I'm using Spring Security 5.4.2 to authenticate users using UserDetailsService implementation. Users that have not verified their email account are disabled (my UserDetails implementation's isEnabled() method returns false). When a disabled user tries to login I get a DisabledException, even if the password used to log in is incorrect. I would like to hide the fact that an account is disabled from users that don't know the password and inform only the ones that provide good credentials that their account is disabled. Is there a way to check the credentials before checking isEnabled?
Checking disabled user's credentials, Spring Security, UserDetailsService
184 views Asked by orlin614 At
0
There are 0 answers
Related Questions in JAVA
- I need the BIRT.war that is compatible with Java 17 and Tomcat 10
- Creating global Class holder
- No method found for class java.lang.String in Kafka
- Issue edit a jtable with a pictures
- getting error when trying to launch kotlin jar file that use supabase "java.lang.NoClassDefFoundError"
- Does the && (logical AND) operator have a higher precedence than || (logical OR) operator in Java?
- Mixed color rendering in a JTable
- HTTPS configuration in Spring Boot, server returning timeout
- How to use Layout to create textfields which dont increase in size?
- Function for making the code wait in javafx
- How to create beans of the same class for multiple template parameters in Spring
- How could you print a specific String from an array with the values of an array from a double array on the same line, using iteration to print all?
- org.telegram.telegrambots.meta.exceptions.TelegramApiException: Bot token and username can't be empty
- Accessing Secret Variables in Classic Pipelines through Java app in Azure DevOps
- Postgres && statement Error in Mybatis Mapper?
Related Questions in SPRING-SECURITY
- How do I propagate the current SecurityContext to my @RabbitListener in Spring Boot?
- Spring security causing 404 with message "No static resource login"
- Spring JPA Data Auditing - How to design it?
- Spring 3 - Security: How to rebuild authManager () usage?
- Error: Cannot invoke "jakarta.servlet.http.HttpSession.getAttribute(String)" because "session" is null
- how to use ldap authentication with permission taken from db without needing password in UserDetails
- This error occurred when using springsecurity for database user verification: IllegalArgumentException
- Issue with configuring SpringSecurity to allow URLs in FilterChain
- getting React Hook "useSetupInterceptors" cannot be called at the top level when try to use useSignOut hook
- Spring Authorization Server `JdbcOAuth2AuthorizationService` does not save custom User object
- Customize Authorization Code claims with Spring OAuth2 Authorization Server 3.2.4
- Spring Security Reactive OAuth2 Client: Options for Customizing Refresh Endpoint
- Repository injection in an handler spring boot class performance
- Spring Security mix form based and http basic authentication
- SecurityContextHolder.getContext().getAuthentication() is null
Related Questions in USERDETAILSSERVICE
- Need to make changes in API for created by and updated by column
- UserDetails without password(SpringBoot)
- No primary or single unique constructor found for interface UserDetails
- Spring Boot 3.1.3 MultiTenancy + Authorization Server with Client_credentials how to authenticate users?
- Spring boot integration test with Oauth using JWT and PreAuthorized
- In Spring Security , when users has same username, any problem will cause?
- 'org.springframework.security.core.userdetails.UserDetailsService' that could not be found
- Encoded password does not look like BCrypt when using Spring Security UserDetailsService
- Spring Security Circular Dependency User Details
- Spring Security returns 401 for registered users
- How to update user details if logged in user updated his/her email or phone number spring boot?
- How to override default userDetailsService and passwordEncoder for spring-boot project
- Spring Boot Security: One user with multiple roles which has multiple permissions
- Remember me button for login and BCrypt for passwords in Spring Boot 2.6.X and possibly Spring Boot 3
- Spring Cloud Gateway: Combined security? (X.509 + HTTP headers)
Popular Questions
- How do I undo the most recent local commits in Git?
- How can I remove a specific item from an array in JavaScript?
- How do I delete a Git branch locally and remotely?
- Find all files containing a specific text (string) on Linux?
- How do I revert a Git repository to a previous commit?
- How do I create an HTML button that acts like a link?
- How do I check out a remote Git branch?
- How do I force "git pull" to overwrite local files?
- How do I list all files of a directory?
- How to check whether a string contains a substring in JavaScript?
- How do I redirect to another webpage?
- How can I iterate over rows in a Pandas DataFrame?
- How do I convert a String to an int in Java?
- Does Python have a string 'contains' substring method?
- How do I check if a string contains a specific word?
Trending Questions
- UIImageView Frame Doesn't Reflect Constraints
- Is it possible to use adb commands to click on a view by finding its ID?
- How to create a new web character symbol recognizable by html/javascript?
- Why isn't my CSS3 animation smooth in Google Chrome (but very smooth on other browsers)?
- Heap Gives Page Fault
- Connect ffmpeg to Visual Studio 2008
- Both Object- and ValueAnimator jumps when Duration is set above API LvL 24
- How to avoid default initialization of objects in std::vector?
- second argument of the command line arguments in a format other than char** argv or char* argv[]
- How to improve efficiency of algorithm which generates next lexicographic permutation?
- Navigating to the another actvity app getting crash in android
- How to read the particular message format in android and store in sqlite database?
- Resetting inventory status after order is cancelled
- Efficiently compute powers of X in SSE/AVX
- Insert into an external database using ajax and php : POST 500 (Internal Server Error)