private boolean verifyPassword(
        QueryConfiguration configuration, PasswordKeyMapper passwordMapper, Evidence evidence) {
      Credential credential = executePrincipalQuery(configuration, passwordMapper::map);
      String algorithm = passwordMapper.getAlgorithm();

      try {
        if (credential instanceof PasswordCredential) {
          PasswordFactory passwordFactory = getPasswordFactory(algorithm);
          char[] guessCredentialChars;

          if (evidence instanceof PasswordGuessEvidence) {
            guessCredentialChars = ((PasswordGuessEvidence) evidence).getGuess();
          } else {
            throw log.passwordBasedCredentialsMustBeCharsOrClearPassword();
          }

          return passwordFactory.verify(
              ((PasswordCredential) credential).getPassword(), guessCredentialChars);
        }
      } catch (InvalidKeyException e) {
        throw log.invalidPasswordKeyForAlgorithm(algorithm, e);
      }

      return false;
    }
    @Override
    public boolean verifyEvidence(final String credentialName, final Evidence evidence)
        throws RealmUnavailableException {
      if (evidence != null) {
        for (QueryConfiguration configuration : JdbcSecurityRealm.this.queryConfiguration) {
          for (PasswordKeyMapper passwordMapper :
              configuration.getColumnMappers(PasswordKeyMapper.class)) {
            if (passwordMapper.getCredentialName().equals(credentialName)) {
              return verifyPassword(configuration, passwordMapper, evidence);
            }
          }
        }
      }

      return false;
    }