m2u-upass-core / src / my / com / upass / services / CheckPasswordReusedService.java @ 0:02300db8682b
History | View | Annotate | Download (2.64 KB)
1 |
/**
|
---|---|
2 |
* Copyright (c) 2010 Penril Datability (M) Sdn Bhd All rights reserved.
|
3 |
*
|
4 |
* This software is copyrighted. Under the copyright laws, this software
|
5 |
* may not be copied, in whole or in part, without prior written consent
|
6 |
* of Penril Datability (M) Sdn Bhd or its assignees. This software is
|
7 |
* provided under the terms of a license between Penril Datability (M)
|
8 |
* Sdn Bhd and the recipient, and its use is subject to the terms of that
|
9 |
* license.
|
10 |
*/
|
11 |
|
12 |
package my.com.upass.services; |
13 |
|
14 |
import java.util.Date; |
15 |
import java.util.StringTokenizer; |
16 |
|
17 |
import my.com.upass.Constants; |
18 |
import my.com.upass.UPassControllerV2; |
19 |
import my.com.upass.dao.DAOFactoryProvider; |
20 |
import my.com.upass.dao.UserDAO; |
21 |
import my.com.upass.factory.UPassFactory; |
22 |
import my.com.upass.pojo.UserBean; |
23 |
import my.com.upass.spassword.PasswordController; |
24 |
|
25 |
/**
|
26 |
* PROGRAMMER: Danniell
|
27 |
* CHANGE-NO:
|
28 |
* TASK-NO:
|
29 |
* DATE CREATED: Dec 29, 2011
|
30 |
* TAG AS:
|
31 |
* REASON(S):
|
32 |
* MODIFICATION:
|
33 |
*/
|
34 |
|
35 |
/**
|
36 |
* <Class description>
|
37 |
*/
|
38 |
public class CheckPasswordReusedService |
39 |
{ |
40 |
private UPassControllerV2 upc;
|
41 |
|
42 |
public CheckPasswordReusedService(UPassControllerV2 upc)
|
43 |
{ |
44 |
this.upc = upc;
|
45 |
} |
46 |
|
47 |
public int CheckPasswordReused (String userAlias, String password) |
48 |
{ |
49 |
String token;
|
50 |
|
51 |
if (userAlias == null || password == null) |
52 |
{ |
53 |
return Constants.ERR_INVALID_INPUT;
|
54 |
} |
55 |
|
56 |
try
|
57 |
{ |
58 |
UserDAO userDao = DAOFactoryProvider.getDAOFactory ().getUserDAO (); |
59 |
UserBean userBean = userDao.getUserFromStore (userAlias); |
60 |
|
61 |
if (userBean == null) |
62 |
{ |
63 |
return Constants.ERR_USERALIAS_NOT_FOUND;
|
64 |
} |
65 |
|
66 |
// verify user state, must be active (not inactive|locked|deleted)
|
67 |
switch (userBean.getUstate ())
|
68 |
{ |
69 |
case (Constants.UID_STATE_ACTIVE):
|
70 |
break;
|
71 |
case (Constants.UID_STATE_TMP_LOCKED):
|
72 |
Date now = new Date (); |
73 |
if (userBean.getUdateLockedTo ().after (now))
|
74 |
{ |
75 |
return Constants.ERR_INVALID_STATE;
|
76 |
} |
77 |
break;
|
78 |
default:
|
79 |
return Constants.ERR_INVALID_STATE;
|
80 |
} |
81 |
|
82 |
PasswordController pc = UPassFactory.getPasswordController ( |
83 |
userBean, upc.getConfigurationsMap ()); |
84 |
String cipherText = pc.SHA256 (userBean.getUserAlias(), password);
|
85 |
|
86 |
if (userBean.getPhistoryList () != null) |
87 |
{ |
88 |
StringTokenizer stz = new StringTokenizer ( |
89 |
userBean.getPhistoryList (), ":");
|
90 |
while (stz.hasMoreTokens ())
|
91 |
{ |
92 |
token = stz.nextToken (); |
93 |
if (cipherText.equals (token))
|
94 |
{ |
95 |
return Constants.ERR_REUSED_PASSWD;
|
96 |
} |
97 |
} |
98 |
} |
99 |
return Constants.ERR_SUCCESS;
|
100 |
} |
101 |
catch (Exception e) |
102 |
{ |
103 |
e.printStackTrace (); |
104 |
return Constants.ERR_SYSTEM_NOT_READY;
|
105 |
} |
106 |
} |
107 |
} |