password = JetspeedSecurity.encryptPassword(password);
}
catch (UnknownUserException e)
{
logger.warn("Unknown user attempted access: " + username, e);
throw new FailedLoginException(e.toString());
}
catch (JetspeedSecurityException e)
{
logger.warn("User denied authentication: " + username, e);
throw new LoginException(e.toString());
}
if(!user.getPassword().equals(password))
{
logger.error("Invalid password for user: " + username);
throw new FailedLoginException("Credential authentication failure");
}
// Check for password expiration
if (this.expirationPeriod > 0)
{