X-Git-Url: http://git.argeo.org/?a=blobdiff_plain;f=org.argeo.cms%2Fsrc%2Forg%2Fargeo%2Fcms%2Fauth%2FUserAdminLoginModule.java;h=ea2a6dedf6ea2877c3dcf487999420118aa9aa31;hb=0d430e00bed34cca1d41c26cc2cad35b797e89b8;hp=db677f57e13dc7f9a5715459dc532248ac054f2f;hpb=ae0971ce77c7a7d5daaed3b84ae4a277f97449e2;p=lgpl%2Fargeo-commons.git

diff --git a/org.argeo.cms/src/org/argeo/cms/auth/UserAdminLoginModule.java b/org.argeo.cms/src/org/argeo/cms/auth/UserAdminLoginModule.java
index db677f57e..ea2a6dedf 100644
--- a/org.argeo.cms/src/org/argeo/cms/auth/UserAdminLoginModule.java
+++ b/org.argeo.cms/src/org/argeo/cms/auth/UserAdminLoginModule.java
@@ -14,6 +14,7 @@ import javax.security.auth.callback.NameCallback;
 import javax.security.auth.callback.PasswordCallback;
 import javax.security.auth.callback.UnsupportedCallbackException;
 import javax.security.auth.login.CredentialNotFoundException;
+import javax.security.auth.login.FailedLoginException;
 import javax.security.auth.login.LoginException;
 import javax.security.auth.spi.LoginModule;
 import javax.servlet.http.HttpServletRequest;
@@ -108,9 +109,10 @@ public class UserAdminLoginModule implements LoginModule, AuthConstants {
 
 					User user = userAdmin.getUser(null, username);
 					if (user == null)
-						return false;
+						throw new FailedLoginException("Invalid credentials");
 					if (!user.hasCredential(null, password))
-						return false;
+						throw new FailedLoginException("Invalid credentials");
+					// return false;
 					authorization = userAdmin.getAuthorization(user);
 				}
 			}