@Override //KNOX-534 overriding this method to be able to audit authentication exceptions protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws org.apache.shiro.authc.AuthenticationException { try { return super.doGetAuthenticationInfo(token); } catch ( org.apache.shiro.authc.AuthenticationException e ) { auditor.audit( Action.AUTHENTICATION , token.getPrincipal().toString(), ResourceType.PRINCIPAL, ActionOutcome.FAILURE, e.getMessage() ); ShiroLog.failedLoginInfo(token); ShiroLog.failedLoginStackTrace(e); ShiroLog.failedLoginAttempt(e.getCause()); throw e; } }