UserDetailsAuthenticationProviderImpl.java 文件源码

java
阅读 27 收藏 0 点赞 0 评论 0
项目:spring-backend-boilerplate 作者: 
/**
 * Implementation of an abstract method defined in the base class. The
 * additionalAuthenticationChecks() method is called by authenticate()
 * method of the base class after the invocation of retrieveUser() method.
 */
@Override
protected void additionalAuthenticationChecks(UserDetails userDetails,
                                              UsernamePasswordAuthenticationToken authentication)
        throws AuthenticationException {
    if (authentication.getCredentials() == null) {
        logger.warn("Authentication failed: no credentials provided");
        throw new BadCredentialsException(messages.getMessage(
                "AbstractUserDetailsAuthenticationProvider.badCredentials",
                "Bad credentials"), null);
    }

    String presentedPassword = authentication.getCredentials().toString();

    if (!passwordEncoder.matches(presentedPassword, userDetails.getPassword())) {
        logger.warn("Authentication failed: password does not match stored value");
        throw new BadCredentialsException(messages.getMessage("UserDetailsAuthenticationProviderImpl.badCredentials",
                                                              "Bad credentials"), null);
    }
}
您未登录,请先登录后再评论
评论列表
文章目录


问题


面经


文章

微信
公众号

扫码关注公众号