User user;
try {
user = userDatabase.findUser(credentials.getName());
} catch (ExpiredPasswordException e) {
throw new AuthenticationException("Password has expired.",e);
}
if (user == null) throw new AuthenticationException("Authentication failed");
return user;