*/
private UzerDTO internalLogin(boolean encrypted, final String email, final String pwd) throws Exception {
Uzer user = uzerDAO.findByEmailWithRightsAndProfile(email);
if (user == null || pwd == null) {
throw new CustomException(getClass(), LocaleManager.getInstance(getSession()).getMessageResource(getClass())
.getString("EXCEPTION_USERNAME_INVALID"), null);
} else {
String password = pwd;
if (!encrypted) {
password = EncryptionUtils.encrypt(EncryptionUtils.encrypt(password, MessageDigestAlgorithm.MD5), MessageDigestAlgorithm.SHA_512);
}
if (user.getPassword().equals(password)) {
// security context
final Collection<GrantedAuthority> authorities = getAuthorities(user);
final User springUser = new User(email, password, authorities);
final Authentication auth = new UsernamePasswordAuthenticationToken(springUser, password, authorities);
final SecurityContext sc = new SecurityContextImpl();
sc.setAuthentication(auth);
SecurityContextHolder.setContext(sc);
// http request
final UzerDTO uzerDTO = new UzerDTO(user, DTOPath.UZER_LOGIN);
getSession().setAttribute("user", uzerDTO);
return (uzerDTO);
} else {
throw new CustomException(getClass(), LocaleManager.getInstance(getSession()).getMessageResource(getClass())
.getString("EXCEPTION_PASSWORD_INVALID"), null);
}
}
}