throw new LoginException("Username can not be null");
}
user = ((NameCallback) callbacks[0]).getName();
if (user.startsWith(PropertiesBackingEngine.GROUP_PREFIX)) {
// you can't log in under a group name
throw new FailedLoginException("login failed");
}
// password callback get value
if (((PasswordCallback) callbacks[1]).getPassword() == null) {
throw new LoginException("Password can not be null");
}
String password = new String(((PasswordCallback) callbacks[1]).getPassword());
// user infos container read from the users properties file
String userInfos = null;
try {
userInfos = (String) users.get(user);
} catch (NullPointerException e) {
//error handled in the next statement
}
if (userInfos == null) {
if (!this.detailedLoginExcepion) {
throw new FailedLoginException("login failed");
} else {
throw new FailedLoginException("User " + user + " does not exist");
}
}
// the password is in the first position
String[] infos = userInfos.split(",");
String storedPassword = infos[0];
// check if the stored password is flagged as encrypted
String encryptedPassword = getEncryptedPassword(storedPassword);
if (!storedPassword.equals(encryptedPassword)) {
if (debug) {
LOGGER.debug("The password isn't flagged as encrypted, encrypt it.");
}
if (debug) {
LOGGER.debug("Rebuild the user informations string.");
}
userInfos = encryptedPassword + ",";
for (int i = 1; i < infos.length; i++) {
if (i == (infos.length - 1)) {
userInfos = userInfos + infos[i];
} else {
userInfos = userInfos + infos[i] + ",";
}
}
if (debug) {
LOGGER.debug("Push back the user informations in the users properties.");
}
if (user.contains("\\")) {
users.remove(user);
user = user.replace("\\", "\\\\");
}
users.put(user, userInfos);
try {
if (debug) {
LOGGER.debug("Store the users properties file.");
}
users.save();
} catch (IOException ioe) {
LOGGER.warn("Unable to write user properties file {}", f, ioe);
}
storedPassword = encryptedPassword;
}
// check the provided password
if (!checkPassword(password, storedPassword)) {
if (!this.detailedLoginExcepion) {
throw new FailedLoginException("login failed");
} else {
throw new FailedLoginException("Password for " + user + " does not match");
}
}
principals = new HashSet<Principal>();
principals.add(new UserPrincipal(user));