@Transactional(noRollbackFor = {BadCredentialsException.class, DisabledException.class})
public Authentication authenticate(final Authentication authentication)
throws AuthenticationException {
boolean authenticated = false;
SyncopeUser passwordUser = new SyncopeUser();
SyncopeUser user = null;
String username = authentication.getPrincipal().toString();
if (adminUser.equals(username)) {
passwordUser.setPassword(authentication.getCredentials().toString(), CipherAlgorithm.MD5, 0);
authenticated = adminMD5Password.equalsIgnoreCase(passwordUser.getPassword());
} else {
user = userDAO.find(username);
if (user != null) {
if (user.getSuspended()) {
throw new DisabledException("User " + user.getUsername() + " is suspended");
}
passwordUser.setPassword(authentication.getCredentials().toString(), user.getCipherAlgoritm(), 0);
authenticated = user.getPassword().equalsIgnoreCase(passwordUser.getPassword());
}
}
UsernamePasswordAuthenticationToken token;
if (authenticated) {
token = new UsernamePasswordAuthenticationToken(
authentication.getPrincipal(),
null,
userDetailsService.loadUserByUsername(authentication.getPrincipal().toString()).getAuthorities());
token.setDetails(authentication.getDetails());
auditManager.audit(Category.authentication, AuthenticationSubCategory.login, Result.success,
"Successfully authenticated, with roles: " + token.getAuthorities());
LOG.debug("User {} successfully authenticated, with roles {}", authentication.getPrincipal(), token.
getAuthorities());
if (user != null) {
user.setLastLoginDate(new Date());
user.setFailedLogins(0);
userDAO.save(user);
}
} else {
if (user != null) {
user.setFailedLogins(user.getFailedLogins() + 1);
userDAO.save(user);
}
auditManager.audit(Category.authentication, AuthenticationSubCategory.login, Result.failure,
"User " + authentication.getPrincipal() + " not authenticated");