@Override
public Pair<Boolean, ActionOnFailedAuthentication> authenticate(
String username, String password, Long domainId, Map<String, Object[]> requestParameters) {
if (s_logger.isDebugEnabled()) {
s_logger.debug("Trying SAML2 auth for user: "******"Username or Password cannot be empty");
return new Pair<Boolean, ActionOnFailedAuthentication>(false, null);
}
final UserAccount userAccount = _userAccountDao.getUserAccount(username, domainId);
if (userAccount == null || userAccount.getSource() != User.Source.SAML2) {
s_logger.debug(
"Unable to find user with "
+ username
+ " in domain "
+ domainId
+ ", or user source is not SAML2");
return new Pair<Boolean, ActionOnFailedAuthentication>(false, null);
} else {
User user = _userDao.getUser(userAccount.getId());
if (user != null
&& user.getSource() == User.Source.SAML2
&& user.getExternalEntity() != null) {
return new Pair<Boolean, ActionOnFailedAuthentication>(true, null);
}
}
// Deny all by default
return new Pair<Boolean, ActionOnFailedAuthentication>(
false, ActionOnFailedAuthentication.INCREMENT_INCORRECT_LOGIN_ATTEMPT_COUNT);
}
