SEC-94: DaoAuthenticationProvider to include UserDetails in BadCredentialsException.

2005-11-07 03:04:47 +00:00 · 2005-11-07 03:04:47 +00:00 · 55f5093ec7
parent 509ae1ccc9
commit 55f5093ec7
2 changed files with 23 additions and 2 deletions
--- a/core/src/main/java/org/acegisecurity/BadCredentialsException.java
+++ b/core/src/main/java/org/acegisecurity/BadCredentialsException.java
@ -1,4 +1,4 @@
-/* Copyright 2004 Acegi Technology Pty Limited
+/* Copyright 2004, 2005 Acegi Technology Pty Limited
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
@ -24,6 +24,10 @@ package net.sf.acegisecurity;
 * @version $Id$
 */
 public class BadCredentialsException extends AuthenticationException {
+    //~ Instance fields ========================================================
+
+    private Object extraInformation;
+
    //~ Constructors ===========================================================

    /**
@ -36,6 +40,11 @@ public class BadCredentialsException extends AuthenticationException {
        super(msg);
    }

+    public BadCredentialsException(String msg, Object extraInformation) {
+        super(msg);
+        this.extraInformation = extraInformation;
+    }
+
    /**
     * Constructs a <code>BadCredentialsException</code> with the specified
     * message and root cause.
@ -46,4 +55,16 @@ public class BadCredentialsException extends AuthenticationException {
    public BadCredentialsException(String msg, Throwable t) {
        super(msg, t);
    }
+
+    //~ Methods ================================================================
+
+    /**
+     * Any additional information about the exception. Generally a
+     * <code>UserDetails</code> object.
+     *
+     * @return extra information or <code>null</code>
+     */
+    public Object getExtraInformation() {
+        return extraInformation;
+    }
 }
--- a/core/src/main/java/org/acegisecurity/providers/dao/DaoAuthenticationProvider.java
+++ b/core/src/main/java/org/acegisecurity/providers/dao/DaoAuthenticationProvider.java
@ -120,7 +120,7 @@ public class DaoAuthenticationProvider

        if (!passwordEncoder.isPasswordValid(userDetails.getPassword(),
                authentication.getCredentials().toString(), salt)) {
-            throw new BadCredentialsException("Bad credentials");
+            throw new BadCredentialsException("Bad credentials", userDetails);
        }
    }