I have two UsernamePasswordForm classes as the authenticators

SampleUsernamePasswordForm and SecurityUsernamePasswordForm

If SampleUsernamePasswordForm is a success, there is no need to move to SecurityUsernamePasswordForm, but if there is any credential error, I want to bypass SampleUsernamePasswordForm authenticator and move to SecurityUsernamePasswordForm

Both are under ALTERNATIVE right now, which means if one if a failure, it should move to the next one

In SampleUsernamePasswordForm, I tried

if (!validateForm(context, formData)) {
        Response challengeResponse = challenge(context, getDefaultChallengeMessage(context), FIELD_PASSWORD);
        context.failureChallenge(AuthenticationFlowError.INVALID_CREDENTIALS, challengeResponse);
 }

and

if (!validateForm(context, formData)) {
        context.failure(AuthenticationFlowError.INVALID_CREDENTIALS);
 }

I thought calling context.failure on this would trigger SecurityUsernamePasswordForm, but it just shows error message on the same login form

Currently, I had to resort to where I had to place login from SecurityUsernamePasswordForm in SampleUsernamePasswordForm, which doesn't look neat. How do I skip to SecurityUsernamePasswordForm?

Also, for some reason, the SampleUsernamePasswordForm object is created 3-5 times before authenticate gets called , is this something which can happen with Authenticators?

CodePudding user response：

If that both executions are ALTERNATİVE, you would just call attempt
on SampleUsernamePasswordForm to just pass to next execution(SecurityUsernamePasswordForm). But just make sure that at-least one failure or success must be returned end of the flow.