qp.addPreparedStmtElementDefinition(STRING, username);
try {
qp.addPreparedStmtElementDefinition(Encrypt.encrypt(Configuration
.getString("keyfile"), password));
} catch (Exception e) {
throw new PasswordFailureException(
"Couldn't encrypt password (this could be a database problem): "
+ e.toString());
}
try {
Configuration.getConnectionPool().executeQuery(qp);
} catch (SQLException e1) {
Logger.fatal("Couldn't execute query", e1);
return null;
}
if (qp.getResultCount() == 0) {
qp.clearForNewSQL();
sql = null;
sql = new StringBuffer();
sql.append("select count(*) as theCount ");
sql.append("from users ");
sql.append("where user_name=? ");
qp = new QueryParser(sql.toString());
qp.addPreparedStmtElementDefinition(username);
try {
Configuration.getConnectionPool().executeQuery(qp);
} catch (SQLException e1) {
Logger.error("Couldn't execute query", e1);
}
try {
if (qp.getResult(Integer.class, "theCount").intValue() == 0) {
throw new NoSuchUserException("User '" + username
+ "' doesn't exist");
} else {
throw new PasswordFailureException(
"Password doesn't match database.");
}
} catch (DataTypeMismatchException e) {
// this only happens for bad code, so returning null doesn't
// really need to be accounted for in the javadoc