protected void handleAuthenticationExceptions(AuthenticationException e) {
    if (e instanceof BadCredentialsException || e instanceof UsernameNotFoundException)
      throw SecurityServiceException.newInvalidCredentialsException(e.getMessage());

    throw SecurityServiceException.newAuthenticationFailedException(e.getMessage());
  }
  public void doFilter(
      final ServletRequest request, final ServletResponse response, final FilterChain chain)
      throws IOException, ServletException {
    if (!(request instanceof HttpServletRequest)) {
      throw new ServletException(
          Messages.getInstance()
              .getErrorString(
                  "RequestParameterAuthenticationFilter.ERROR_0005_HTTP_SERVLET_REQUEST_REQUIRED")); //$NON-NLS-1$
    }

    if (!(response instanceof HttpServletResponse)) {
      throw new ServletException(
          Messages.getInstance()
              .getErrorString(
                  "RequestParameterAuthenticationFilter.ERROR_0006_HTTP_SERVLET_RESPONSE_REQUIRED")); //$NON-NLS-1$
    }

    HttpServletRequest httpRequest = (HttpServletRequest) request;

    InputStream in = httpRequest.getInputStream();
    byte[] bytes = IOUtils.toByteArray(in);
    // Do something with Bytes.

    final BufferedInputStream newStream = new BufferedInputStream(new ByteArrayInputStream(bytes));
    final Map parameterMap = request.getParameterMap();

    HttpServletRequestWrapper wrapper =
        new HttpServletRequestWrapper(httpRequest) {

          @Override
          public Map getParameterMap() {
            return parameterMap;
          }

          @Override
          public ServletInputStream getInputStream() throws IOException {
            return new ServletInputStream() {
              @Override
              public int read() throws IOException {
                return newStream.read();
              }
            };
          }
        };

    String username = httpRequest.getParameter(this.userNameParameter);
    String password = httpRequest.getParameter(this.passwordParameter);

    if (RequestParameterAuthenticationFilter.logger.isDebugEnabled()) {
      RequestParameterAuthenticationFilter.logger.debug(
          Messages.getInstance()
              .getString(
                  "RequestParameterAuthenticationFilter.DEBUG_AUTH_USERID",
                  username)); //$NON-NLS-1$
    }

    if ((username != null) && (password != null)) {
      // Only reauthenticate if username doesn't match SecurityContextHolder and user isn't
      // authenticated (see SEC-53)
      Authentication existingAuth = SecurityContextHolder.getContext().getAuthentication();

      if ((existingAuth == null)
          || !existingAuth.getName().equals(username)
          || !existingAuth.isAuthenticated()) {
        UsernamePasswordAuthenticationToken authRequest =
            new UsernamePasswordAuthenticationToken(username, password);
        authRequest.setDetails(new WebAuthenticationDetails(httpRequest));

        Authentication authResult;

        try {
          authResult = authenticationManager.authenticate(authRequest);
        } catch (AuthenticationException failed) {
          // Authentication failed
          if (RequestParameterAuthenticationFilter.logger.isDebugEnabled()) {
            RequestParameterAuthenticationFilter.logger.debug(
                Messages.getInstance()
                    .getString(
                        "RequestParameterAuthenticationFilter.DEBUG_AUTHENTICATION_REQUEST",
                        username,
                        failed.toString())); // $NON-NLS-1$
          }

          SecurityContextHolder.getContext().setAuthentication(null);

          if (ignoreFailure) {
            chain.doFilter(wrapper, response);
          } else {
            authenticationEntryPoint.commence(wrapper, response, failed);
          }

          return;
        }

        // Authentication success
        if (RequestParameterAuthenticationFilter.logger.isDebugEnabled()) {
          RequestParameterAuthenticationFilter.logger.debug(
              Messages.getInstance()
                  .getString(
                      "RequestParameterAuthenticationFilter.DEBUG_AUTH_SUCCESS",
                      authResult.toString())); // $NON-NLS-1$
        }

        SecurityContextHolder.getContext().setAuthentication(authResult);
      }
    }

    chain.doFilter(wrapper, response);
  }