[keycloak-dev] AbstractUsernameFormAuthenticator validateUserAndPassword process

Hi, I am developing a Federation Provider, and I have a question... Why the method () checks if the user "is enabled" after validate the password instead of before of the password validation? AbstractUsernameFormAuthenticator.validateUserAndPassword: line 141/151 ... if (invalidUser(context, user)){ return false; } * if (!validatePassword(context, user, inputData)){* * return false;* * }* * if(!enabledUser(context, user)){* * return false;* * }* ... If the user is disabled... why validate his password and return a password validation error message? -- Ariel Carrera