import org.acegisecurity.AuthenticationServiceException; //导入依赖的package包/类
@Override
protected UserDetails authenticate(String username, String password) throws AuthenticationException {
    try {
        LOGGER.info("Trying to authenticate with username: " + username);
        GitlabSession session = GitlabAPI.connect(this.gitLabUrl, username, password);
        return this.userDetailsBuilder.buildUserDetails(this.gitLabUrl, session, session.getPrivateToken());
    } catch(Exception e) {
        this.LOGGER.log(Level.WARNING, "Authentication request failed for username: " + username, e);
        throw new AuthenticationServiceException("Unable to process authentication for username: " + username, e);
    }
}
 

import org.acegisecurity.AuthenticationServiceException; //导入依赖的package包/类
protected final UserDetails retrieveUser(String username, UsernamePasswordAuthenticationToken authentication)
    throws AuthenticationException {
    UserDetails loadedUser;

    try {
    	// Check if User is Authenticated. ?? TODO
    	
        loadedUser = this.getUserDetailsService().loadUserByUsername(username);
    } catch (DataAccessException repositoryProblem) {
        throw new AuthenticationServiceException(repositoryProblem.getMessage(), repositoryProblem);
    }

    if (loadedUser == null) {
        throw new AuthenticationServiceException(
            "UserDetailsService returned null, which is an interface contract violation");
    }

    return loadedUser;
}
 

import org.acegisecurity.AuthenticationServiceException; //导入依赖的package包/类
/**
 * {@inheritDoc}
 * 
 * @see hudson.security.AbstractPasswordBasedSecurityRealm#authenticate(java.lang.String, java.lang.String)
 */
@Override
protected UserDetails authenticate(String username, String password) throws AuthenticationException {
    try {
        RedmineManager currentManager = getUserRedmineManager(username, password);
        return getUserDetails(currentManager.getCurrentUser());
    } catch (RedmineException e) {
        LOGGER.error("login failed for user {}: {}", username, e.getMessage(), e);
        throw new AuthenticationServiceException("login failed for user " + username, e);
    }
}
 

import org.acegisecurity.AuthenticationServiceException; //导入依赖的package包/类
/**
 * {@inheritDoc}
 */
@Override
public Authentication attemptAuthentication(HttpServletRequest request) {
    // Based on AppScan failing because of a "Cross-Site Request Forgery"
    if (StringUtils.isBlank(request.getRequestedSessionId())
        || !request.getRequestedSessionId().equals(request.getSession().getId())) {
        throw new AuthenticationServiceException("The session ID is not attached with this request.");
    }
    request.getSession().invalidate();
    request.getSession(true);
    return super.attemptAuthentication(request);
}
 

import org.acegisecurity.AuthenticationServiceException; //导入依赖的package包/类
/**
     * This overridden method gets the authentication source and 
     * Distributed Session Ticket from the response
     * 
     * @see org.acegisecurity.providers.cas.ticketvalidator.CasProxyTicketValidator#validateNow(edu.yale.its.tp.cas.client.ProxyTicketValidator)
     */
    protected TicketResponse validateNow(ProxyTicketValidator pv)
        throws AuthenticationServiceException, BadCredentialsException {
		String					sAuthenticationSource = null;
		String                  sDST = null;

        try {
            pv.validate();
        } catch (Exception internalProxyTicketValidatorProblem) {
            throw new AuthenticationServiceException(internalProxyTicketValidatorProblem.getMessage());
        }

        if (!pv.isAuthenticationSuccesful()) {
            throw new BadCredentialsException(pv.getErrorCode() + ": " + pv.getErrorMessage());
        }
        
        logger.debug("PROXY RESPONSE: " + pv.getResponse());
        
        if (logger.isDebugEnabled()) {
            logger.debug("DEBUG");
        }
                
        try {
			DocumentBuilderFactory	factory = DocumentBuilderFactory.newInstance();
			DocumentBuilder			builder = factory.newDocumentBuilder();
			InputSource inStream = new InputSource();
			inStream.setCharacterStream(new StringReader(pv.getResponse()));
			Document				doc     = builder.parse(inStream);
			Element 				head = doc.getDocumentElement();
			NodeList 				attrs = head.getElementsByTagName("cas:attribute");
			for (int i=0; i<attrs.getLength(); i++) {
				logger.debug(("Field name:" + ((Element)attrs.item(i)).getAttribute("name")) + "=" + ((Element)attrs.item(i)).getAttribute("value"));
				if ( ((Element)attrs.item(i)).getAttribute("name").equals("authenticationMethod") ) {
					sAuthenticationSource = ((Element)attrs.item(i)).getAttribute("value");
				} else if ( ((Element)attrs.item(i)).getAttribute("name").equals("DST") ) {
				    sDST = ((Element)attrs.item(i)).getAttribute("value");
				}
			}
			if (sAuthenticationSource != null && sDST != null) {
                String sPrincipal = pv.getUser() + "@" + sAuthenticationSource;

                if (logger.isDebugEnabled()) {
			        logger.debug("Updating session: " + sDST + " " + sPrincipal);
			    }
// Touching here may be overkill since it should happen in the filter
                distributedSession.touchSesn(sDST);
              //  distributedSession.addPrincipalToSesn(sDST, sPrincipal);
			} else {
			    if (logger.isDebugEnabled()) {
                    logger.debug("Incomplete data from CAS:" + sAuthenticationSource + ":" + sDST);
                }
			}
        } catch (Exception e) {
        	logger.error("Error parsing CAS Result", e);
        }
        
        logger.debug("Authentication Method:" + sAuthenticationSource);
        return new KualiTicketResponse(pv.getUser(), pv.getProxyList(), pv.getPgtIou(), sDST);
    }