Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-06-13 15:42:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

Include UsernameNotFoundException in BadCredentialsException

Browse Source 
Closes gh-16496

Signed-off-by: dae won <eodnjs01477@gmail.com>
This commit is contained in:
dae won 2025-05-30 12:13:39 +09:00 committed by Josh Cummings
parent d52e0b6a05
commit 9654e51bd4
1 changed files with 3 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
core/src/main/java/org/springframework/security/authentication/dao/AbstractUserDetailsAuthenticationProvider.java
View File

@ -137,11 +137,12 @@ public abstract class AbstractUserDetailsAuthenticationProvider
}
catch (UsernameNotFoundException ex) {
this.logger.debug(LogMessage.format("Failed to find user '%s'", username));
String message = this.messages.getMessage("AbstractUserDetailsAuthenticationProvider.badCredentials",
"Bad credentials");
if (!this.hideUserNotFoundExceptions) {
throw ex;
}
throw new BadCredentialsException(this.messages
.getMessage("AbstractUserDetailsAuthenticationProvider.badCredentials", "Bad credentials"));
throw new BadCredentialsException(message, ex);
}
Assert.notNull(user, "retrieveUser returned null - a violation of the interface contract");
}