I actually encountered the same challenge today and solved it by making a generic authenticate function. Hope it helps somebody with the same challenge in the future. The function:
private IContext authenticate(String username, String password, HashMap<String, Object> paramsRequest) throws WebserviceException, CoreException
{
IContext context = null;
if(username != null && password != null)
{
// a system context is needed to get a user
context = Core.createSystemContext();
// get the user
IUser user = Core.getUser(context, username);
if (user != null){
paramsRequest.put("User", user.getMendixObject());
boolean authenticated = Core.authenticate(context, user, password);
logNode.log(mxLogLevel, "User with username " + username + " authenticated: " + authenticated);
if (!authenticated){
throw new WebserviceException(WebserviceException.clientFaultCode,"Failed to authenticate user with username " + username);
}
} else {
throw new WebserviceException(WebserviceException.clientFaultCode,"User with username " + username + " does not exist!");
}
}
else if(username == null && password == null)
throw new WebserviceException(WebserviceException.clientFaultCode,"No username nor password supplied");
else if(username == null)
throw new WebserviceException(WebserviceException.clientFaultCode,"No username supplied");
else
throw new WebserviceException(WebserviceException.clientFaultCode,"No password supplied");
return context;
}