@SuppressWarnings("deprecation") protected void additionalAuthenticationChecks( UserDetails userDetails, UsernamePasswordAuthenticationToken authentication) { Authentication authentication2 = SecurityContextHolder.getContext().getAuthentication(); if (authentication2 != null) { return; } Object salt = null; if (this.saltSource != null) { salt = this.saltSource.getSalt(userDetails); } String message = messages.getMessage( "AbstractUserDetailsAuthenticationProvider.badCredentials", "Bad credentials"); if (authentication.getCredentials() == null) { LOG.debug("Authentication failed: no credentials provided"); throw new BadCredentialsException(message, userDetails); } String presentedPassword = authentication.getCredentials().toString(); SecuredUser user = ((SecuredUser) userDetails); boolean authorized = false; for (OnLoginRunnable each : getPluginManager().getEnabledModulesByClass(OnLoginRunnable.class, defaultLoginPlugin)) { try { each.validateUser( user.getUsername(), presentedPassword, user.getPassword(), passwordEncoder, salt); LOG.info("{} is logined by {}", user.getUsername(), each.getClass().getName()); authorized = true; break; } catch (BadCredentialsException exception) { LOG.info("{} is not logined by {}", user.getUsername(), each.getClass().getName()); authorized = false; } } if (!authorized) { throw new BadCredentialsException(message, user); } // If It's the first time to login if (user.getUser().getId() == null) { addNewUserIntoLocal(user); LOG.info("{} is saved by password {}", user.getUser().getId(), user.getUser().getPassword()); } }