService.findByUsername(username); if(user == null) { throw new UnknownAccountException();//没找到帐号 } if(Boolean.TRUE.equals(user.getLocked())) { throw new LockedAccountException(); //帐号锁定 } //交给AuthenticatingRealm使用CredentialsMatcher进行密码匹配,如果觉得人家的不好可以自定义实现 SimpleAuthenticationInfo authenticationInfo = new SimpleAuthenticationInfo( username, //用户名 user.getPassword(), //密码 ByteSource.Util.bytes(user.getSalt()),//salt=salt getName() //realm name ); return authenticationInfo; }
@RequestMapping(value = "/member/login", method = RequestMethod.POST) public ResponseEntity login(HttpServletRequest request, Model model){ Map<String, Object> result = new HashMap<>(); if(SecurityUtils.getSubject().isAuthenticated()){ String username = (String) SecurityUtils.getSubject().getPrincipal(); result.put("status", 200); result.put("username", username); return new ResponseEntity(result, HttpStatus.OK); } String exceptionClassName = (String) request.getAttribute(FormAuthenticationFilterExt.DEFAULT_ERROR_KEY_ATTRIBUTE_NAME); String error = null; RestError restError = new RestError(); restError.setTimestamp(new Date()); if(DisabledAccountException.class.getName().equals(exceptionClassName)){ restError.setMessage("该账号已被锁定,请联系客服。"); }else if(UnknownAccountException.class.getName().equals(exceptionClassName)) { restError.setMessage("用户名不存在"); } else if(IncorrectCredentialsException.class.getName().equals(exceptionClassName)) { restError.setMessage("用户名或密码错误"); } else if(exceptionClassName != null) { restError.setMessage( "登录失败:" + exceptionClassName); } restError.setStatus(401); return new ResponseEntity(restError, HttpStatus.UNAUTHORIZED); }
@RequestMapping(value = "/login") public String login(HttpServletRequest request, Model model){ if(SecurityUtils.getSubject().isAuthenticated()){ return "redirect:/"; } String exceptionClassName = (String)request.getAttribute("shiroLoginFailure"); String error = null; if(UnknownAccountException.class.getName().equals(exceptionClassName)) { error = "用户名/密码错误"; } else if(IncorrectCredentialsException.class.getName().equals(exceptionClassName)) { error = "用户名/密码错误"; } else if(exceptionClassName != null) { error = "其他错误:" + exceptionClassName; } model.addAttribute("error", error); return "login"; }
@Override protected AuthenticationInfo doGetAuthenticationInfo( final AuthenticationToken token) throws AuthenticationException { final UsernamePasswordToken credentials = (UsernamePasswordToken) token; final String userName = credentials.getUsername(); if (userName == null) { throw new UnknownAccountException("userName not provided"); } Account account = accountRepository.findByLoginName(userName); if (account == null) { throw new UnknownAccountException("Account does not exist"); } return new SimpleAuthenticationInfo(userName, account.getPassword().toCharArray(), ByteSource.Util.bytes(userName), getName()); }
@Override protected AuthorizationInfo doGetAuthorizationInfo( final PrincipalCollection principals) { // retrieve role names and permission names final String userName = (String) principals.getPrimaryPrincipal(); final Account account = accountRepository.findByLoginName(userName); if (account == null) { throw new UnknownAccountException("Account does not exist"); } //先保存岗位数量 final int totalRoles = account.getEmployees().size(); final Set<String> roleNames = new LinkedHashSet<>(totalRoles); final Set<String> permissionNames = new LinkedHashSet<>(); final SimpleAuthorizationInfo info = new SimpleAuthorizationInfo(); // info.setStringPermissions(permissionNames); return info; }
@Override protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException { if (token instanceof UsernamePasswordToken) { String username = ((UsernamePasswordToken) token).getUsername(); char[] password = ((UsernamePasswordToken) token).getPassword(); if (Strings.isNullOrEmpty(username) || password == null) { return null; } User user = userRepository.findByUsername(username); if (user == null) { throw new UnknownAccountException(); } return new SimpleAuthenticationInfo(new Principal(user.getId(), username), user.getPassword(), new SimpleByteSource(user.getUsername()), getName()); } return null; }
@Override protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException { log.debug("username[{}]doGetAuthenticationInfo", token.getPrincipal()); String username = (String)token.getPrincipal(); ShiroUser user = memberService.findUserModelByAccNo(username); if(user == null) { throw new UnknownAccountException(); } //交给AuthenticatingRealm使用CredentialsMatcher进行密码匹配 SimpleAuthenticationInfo authenticationInfo = new SimpleAuthenticationInfo( user.getAccNo(), user.getPassword(), ByteSource.Util.bytes(""),//加盐 getName() //realm name ); return authenticationInfo; }
@RequestMapping(value = "/login", method = RequestMethod.POST) @ResponseBody public Result<User> login(String username, String password) throws IOException { // response.setHeader("resetCookie", "true"); if (TextUtil.isEmpty(username) || TextUtil.isEmpty(password)) { return new Result<User>(false, "用户名或密码为空", null); } Result<User> result; try { User returnUser = accountService.login(username, password); if (returnUser != null) { // response.setHeader("resetCookie", "true"); result = new Result<User>(true, null, returnUser); } else { result = new Result<User>(false, "登录失败.", null); } } catch (IncorrectCredentialsException e) { result = new Result<User>(false, "帐号密码错误", null); } catch (UnknownAccountException e1) { result = new Result<User>(false, "帐号密码错误", null); } return result; }
protected RouteBuilder createRouteBuilder() throws Exception { final ShiroSecurityPolicy securityPolicy = new ShiroSecurityPolicy("./src/test/resources/securityconfig.ini", passPhrase, false); return new RouteBuilder() { @SuppressWarnings("unchecked") public void configure() { onException(UnknownAccountException.class, IncorrectCredentialsException.class, LockedAccountException.class, AuthenticationException.class). to("mock:authenticationException"); from("direct:secureEndpoint"). policy(securityPolicy). to("log:incoming payload"). to("mock:success"); } }; }
protected RouteBuilder createRouteBuilder() throws Exception { final ShiroSecurityPolicy securityPolicy = new ShiroSecurityPolicy("src/test/resources/securityconfig.ini", passPhrase); securityPolicy.setBase64(true); return new RouteBuilder() { @SuppressWarnings("unchecked") public void configure() { onException(UnknownAccountException.class, IncorrectCredentialsException.class, LockedAccountException.class, AuthenticationException.class). to("mock:authenticationException"); from("direct:secureEndpoint"). policy(securityPolicy). to("log:incoming payload"). to("mock:success"); } }; }
protected RouteBuilder createRouteBuilder() throws Exception { final ShiroSecurityPolicy securityPolicy = new ShiroSecurityPolicy("src/test/resources/securityconfig.ini", passPhrase); return new RouteBuilder() { @SuppressWarnings("unchecked") public void configure() { onException(UnknownAccountException.class, IncorrectCredentialsException.class, LockedAccountException.class, AuthenticationException.class). to("mock:authenticationException"); from("direct:secureEndpoint"). policy(securityPolicy). to("log:incoming payload"). to("mock:success"); } }; }
@Override protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException { UsernamePasswordToken upToken = (UsernamePasswordToken) token; String password = new String(upToken.getPassword()); String userId = upToken.getUsername(); // username == password try { if (userId.endsWith(password) && userManager.getUser(userId) != null) { return new SimpleAuthenticationInfo(new SimplePrincipalCollection(token.getPrincipal(), this.getName()), userId); } else { throw new IncorrectCredentialsException("User [" + userId + "] bad credentials."); } } catch (UserNotFoundException e) { throw new UnknownAccountException("User [" + userId + "] not found."); } }
protected void setFailureAttribute(ServletRequest request, AuthenticationException ae) { String errorMessage = null; if (ae instanceof IncorrectCredentialsException) { errorMessage = "密码错误,输入错误超过当日限制,将锁定账户"; // 登录失败日志记录 logLoginStatus(request, LoginType.登录失败); } else if (ae instanceof ValidateCodeException) { errorMessage = "验证码错误"; } else if (ae instanceof UnValidationAccountException) { errorMessage = "账号未被验证"; } else if (ae instanceof LockedAccountException) { errorMessage = "密码输入错误超过当日限制,请明天再试"; } else if (ae instanceof DisabledAccountException) { errorMessage = "账号被管理员锁定"; } else if (ae instanceof UnknownAccountException) { errorMessage = "账号不存在"; } else { errorMessage = "未知错误"; log.fatal("登录错误-未知错误,请管理员检查", ae); } request.setAttribute(getFailureKeyAttribute(), errorMessage); }
@Override protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException { String username = (String) token.getPrincipal(); User user = userService.findByName(username); if (user == null) { throw new UnknownAccountException();// 没找到帐号 } if (Boolean.TRUE.equals(user.getLocked())) { throw new LockedAccountException(); // 帐号锁定 } // 交给AuthenticatingRealm使用CredentialsMatcher进行密码匹配,如果觉得不好可以自定义实现 SimpleAuthenticationInfo authenticationInfo = new SimpleAuthenticationInfo(user, user.getPassword(), // 密码 ByteSource.Util.bytes(user.getSalt()),// salt getName() // realm name ); return authenticationInfo; }
protected AuthenticationInfo doGetAuthenticationInfo(final AuthenticationToken token) throws AuthenticationException { Object _principal = token.getPrincipal(); final String username = ((String) _principal); final Operator operator = commonRepository.findOne("t_operator", "username", username, new OperatorRowMapper()); boolean _equals = Objects.equal(operator, null); if (_equals) { throw new UnknownAccountException(); } Boolean _enable = operator.getEnable(); boolean _equals_1 = Boolean.FALSE.equals(_enable); if (_equals_1) { throw new LockedAccountException(); } String _username = operator.getUsername(); String _password = operator.getPassword(); byte[] _bytes = "I\'m a salt".getBytes(); ByteSource _bytes_1 = ByteSource.Util.bytes(_bytes); String _name = this.getName(); final SimpleAuthenticationInfo authenticationInfo = new SimpleAuthenticationInfo(_username, _password, _bytes_1, _name); return authenticationInfo; }
public AuthorizationInfo getAuthorizationInfo(final String login) { final SimpleAuthorizationInfo info = new SimpleAuthorizationInfo(); final UserEntity userEntity = userRepository.findByLogin(login); if(userEntity == null) { throw new UnknownAccountException("Account does not exist"); } final Set<String> permissionNames = new LinkedHashSet<>(); final Set<PermissionEntity> permissions = this.getUserPermissions(userEntity); for (PermissionEntity permission : permissions) { permissionNames.add(permission.getValue()); } info.setStringPermissions(permissionNames); return info; }
@Override protected AuthenticationInfo doGetAuthenticationInfo( final AuthenticationToken token) throws AuthenticationException { final UsernamePasswordToken credentials = (UsernamePasswordToken) token; final String email = credentials.getUsername(); if (email == null) { throw new UnknownAccountException("Email not provided"); } final User user = userRepository.findByEmailAndActive(email, true); if (user == null) { throw new UnknownAccountException("Account does not exist"); } return new SimpleAuthenticationInfo(email, user.getPassword().toCharArray(), ByteSource.Util.bytes(email), getName()); }
@Override protected AuthorizationInfo doGetAuthorizationInfo( final PrincipalCollection principals) { // retrieve role names and permission names final String email = (String) principals.getPrimaryPrincipal(); final User user = userRepository.findByEmailAndActive(email, true); if (user == null) { throw new UnknownAccountException("Account does not exist"); } final int totalRoles = user.getRoles().size(); final Set<String> roleNames = new LinkedHashSet<>(totalRoles); final Set<String> permissionNames = new LinkedHashSet<>(); if (totalRoles > 0) { for (Role role : user.getRoles()) { roleNames.add(role.getName()); for (Permission permission : role.getPermissions()) { permissionNames.add(permission.getName()); } } } final SimpleAuthorizationInfo info = new SimpleAuthorizationInfo(roleNames); info.setStringPermissions(permissionNames); return info; }
@Override protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException { String username = token.getPrincipal().toString(); User user = this.jpaRealmRepository.findUserByName(username); if (null == user) { log.error("没有相关用户!"); throw new UnknownAccountException(); } String principal = username; String hashedCredentials = user.getPasswordHash(); ByteSource credentialsSalt = ByteSource.Util.bytes(user.getName() + new String(user.getPasswordSalt())); String realmName = getName(); SimpleAuthenticationInfo authentication = new SimpleAuthenticationInfo(principal, hashedCredentials, credentialsSalt, realmName); return authentication; }
@Override protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException { UsernamePasswordToken upToken = (UsernamePasswordToken) token; String username = upToken.getUsername(); // Null username is invalid if(username == null) { throw new AccountException("Null usernames are not allowed by this realm."); } User user = userService.findActiveUser(username); if(user == null) user = userService.findActiveUserByEmail(username); if(user == null || !user.isEnabled() || !user.getRealm().equals(AGATE_REALM)) throw new UnknownAccountException("No account found for user [" + username + "]"); username = user.getName(); UserCredentials userCredentials = userService.findUserCredentials(username); if(userCredentials == null) throw new UnknownAccountException("No account found for user [" + username + "]"); SimpleAuthenticationInfo authInfo = new SimpleAuthenticationInfo(username, userCredentials.getPassword(), getName()); authInfo.setCredentialsSalt(new SimpleByteSource(salt)); return authInfo; }
@Override protected AuthenticationInfo doGetAuthenticationInfo(final AuthenticationToken token) throws AuthenticationException { final String account = (String)token.getPrincipal(); final User user = this.membershipFacade.getUser(account); if (user == null) { throw new UnknownAccountException(); } if (user.getStatus() == 0) { throw new LockedAccountException(); } // 交给AuthenticatingRealm使用CredentialsMatcher进行密码匹配 return new SimpleAuthenticationInfo( user.getAccount(), user.getPassword(), ByteSource.Util.bytes(user.getCredentialsSalt()), getName()); }
@GET @Path("/currentsubject") @Produces(MediaType.APPLICATION_JSON) public SubjectDTO currentSubject() { try { String userIdentifier = authenticationUtil().getUserId(); // Lookup user Identity identity = identityService().findByUserId(userIdentifier); assertUserFound(identity); return createSubject(identity); } catch (UserNotLoggedInException | UnknownAccountException e) { reportCurrentSubjectNotAuthenticated(e); throw new UserNotAuthenticated(); } }
@Override protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException { try { String userName = (String) token.getPrincipal(); User user = userService.getUserByUserName(userName); if (null == user) { throw new UnknownAccountException(); } if(MixConstants.USER_STATUS_LOCKED.equals(user.getUserStatus())) { throw new LockedAccountException(); } return new SimpleAuthenticationInfo(user.getUserName(), user.getPassword(), ByteSource.Util.bytes(user.getCredentialsSalt()), getName()); } catch (Exception e) { throw null; } }
