/ - Diff - M2U UPASS Project - Penril Support System

Revision 55:28caa3ab6e93

      */
     public class ConfigBean {
     	/**
     	 * @see #MIGRATION_PERIOD
     	 */
     	private boolean inMigrationPeriod = false;
     	// password controller
     	int passwordMaxTryError = 3; // maximum allowable password error encountered per user
     	int passwordMaxReuse = 6; // number of password non repeatable
-...
     	int passwordComplexitySymbol = 0;
     	int passwordComplexityUpperAlpha = 0;
     	/**
     	 * This property can be set to 'Y' or 'N' in configurations,
     	 * but will be converted to boolean inside the app.
+    	 *
     	 * @see #inMigrationPeriod
     	 */
     	private static final String MIGRATION_PERIOD = "MIGRATION_PERIOD";
     	static String PASSWORD_MAX_ERROR = "PASSWORD_MAX_ERROR";
     	static String PASSWORD_GENERATION = "PASSWORD_GENERATION";
     	static String PASSWORD_EXPIRY_DAY = "PASSWORD_EXPIRY_DAY";
-...
     		} else if (SC_REPEAT_TIMEOUT.equalsIgnoreCase(paramName)) {
     			this.setSCRepeatTimeOut(Integer.parseInt(paramValue));
     		} else if (MIGRATION_PERIOD.equals(paramName)) {
     			this.setInMigrationPeriod("Y".equals(paramValue));
+    		}
+    	}
-...
     	public void setSCRepeatTimeOut(int sCRepeatTimeOut) {
     		SCRepeatTimeOut = sCRepeatTimeOut;
+    	}
     	public boolean isInMigrationPeriod() {
     		return inMigrationPeriod;
+    	}
     	public void setInMigrationPeriod(boolean inMigrationPeriod) {
     		this.inMigrationPeriod = inMigrationPeriod;
+    	}
+    }

     public class MinimalConstants {
     	/**
     	 * This property can be set to 'Y' or 'N' in configurations,
     	 * but will be converted to boolean inside the app.
+    	 *
     	 * @see #inMigrationPeriod
     	 */
     	public static final String MIGRATION_PERIOD = "MIGRATION_PERIOD";
     	public static final int ERR_SUCCESS = 0;
     	public static final int ERR_INVALID_USERALIAS = 16;
     	public static final int ERR_PASSWORD_SAMEAS_USERALIAS = 17;
-...
     		return map;
+    	}
+    }

     public class MinimalUPassControllerV2 {
     	protected static Logger logger = Logger.getLogger(MinimalUPassControllerV2.class);
     	protected static Logger logger = Logger
     			.getLogger(MinimalUPassControllerV2.class);
     	protected static Map configurationMap = new HashMap();
     	private static boolean configFirstLoad = true;
     	protected VerifyStaticPasswordService verifyStaticPasswordService = new VerifyStaticPasswordService(this);
     	/**
     	 * @see MinimalConstants#MIGRATION_PERIOD
     	 */
     	private boolean inMigrationPeriod = false;
     	protected VerifyStaticPasswordService verifyStaticPasswordService = new VerifyStaticPasswordService(
     			this);
     	protected CreateUserService createUserService = new CreateUserService(this);
     	protected ModifyUserService modifyUserService = new ModifyUserService(this);
     	protected AppAccessMgtService appAccessMgtService = new AppAccessMgtService();
     	protected ChangeStaticPasswordService changeStaticPasswordService = new ChangeStaticPasswordService(this);
     	protected ChangeStaticPasswordService changeStaticPasswordService = new ChangeStaticPasswordService(
     			this);
     	// for spring-ldap usage
     	private static final Object CONFIG_LOCK = new Object();
     	private static MaybankLdapDAO maybankLdapDAO;
     	public MinimalUPassControllerV2() {
     		this.setInMigrationPeriod( Config.getInstance().getProperty(MinimalConstants.MIGRATION_PERIOD).equals("Y"));
     		initializeConfigurations();
+    	}
     	protected void initializeConfigurations() {
     		try {
     			ConfigurationDAO configurationDAO = MinimalDAOFactory.minimalInstance().getConfigurationDAO();
     			ConfigurationDAO configurationDAO = MinimalDAOFactory
     					.minimalInstance().getConfigurationDAO();
     			boolean isConfigChange = configurationDAO.isConfigChanged();
     			if (configFirstLoad || isConfigChange) {
     				logger.info("Refresh Configuration ....");
     				List configurations = configurationDAO.getConfigurationsFromStore();
     				List configurations = configurationDAO
     						.getConfigurationsFromStore();
     				ConfigurationBean configPojo;
     				ConfigBean configBean = null;
-...
     					configPojo = (ConfigurationBean) itr.next();
     					configType = configPojo.getApplicationId();
     					configBean = (ConfigBean) configurationMap.get(new Integer(configType));
     					configBean = (ConfigBean) configurationMap.get(new Integer(
     							configType));
     					if (configBean == null) {
     						configBean = new ConfigBean();
+    					}
     					logger.info("COnfig Type:" + configType + "=config name:" + configPojo.getConfigName()
     							+ "=config Value:" + configPojo.getConfigValue());
     					configBean.setConfigBean(configPojo.getConfigName(), configPojo.getConfigValue());
     					logger.info("COnfig Type:" + configType + "=config name:"
     							+ configPojo.getConfigName() + "=config Value:"
     							+ configPojo.getConfigValue());
     					configBean.setConfigBean(configPojo.getConfigName(),
     							configPojo.getConfigValue());
     					configurationMap.put(new Integer(configType), configBean);
     					configFirstLoad = false; // this value dictate for every instance restart to refresh the map. After
     					configFirstLoad = false; // this value dictate for every
     												// instance restart to refresh
     												// the map. After
     												// first load, turn it off
+    				}
     				logger.info("Refresh Configuration Done ....");
-...
     		return configBean;
+    	}
     	public boolean isInMigrationPeriod() {
     		return inMigrationPeriod;
+    	}
     	public void setInMigrationPeriod(boolean inMigrationPeriod) {
     		this.inMigrationPeriod = inMigrationPeriod;
+    	}
     	/**
     	 * This method to add online users to the system
+    	 *
-...
     	 *         ERR_SYSTEM_NOT_READY<br/>
     	 *         ERR_USERALIAS_NOT_FOUND <br/>
     	 *         ERR_INVALID_STATE - admin not active or temporary suspended.<br/>
     	 *         ERR_APP_SERV_NOT_PERMITTED - for operation not allowed for the user type.<br/>
     	 *         ERR_APP_SERV_NOT_PERMITTED - for operation not allowed for the
     	 *         user type.<br/>
     	 *         ERR_EXCEED_MAX_TRIES<br/>
     	 *         ERR_INVALID_CREDENTIAL<br/>
     	 *         ERR_INVALID_INPUT - internal error.<br/>
     	 *         ERR_ALREADY_EXIST<br/>
     	 *         ERR_INVALID_USERALIAS - User alias does not match with defined pattern <br/>
     	 *         ERR_PASSWORD_SAMEAS_USERALIAS - password is same is user name error <br/>
     	 *         ERR_INVALID_USERALIAS - User alias does not match with defined
     	 *         pattern <br/>
     	 *         ERR_PASSWORD_SAMEAS_USERALIAS - password is same is user name
     	 *         error <br/>
     	 */
     	public int UA_AddUser(
     			String adminUserAlias, String adminUserPassword,
     	public int UA_AddUser(String adminUserAlias, String adminUserPassword,
     			String userAlias, String userDesc, String userPassword, int appId) {
     		// check if password is similar to user alias
-...
     			return MinimalConstants.ERR_PASSWORD_SAMEAS_USERALIAS;
+    		}
     		int rc = verifyStaticPasswordService.verifyStaticPassword(
     				adminUserAlias, adminUserPassword, true, MinimalConstants.UTYPE_STATE_ADMIN);
     				adminUserAlias, adminUserPassword, true,
     				MinimalConstants.UTYPE_STATE_ADMIN);
     		if (rc != MinimalConstants.ERR_SUCCESS) {
     			return rc;
+    		}
     		rc = createUserService.addUser(
     				userAlias, MinimalConstants.UTYPE_STATE_USER, userDesc,
     				userPassword, MinimalConstants.UID_STATE_ACTIVE, appId);
     		rc = createUserService.addUser(userAlias,
     				MinimalConstants.UTYPE_STATE_USER, userDesc, userPassword,
     				MinimalConstants.UID_STATE_ACTIVE, appId);
     		logger.info("UA_AddUser - user alias: [" + userAlias + "] Return: " + rc);
     		logger.info("UA_AddUser - user alias: [" + userAlias + "] Return: "
     				+ rc);
     		return rc;
+    	}
     	public int addUser(
     			String appAccessId, String hashedSecretKey, MinimalUserBean user,
     			char accessType, Session txSession) {
     	public int addUser(String appAccessId, String hashedSecretKey,
     			MinimalUserBean user, char accessType, Session txSession) {
     		return addUser(appAccessId, hashedSecretKey, user, accessType, txSession, true);
     		return addUser(appAccessId, hashedSecretKey, user, accessType,
     				txSession, true);
+    	}
     	/**
     	 * This methods identifies the target app using <code>appAccessId</code>,
     	 * hence meant for {@link ClientApp}s
+    	 *
     	 * @see #addUser(String, String, MinimalUserBean, char, int, Session, boolean)
     	 * @see #addUser(String, String, MinimalUserBean, char, int, Session,
     	 *      boolean)
     	 */
     	public int addUser(
     			String appAccessId, String hashedSecretKey, MinimalUserBean user,
     			char accessType, Session txSession, boolean checkPassword) {
     	public int addUser(String appAccessId, String hashedSecretKey,
     			MinimalUserBean user, char accessType, Session txSession,
     			boolean checkPassword) {
     		final String userAlias = user.getUserAlias();
     		final String doubleHashedPassword = user.getPcipherText();
-...
+    		}
     		int rc;
     		try {
     			AccessCheckResult checkResult = checkAppAccess(appAccessId, hashedSecretKey, txSession);
     			AccessCheckResult checkResult = checkAppAccess(appAccessId,
     					hashedSecretKey, txSession);
     			final Integer appId = checkResult.invokerAppId;
     			if (appId == null && !checkResult.hasUPassAdminAccess()) {
-...
     			} else {
     				user.setUserType(MinimalConstants.UTYPE_STATE_USER);
     				user.setPstate(MinimalConstants.UID_STATE_ACTIVE);
     				rc = createUserAndGrantAccessToApp(
     						user, appId.intValue(), accessType, txSession, checkPassword);
     				rc = createUserAndGrantAccessToApp(user, appId.intValue(),
     						accessType, txSession, checkPassword);
+    			}
     		} catch (UPassException e) {
-...
     		return rc;
+    	}
     	private int createUserAndGrantAccessToApp(
     			MinimalUserBean user, int appId, char accessType,
     			Session txSession, boolean checkPassword) {
     	private int createUserAndGrantAccessToApp(MinimalUserBean user, int appId,
     			char accessType, Session txSession, boolean checkPassword) {
     		int rc;
     		CreateUserService.ReturnBundle creationResult =
     				createUserService.addUser(user, txSession, checkPassword);
     		CreateUserService.ReturnBundle creationResult = createUserService
     				.addUser(user, txSession, checkPassword);
     		rc = creationResult.getCode();
     		if (rc == MinimalConstants.ERR_SUCCESS) {
     			final long userId = creationResult.getUserId().longValue();
     			boolean granted = appAccessMgtService.grantAppAccessToUser(
     					userId, appId, accessType, txSession);
     			boolean granted = appAccessMgtService.grantAppAccessToUser(userId,
     					appId, accessType, txSession);
     			rc = granted ?
     					MinimalConstants.ERR_SUCCESS
     			rc = granted ? MinimalConstants.ERR_SUCCESS
     					: MinimalConstants.ERR_SYSTEM_NOT_READY;
+    		}
     		return rc;
+    	}
     	/**
     	 * Because of the ability to choose the target app,
     	 * this method is meant for USS only.
     	 * Because of the ability to choose the target app, this method is meant for
     	 * USS only.
+    	 *
     	 * @see #addUser(String, String, MinimalUserBean, char, Session)
     	 */
     	public int addUser(
     			String adminUsername, String adminPassword, MinimalUserBean user,
     			char accessType, int targetAppId, Session txSession, boolean checkPassword) {
     	public int addUser(String adminUsername, String adminPassword,
     			MinimalUserBean user, char accessType, int targetAppId,
     			Session txSession, boolean checkPassword) {
     		final String userAlias = user.getUserAlias();
     		final String doubleHashedPassword = user.getPcipherText();
-...
+    		}
     		int rc;
     		try {
     			AccessCheckResult checkResult = checkAppAccess(adminUsername, adminPassword, txSession);
     			AccessCheckResult checkResult = checkAppAccess(adminUsername,
     					adminPassword, txSession);
     			if (!checkResult.hasUPassAdminAccess())
     				rc = MinimalConstants.ERR_APP_SERV_NOT_PERMITTED;
-...
     			else {
     				user.setUserType(MinimalConstants.UTYPE_STATE_USER);
     				user.setPstate(MinimalConstants.UID_STATE_ACTIVE);
     				rc = createUserAndGrantAccessToApp(
     						user, targetAppId, accessType, txSession, checkPassword);
     				rc = createUserAndGrantAccessToApp(user, targetAppId,
     						accessType, txSession, checkPassword);
+    			}
     		} catch (MultipleAppAccessesFound e) {
     			rc = MinimalConstants.ERR_APP_SERV_NOT_PERMITTED;
-...
+    	}
     	/**
     	 * This method verify static password generated using SP_ChangeStaticPassword().
     	 * This method verify static password generated using
     	 * SP_ChangeStaticPassword().
+    	 *
     	 * @param userAlias
     	 * @param password
-...
     	 *         ERR_SYSTEM_NOT_READY<br/>
     	 *         ERR_USERALIAS_NOT_FOUND <br/>
     	 *         ERR_INVALID_STATE - user not active or temporary suspended.<br/>
     	 *         ERR_APP_SERV_NOT_PERMITTED - for operation not allowed for the user type.<br/>
     	 *         ERR_APP_SERV_NOT_PERMITTED - for operation not allowed for the
     	 *         user type.<br/>
     	 *         ERR_EXCEED_MAX_TRIES - used ModifyUser to reset password.<br/>
     	 *         ERR_INVALID_CREDENTIAL<br/>
     	 *         ERR_PASSWD_EXPIRED - password is valid but expired, suggest to change new password.<br/>
     	 *         ERR_PASSWD_EXPIRED - password is valid but expired, suggest to
     	 *         change new password.<br/>
     	 */
     	public int SP_VerifyStaticPassword(String userAlias, String password) {
     		int rc = verifyStaticPasswordService.verifyStaticPassword(userAlias, password, false, 0);
     		logger.info("SP_VerifyStaticPassword - user alias: [" + userAlias + "] Return: " + rc);
     		int rc = verifyStaticPasswordService.verifyStaticPassword(userAlias,
     				password, false, 0);
     		logger.info("SP_VerifyStaticPassword - user alias: [" + userAlias
     				+ "] Return: " + rc);
     		return rc;
+    	}
     	public int verifyStaticPassword_withAppChecked(
     			String appAccessId, String hashedSecretKey,
     			String username, String hashedPassword) {
     	public int verifyStaticPassword_withAppChecked(String appAccessId,
     			String hashedSecretKey, String username, String hashedPassword) {
     		int rc;
     		try {
     			checkAppAccessToUser(appAccessId, hashedSecretKey, username, null);
     			rc = verifyStaticPasswordService.verifyStaticPassword(
     					username, hashedPassword, false, 0);
     			rc = verifyStaticPasswordService.verifyStaticPassword(username,
     					hashedPassword, false, 0);
     		} catch (MultipleAppAccessesFound e) {
     			rc = MinimalConstants.ERR_APP_SERV_NOT_PERMITTED;
-...
     			rc = e.getErrorCode();
     			e.printStackTrace();
+    		}
     		logger.info("verifyStaticPassword_withAppChecked - user alias: [" + username + "] Return: " + rc);
     		logger.info("verifyStaticPassword_withAppChecked - user alias: ["
     				+ username + "] Return: " + rc);
     		return rc;
+    	}
-...
     	 *         ERR_SYSTEM_NOT_READY<br/>
     	 *         ERR_USERALIAS_NOT_FOUND <br/>
     	 *         ERR_INVALID_STATE - admin not active or temporary suspended.<br/>
     	 *         ERR_APP_SERV_NOT_PERMITTED - for operation not allowed for the user type.<br/>
     	 *         ERR_APP_SERV_NOT_PERMITTED - for operation not allowed for the
     	 *         user type.<br/>
     	 *         ERR_EXCEED_MAX_TRIES<br/>
     	 *         ERR_INVALID_CREDENTIAL<br/>
     	 *         ERR_INVALID_INPUT - internal error.<br/>
     	 *         ERR_USERALIAS_NOT_FOUND<br/>
     	 *         ERR_INVALID_USERALIAS - User alias does not match with defined pattern <br/>
     	 *         ERR_INVALID_USERALIAS - User alias does not match with defined
     	 *         pattern <br/>
     	 *         ERR_REUSED_PASSWD - the password entered was used previously.<br/>
     	 */
     	public int UA_ModifyUser(
     			String adminUserAlias, String adminUserPassword,
     	public int UA_ModifyUser(String adminUserAlias, String adminUserPassword,
     			String userAlias, String userDesc, String userPassword) {
     		// check if password is similar to user alias
-...
     		return rc;
+    	}
     	public int updateProfileShallowly(
     			String appAccessId, String hashedSecretKey,
     			UserProfile profile, Session txSession)
     	public int updateProfileShallowly(String appAccessId,
     			String hashedSecretKey, UserProfile profile, Session txSession)
     			throws UPassException {
     		MinimalUserBean user = profile.getMinUser();
-...
     		int rc;
     		try {
     			AccessCheckResult checkResult = checkAppAccess(appAccessId, hashedSecretKey, txSession);
     			AccessCheckResult checkResult = checkAppAccess(appAccessId,
     					hashedSecretKey, txSession);
     			final Integer invokingAppId = checkResult.invokerAppId;
     			final Object appIdObj = AppAccessMgtService.profileToAppMap.get(profile.getClass());
     			final Object appIdObj = AppAccessMgtService.profileToAppMap
     					.get(profile.getClass());
     			final int appIdForProfile = ((Integer) appIdObj).intValue();
     			boolean permitted = true;
-...
     			} else if (invokingAppId.intValue() != appIdForProfile) {
     				permitted = false;
+    			}
     			rc = permitted ?
     					modifyUserService.updateProfileShallowly(profile, txSession)
     					: MinimalConstants.ERR_APP_SERV_NOT_PERMITTED;
     			rc = permitted ? modifyUserService.updateProfileShallowly(profile,
     					txSession) : MinimalConstants.ERR_APP_SERV_NOT_PERMITTED;
     		} catch (MultipleAppAccessesFound e) {
     			rc = MinimalConstants.ERR_APP_SERV_NOT_PERMITTED;
     			e.printStackTrace();
+    		}
     		logger.info("updateProfileShallowly - user alias: [" + userAlias + "] Return: " + rc);
     		logger.info("updateProfileShallowly - user alias: [" + userAlias
     				+ "] Return: " + rc);
     		return rc;
+    	}
     	/**
     	 * This method generate static password and to be using SP_VerifyStaticPassword()
     	 * This method generate static password and to be using
     	 * SP_VerifyStaticPassword()
+    	 *
     	 * @param userAlias
     	 * @param newPassword
-...
     	 *         ERR_SYSTEM_NOT_READY<br/>
     	 *         ERR_USERALIAS_NOT_FOUND<br/>
     	 *         ERR_INVALID_STATE - user not active or temporary suspended.<br/>
     	 *         ERR_APP_SERV_NOT_PERMITTED - for operation not allowed for the user type.<br/>
     	 *         ERR_APP_SERV_NOT_PERMITTED - for operation not allowed for the
     	 *         user type.<br/>
     	 *         ERR_EXCEED_MAX_TRIES - used ModifyUser to reset password.<br/>
     	 *         ERR_INVALID_CREDENTIAL<br/>
     	 *         ERR_REUSED_PASSWD - reuse previous generated password.<br/>
     	 */
     	public int SP_ChangeStaticPassword(String userAlias, String newPassword, String oldPassword) {
     		int rc = changeStaticPasswordService.changeStaticPassword(userAlias, newPassword, oldPassword, true);
     		logger.info("SP_ChangeStaticPassword - user alias: [" + userAlias + "] Return: " + rc);
     	public int SP_ChangeStaticPassword(String userAlias, String newPassword,
     			String oldPassword) {
     		int rc = changeStaticPasswordService.changeStaticPassword(userAlias,
     				newPassword, oldPassword, true);
     		logger.info("SP_ChangeStaticPassword - user alias: [" + userAlias
     				+ "] Return: " + rc);
     		return rc;
+    	}
     	public int changeStaticPassword_withAppChecked(
     			String appAccessId, String hashedSecretKey,
     			String username, String newHashedPassword, String oldHashedPassword) {
     	public int changeStaticPassword_withAppChecked(String appAccessId,
     			String hashedSecretKey, String username, String newHashedPassword,
     			String oldHashedPassword) {
     		int rc;
     		try {
     			checkAppAccessToUser(appAccessId, hashedSecretKey, username, null);
     			rc = changeStaticPasswordService.changeStaticPassword(
     					username, newHashedPassword, oldHashedPassword, true);
     			rc = changeStaticPasswordService.changeStaticPassword(username,
     					newHashedPassword, oldHashedPassword, true);
     		} catch (MultipleAppAccessesFound e) {
     			rc = MinimalConstants.ERR_APP_SERV_NOT_PERMITTED;
-...
     			rc = e.getErrorCode();
     			e.printStackTrace();
+    		}
     		logger.info("changeStaticPassword_withAppChecked - user alias: [" + username + "] Return: " + rc);
     		logger.info("changeStaticPassword_withAppChecked - user alias: ["
     				+ username + "] Return: " + rc);
     		return rc;
+    	}
     	public int resetPassword_withAppChecked(
     			String appAccessId, String hashedSecretKey,
     			String username, String newHashedPassword) {
     	public int resetPassword_withAppChecked(String appAccessId,
     			String hashedSecretKey, String username, String newHashedPassword) {
     		int rc;
     		try {
     			checkAppAccessToUser(appAccessId, hashedSecretKey, username, null);
     			rc = modifyUserService.modifyUser(
     					username, MinimalConstants.UTYPE_STATE_USER, "",
     					newHashedPassword, MinimalConstants.UID_STATE_ACTIVE);
     			rc = modifyUserService.modifyUser(username,
     					MinimalConstants.UTYPE_STATE_USER, "", newHashedPassword,
     					MinimalConstants.UID_STATE_ACTIVE);
     		} catch (MultipleAppAccessesFound e) {
     			rc = MinimalConstants.ERR_APP_SERV_NOT_PERMITTED;
-...
     			rc = e.getErrorCode();
     			e.printStackTrace();
+    		}
     		logger.info("resetPassword_withAppChecked - user alias: [" + username + "] Return: " + rc);
     		logger.info("resetPassword_withAppChecked - user alias: [" + username
     				+ "] Return: " + rc);
     		return rc;
+    	}
-...
+    		}
+    	}
     	protected AccessCheckResult checkAppAccessToUser(
     			String appAccessId, String hashedSecretKey, String username, final Session txSession)
     	protected AccessCheckResult checkAppAccessToUser(String appAccessId,
     			String hashedSecretKey, String username, final Session txSession)
     			throws MultipleAppAccessesFound, UPassException {
     		AccessCheckResult checkResult = checkAppAccess(appAccessId, hashedSecretKey, txSession);
     		AccessCheckResult checkResult = checkAppAccess(appAccessId,
     				hashedSecretKey, txSession);
     		if (checkResult.hasUPassAdminAccess())
     			return checkResult;
     		List appIdsForUser = appAccessMgtService.listAppIdsForUser(username, txSession);
     		int retCode =
     				!appIdsForUser.isEmpty() ?
     						appIdsForUser.contains(checkResult.invokerAppId) ?
     								MinimalConstants.ERR_SUCCESS
     								: MinimalConstants.ERR_APP_SERV_NOT_PERMITTED
     						: MinimalConstants.ERR_USERALIAS_NOT_FOUND;
     		List appIdsForUser = appAccessMgtService.listAppIdsForUser(username,
     				txSession);
     		int retCode = !appIdsForUser.isEmpty() ? appIdsForUser
     				.contains(checkResult.invokerAppId) ? MinimalConstants.ERR_SUCCESS
     				: MinimalConstants.ERR_APP_SERV_NOT_PERMITTED
     				: MinimalConstants.ERR_USERALIAS_NOT_FOUND;
     		if (retCode != MinimalConstants.ERR_SUCCESS)
     			throw new UPassException(retCode);
-...
     		return checkResult;
+    	}
     	public AccessCheckResult checkAppAccess(
     			String appAccessId, String hashedSecretKey, final Session txSession)
     	public AccessCheckResult checkAppAccess(String appAccessId,
     			String hashedSecretKey, final Session txSession)
     			throws UPassException, MultipleAppAccessesFound {
     		ReturnBundle ret = verifyStaticPasswordService.verifyStaticPassword_returnUser(
     				appAccessId, hashedSecretKey, false, 0, txSession);
     		ReturnBundle ret = verifyStaticPasswordService
     				.verifyStaticPassword_returnUser(appAccessId, hashedSecretKey,
     						false, 0, txSession);
     		final int retCode = ret.getCode();
     		if (retCode != MinimalConstants.ERR_SUCCESS)
-...
     		if (result.hasUPassAdminAccess())
     			return result;
     		result.invokerAppId = appAccessMgtService.getAppIdForAdmin(appAccessId, txSession);
     		result.invokerAppId = appAccessMgtService.getAppIdForAdmin(appAccessId,
     				txSession);
     		return result;
+    	}
-...
+    	 *
     	 * @see #findProfile(String, String, String, Integer, Session)
     	 */
     	public UserProfile findProfile(
     			String appAccessId, String hashedSecretKey,
     			String username, Session txSession)
     			throws UPassException {
     	public UserProfile findProfile(String appAccessId, String hashedSecretKey,
     			String username, Session txSession) throws UPassException {
     		return findProfile(appAccessId, hashedSecretKey, username, null, txSession);
     		return findProfile(appAccessId, hashedSecretKey, username, null,
     				txSession);
+    	}
     	/**
     	 * Because of the ability to choose the target app,
     	 * this method is meant for USS mainly.
     	 * Because of the ability to choose the target app, this method is meant for
     	 * USS mainly.
+    	 *
     	 * @see #findProfile(String, String, String, Session)
     	 */
     	public UserProfile findProfile(
     			String appAccessId, String hashedSecretKey,
     	public UserProfile findProfile(String appAccessId, String hashedSecretKey,
     			String username, Integer targetAppId, Session txSession)
     			throws UPassException {
     		try {
     			AccessCheckResult checkResult = checkAppAccess(appAccessId, hashedSecretKey, txSession);
     			AccessCheckResult checkResult = checkAppAccess(appAccessId,
     					hashedSecretKey, txSession);
     			final boolean upassAdmin = checkResult.hasUPassAdminAccess();
     			if (upassAdmin) {
     				if (targetAppId == null)
-...
     			} else {
     				if (checkResult.invokerAppId == null)
     					throw new UPassException(MinimalConstants.ERR_APP_SERV_NOT_PERMITTED);
     					throw new UPassException(
     							MinimalConstants.ERR_APP_SERV_NOT_PERMITTED);
     				if (targetAppId == null) {
     					targetAppId = checkResult.invokerAppId;
     				} else if (!targetAppId.equals(checkResult.invokerAppId)) {
     					throw new UPassException(MinimalConstants.ERR_APP_SERV_NOT_PERMITTED);
     					throw new UPassException(
     							MinimalConstants.ERR_APP_SERV_NOT_PERMITTED);
+    				}
+    			}
     			List profiles = modifyUserService.listProfiles(username, txSession);
     			for (Iterator profileIter = profiles.iterator(); profileIter.hasNext();) {
     			for (Iterator profileIter = profiles.iterator(); profileIter
     					.hasNext();) {
     				UserProfile profile = (UserProfile) profileIter.next();
     				final Integer appIdForProfile = (Integer) AppAccessMgtService
     						.profileToAppMap.get(profile.getClass());
     				final Integer appIdForProfile = (Integer) AppAccessMgtService.profileToAppMap
     						.get(profile.getClass());
     				if (targetAppId.equals(appIdForProfile)) {
     					return profile;
-...
     			return null;
     		} catch (MultipleAppAccessesFound e) {
     			throw new UPassException(MinimalConstants.ERR_APP_SERV_NOT_PERMITTED, e);
     			throw new UPassException(
     					MinimalConstants.ERR_APP_SERV_NOT_PERMITTED, e);
+    		}
+    	}
     	public List/* <UserProfile> */listProfilesByExamples(
     			String appAccessId, String hashedSecretKey,
     			List/* <UserProfile> */exampleProfiles, Session txSession)
     			throws UPassException {
     	public List/* <UserProfile> */listProfilesByExamples(String appAccessId,
     			String hashedSecretKey, List/* <UserProfile> */exampleProfiles,
     			Session txSession) throws UPassException {
     		return listProfilesByExamples(appAccessId, hashedSecretKey, exampleProfiles, null, txSession);
     		return listProfilesByExamples(appAccessId, hashedSecretKey,
     				exampleProfiles, null, txSession);
+    	}
     	public List/* <UserProfile> */listProfilesByExamples(
     			String appAccessId, String hashedSecretKey,
     			List/* <UserProfile> */exampleProfiles, Integer targetAppId, Session txSession)
     			throws UPassException {
     	public List/* <UserProfile> */listProfilesByExamples(String appAccessId,
     			String hashedSecretKey, List/* <UserProfile> */exampleProfiles,
     			Integer targetAppId, Session txSession) throws UPassException {
     		try {
     			AccessCheckResult checkResult = checkAppAccess(appAccessId, hashedSecretKey, txSession);
     			AccessCheckResult checkResult = checkAppAccess(appAccessId,
     					hashedSecretKey, txSession);
     			final boolean upassAdmin = checkResult.hasUPassAdminAccess();
     			if (!upassAdmin) {
     				if (checkResult.invokerAppId == null)
     					throw new UPassException(MinimalConstants.ERR_APP_SERV_NOT_PERMITTED);
     					throw new UPassException(
     							MinimalConstants.ERR_APP_SERV_NOT_PERMITTED);
     				if (targetAppId == null) {
     					targetAppId = checkResult.invokerAppId;
     				} else if (!targetAppId.equals(checkResult.invokerAppId)) {
     					throw new UPassException(MinimalConstants.ERR_APP_SERV_NOT_PERMITTED);
     					throw new UPassException(
     							MinimalConstants.ERR_APP_SERV_NOT_PERMITTED);
+    				}
+    			}
     			List profiles = modifyUserService.listProfilesByExamples(exampleProfiles, txSession);
     			List profiles = modifyUserService.listProfilesByExamples(
     					exampleProfiles, txSession);
     			if (targetAppId != null)
     				for (Iterator iterator = profiles.iterator(); iterator.hasNext();) {
     				for (Iterator iterator = profiles.iterator(); iterator
     						.hasNext();) {
     					UserProfile profile = (UserProfile) iterator.next();
     					final Integer appIdForProfile = (Integer) AppAccessMgtService
     							.profileToAppMap.get(profile.getClass());
     					final Integer appIdForProfile = (Integer) AppAccessMgtService.profileToAppMap
     							.get(profile.getClass());
     					if (!targetAppId.equals(appIdForProfile))
     						iterator.remove();
-...
     			return profiles;
     		} catch (MultipleAppAccessesFound e) {
     			throw new UPassException(MinimalConstants.ERR_APP_SERV_NOT_PERMITTED, e);
     			throw new UPassException(
     					MinimalConstants.ERR_APP_SERV_NOT_PERMITTED, e);
+    		}
+    	}
     	public List/* <UserProfile> */listProfilesByExamples(
     			String appAccessId, String hashedSecretKey,
     			List/* <UserProfile> */exampleProfiles, Date fromDate, Date toDate, Session txSession)
     	public List/* <UserProfile> */listProfilesByExamples(String appAccessId,
     			String hashedSecretKey, List/* <UserProfile> */exampleProfiles,
     			Date fromDate, Date toDate, Session txSession)
     			throws UPassException {
     		try {
     			AccessCheckResult checkResult = checkAppAccess(appAccessId, hashedSecretKey, txSession);
     			AccessCheckResult checkResult = checkAppAccess(appAccessId,
     					hashedSecretKey, txSession);
     			final boolean upassAdmin = checkResult.hasUPassAdminAccess();
     			if (!upassAdmin) {
     				if (checkResult.invokerAppId == null)
     					throw new UPassException(MinimalConstants.ERR_APP_SERV_NOT_PERMITTED);
     					throw new UPassException(
     							MinimalConstants.ERR_APP_SERV_NOT_PERMITTED);
+    			}
     			List profiles = modifyUserService.listProfilesByExamples(exampleProfiles, fromDate, toDate, txSession);
     			List profiles = modifyUserService.listProfilesByExamples(
     					exampleProfiles, fromDate, toDate, txSession);
     			return profiles;
     		} catch (MultipleAppAccessesFound e) {
     			throw new UPassException(MinimalConstants.ERR_APP_SERV_NOT_PERMITTED, e);
     			throw new UPassException(
     					MinimalConstants.ERR_APP_SERV_NOT_PERMITTED, e);
+    		}
+    	}
-...
     			if (maybankLdapDAO == null) {
     				Resource resource = new ClassPathResource("spring-ldap.xml");
     				BeanFactory factory = new XmlBeanFactory(resource);
     				maybankLdapDAO = (MaybankLdapDAO) factory.getBean("maybankLdap");
     				maybankLdapDAO = (MaybankLdapDAO) factory
     						.getBean("maybankLdap");
+    			}
     			return maybankLdapDAO;

+    				}
     				// update ldap
     				if (pc.getConfigBean().isInMigrationPeriod()) {
     				if (upc.isInMigrationPeriod()) {
     					Map attrMap = new HashMap();
     					attrMap.put(MaybankLdapConstant.ATTR_PASSWORD, newPassword);
     					MinimalUPassControllerV2.getMaybankLdapDAO().updateUser(userBean.getUserAlias(), attrMap);

     			// update ldap
     			if (updateLdap
     					&& pc != null && pc.getConfigBean().isInMigrationPeriod()) {
     					&& pc != null && upc.isInMigrationPeriod()) {
     				Map attrMap = new HashMap();
     				attrMap.put(MaybankLdapConstant.ATTR_PASSWORD, userPassword);

     import java.util.Calendar;
     import java.util.Date;
     import my.com.upass.Config;
     import my.com.upass.ConfigBean;
     import my.com.upass.MinimalConstants;
     import my.com.upass.MinimalUPassControllerV2;
-...
     				ret.code = MinimalConstants.ERR_USERALIAS_NOT_FOUND;
     				return ret;
+    			}
     			PasswordController pc = (PasswordController) MinimalUPassFactory.getPasswordController(
     					ret.user, upc.getConfigurationsMap());
     			ConfigBean configBean = pc.getConfigBean();
     			// -- migration period checking : START --
     			if (configBean.isInMigrationPeriod()
     			if (upc.isInMigrationPeriod()
     					&& ret.user.getHashedPassword() == null) { // password null, so the user haven't get migrated.
     				// authenticate to ldap
-...
     				ret.code = MinimalConstants.ERR_APP_SERV_NOT_PERMITTED;
     				return ret;
+    			}
     			PasswordController pc = (PasswordController) MinimalUPassFactory.getPasswordController(
     					ret.user, upc.getConfigurationsMap());
     			ConfigBean configBean = pc.getConfigBean();
     			ret.user = (MinimalUserBean) pc.getUpdatedObject();
     			// verify user dormant period
-...
     			} else {
     				// verify user password
     				ret.code = pc.VerifyPassword(password);
     				// suspend if exceeded max retries
     				if (ret.code == MinimalConstants.ERR_EXCEED_MAX_TRIES
     						&& (ret.user.getUserType() != MinimalConstants.UTYPE_STATE_USER)) {

Also available in: Unified diff

Z-Archive » Maybank Projects » M2U UPASS Project

Revision 55:28caa3ab6e93