Hi Dan,
> I changed the API for Authenticator a little, so that it would be
> consistent with the new Registrar:
>
> canAuthenticate(AuthenticationRequest)
>
> is now
>
> canAuthenticate(Class<? extends AuthenticationRequest).
>
> In other words, it's the means by which the AuthenticationManagerStandard
> askes each Authenticator whether it can authenticate a particular *type of*
> AuthenticationRequest, rather than an actual AuthenticationRequest.
>
> My guess is that you have a canAuthenticate(AuthenticationRequest) method
> which doesn't have an @Override on it, and so the compiler didn't flag that
> this is no longer an overriding method?
I am extending "PasswordRequestAuthenticatorAbstract", which has a:
public final boolean canAuthenticate(final Class<? extends
AuthenticationRequest> authenticationRequestClass)
Note the "final".
I am overriding isValid:
@Override
public boolean isValid(AuthenticationRequest request) {
final AuthenticationRequestPassword passwordRequest =
(AuthenticationRequestPassword) request;
final String username = passwordRequest.getName();
if (Strings.isNullOrEmpty(username)) {
return false;
}
final String password = passwordRequest.getPassword();
Assert.assertNotNull(password);
return isPasswordValidForUser(passwordRequest, username, password);
// return true;
}
This used to work fine, now it returns the error message if a login fails.
>
> ~~~
> Let me know how you get on...
You can reproduce the error with the default "file" authenticator.
Valid details - login.
Invalid details - HTTP ERROR 500
Regards,
Kevin
