package org.beanfuse.security.providers.dao; import org.beanfuse.security.Authentication; import org.beanfuse.security.AuthenticationException; import org.beanfuse.security.BadCredentialsException; import org.beanfuse.security.User; import org.beanfuse.security.providers.AbstractAuthenticationProvider; import org.beanfuse.security.providers.UserNamePasswordAuthentication; import org.beanfuse.security.providers.encoding.PasswordEncoder; public class DaoAuthenticationProvider extends AbstractAuthenticationProvider { private PasswordEncoder passwordEncoder; public Authentication authenticate(Authentication auth) throws AuthenticationException { logger.debug("Authentication using {}", getClass()); User user = this.attachToUser(auth); if (!passwordEncoder.isPasswordValid(user.getPassword(), (String) auth.getCredentials())) { throw new BadCredentialsException(Authentication.ERROR_PASSWORD); } return auth; } public boolean supports(Class authTokenType) { return (UserNamePasswordAuthentication.class.isAssignableFrom(authTokenType)); } public void setPasswordEncoder(PasswordEncoder passwordEncoder) { this.passwordEncoder = passwordEncoder; } public String toString() { return getClass().getName(); } }