public void assertCredentialsMatch(AuthenticationToken token, AuthenticationInfo info)
throws AuthenticationException {
if (PropertyUtil.getBoolean("encrypt")) {
super.assertCredentialsMatch(token, info);
} else {
if (token != null && info != null) {
CaptchaUsernamePasswordToken tk = (CaptchaUsernamePasswordToken) token;
if (!(String.valueOf(tk.getPassword())).equals((String) info.getCredentials())) {
// not successful - throw an exception to indicate this:
String msg =
"Submitted credentials for token ["
+ tk
+ "] did not match the expected credentials.";
throw new IncorrectCredentialsException(msg);
}
} else {
throw new AuthenticationException(
"A CredentialsMatcher must be configured in order to verify "
+ "credentials during authentication. If you do not wish for credentials to be examined, you "
+ "can configure an "
+ AllowAllCredentialsMatcher.class.getName()
+ " instance.");
}
}
}
