Revision 9:16125cca68e4
pom.xml | ||
---|---|---|
268 | 268 |
<version>0.0.1-SNAPSHOT</version> |
269 | 269 |
</dependency> |
270 | 270 |
<dependency> |
271 |
<groupId>log4j</groupId> |
|
272 |
<artifactId>log4j</artifactId> |
|
273 |
<version>1.2.14</version> |
|
274 |
<scope>compile</scope> |
|
275 |
</dependency> |
|
276 |
<dependency> |
|
277 | 271 |
<groupId>net.penril</groupId> |
278 | 272 |
<artifactId>aal2wrap</artifactId> |
279 | 273 |
<version>1</version> |
... | ... | |
380 | 374 |
<groupId>com.oracle.jdbc</groupId> |
381 | 375 |
<artifactId>com.springsource.oracle.jdbc</artifactId> |
382 | 376 |
<version>10.2.0.2</version> |
377 |
<groupId>net.penril</groupId> |
|
378 |
<artifactId>m2u-upass-min</artifactId> |
|
379 |
<version>1.0-SNAPSHOT</version> |
|
383 | 380 |
</dependency> |
384 | 381 |
</dependencies> |
385 | 382 |
</project> |
src/my/com/upass/Constants.java | ||
---|---|---|
5 | 5 |
*/ |
6 | 6 |
package my.com.upass; |
7 | 7 |
|
8 |
import java.text.SimpleDateFormat; |
|
9 | 8 |
import java.util.HashMap; |
10 | 9 |
|
11 | 10 |
/** |
12 | 11 |
* @author Administrator |
13 | 12 |
* |
14 | 13 |
*/ |
15 |
public class Constants { |
|
16 |
// object query mode |
|
17 |
public static final int MODE_QUSERBEAN = 0; |
|
18 |
public static final int MODE_QTACBEAN = 1; |
|
19 |
public static final int MODE_QVASCOBEAN = 2; |
|
20 |
|
|
14 |
public class Constants extends MinimalConstants { |
|
21 | 15 |
public static final int MODE_QNEXTVAL = 0; |
22 | 16 |
public static final int MODE_QCURRVAL = 1; |
23 | 17 |
|
24 |
// user ID state |
|
25 |
public static final int UID_STATE_ACTIVE = 0; |
|
26 |
public static final int UID_STATE_TMP_LOCKED = 1; |
|
27 | 18 |
public static final int UID_STATE_LOCKED = 2; |
28 | 19 |
public static final int UID_STATE_INACTIVE = 3; |
29 | 20 |
public static final int UID_STATE_DELETED = 4; |
... | ... | |
35 | 26 |
public static final int TKN_STATE_LOCKED = 3; |
36 | 27 |
public static final int TKN_STATE_DELETED = 4; |
37 | 28 |
|
38 |
// user Type |
|
39 |
public static final int UTYPE_STATE_ROOT = 0; |
|
40 |
public static final int UTYPE_STATE_ADMIN = 1; |
|
41 |
public static final int UTYPE_STATE_USER = 2; |
|
42 |
|
|
43 |
// password status |
|
44 |
public static final int PASSWD_STATUS_ENABLE = 0; |
|
45 | 29 |
public static final int PASSWD_STATUS_DISABLE = 1; |
46 | 30 |
public static final int PASSWD_STATUS_ONETIMEUSED = 2; |
47 | 31 |
public static final int PASSWD_LIFE_SPAN = 30; |
48 |
public static final int PASSWD_NEVER_EXPIRE = 1; |
|
49 |
public static final int PASSWD_WILL_EXPIRE = 0; |
|
50 |
|
|
51 | 32 |
// general status |
52 | 33 |
public static final int YES = 0; |
53 | 34 |
public static final int NO = 1; |
54 | 35 |
public static final int NEVER = 9; |
55 | 36 |
|
56 |
// application Error Code |
|
57 |
public static final int ERR_SUCCESS = 0; |
|
58 |
public static final int ERR_INVALID_CREDENTIAL = 1; |
|
59 |
public static final int ERR_EXCEED_MAX_TRIES = 2; |
|
60 |
public static final int ERR_REUSED_PASSWD = 3; |
|
61 |
public static final int ERR_PASSWD_EXPIRED = 4; |
|
62 |
public static final int ERR_INVALID_STATE = 5; |
|
63 |
public static final int ERR_USERALIAS_NOT_FOUND = 6; |
|
64 |
public static final int ERR_TOKEN_NOT_ASSIGNED = 7; |
|
65 | 37 |
public static final int ERR_TOKEN_ALREADY_ASSIGNED = 8; |
66 | 38 |
public static final int ERR_TOKEN_NOT_EXIST = 9; |
67 |
public static final int ERR_APP_SERV_NOT_PERMITTED = 10; |
|
68 |
public static final int ERR_ALREADY_EXIST = 11; |
|
69 | 39 |
public static final int ERR_TAC_ALREADY_EXIST = 12; |
70 | 40 |
public static final int ERR_EXCEED_MAX_USE = 13; |
71 | 41 |
public static final int ERR_INVALID_SESSION = 14; |
72 | 42 |
public static final int ERR_USER_DORMANT = 15; |
73 |
public static final int ERR_INVALID_USERALIAS = 16; |
|
74 |
public static final int ERR_PASSWORD_SAMEAS_USERALIAS = 17; |
|
75 |
|
|
76 |
public static final int ERR_PASSWD_EXPIRED_NOTIFICATION = 27; |
|
77 |
public static final int ERR_PASSWD_CHANGE_INTERVAL = 28; |
|
78 |
|
|
79 | 43 |
//Additional error code for gemalto application (from code 18 to code 26) |
80 | 44 |
public static final int ERR_BLOBINVALID = 18; |
81 | 45 |
public static final int ERR_BUFFER = 19; |
... | ... | |
88 | 52 |
public static final int ERR_AUTH_MODE = 26; |
89 | 53 |
|
90 | 54 |
|
91 |
public static final int ERR_PASSWD_WEAK = 96; |
|
92 |
public static final int ERR_INVALID_INPUT = 97; |
|
93 |
public static final int ERR_SYSTEM_NOT_READY = 98; |
|
94 | 55 |
public static final int ERR_UNKNOWN = 99; |
95 | 56 |
public static final int ERR_SECURITY_CODE_ALREADY_EXIST = 32; |
96 | 57 |
|
... | ... | |
225 | 186 |
public static final String OCRASUITE = "OCRA-1:HOTP-SHA1-8:QH64-T30S"; |
226 | 187 |
public static final int TIMESTEPUSED = 30; //default is 30 due to S'pore regulation |
227 | 188 |
|
228 |
// application Error Text |
|
229 |
public static HashMap<String,String> getErrText(String code) { |
|
230 |
HashMap<String,String> map = new HashMap<String,String>(); |
|
231 |
|
|
232 |
// begin text |
|
233 |
map.put("0", "ERR_SUCCESS" ); |
|
234 |
map.put("1", "ERR_INVALID_CREDENTIAL" ); |
|
235 |
map.put("2", "ERR_EXCEED_MAX_TRIES" ); |
|
236 |
map.put("3", "ERR_REUSED_PASSWD" ); |
|
237 |
map.put("4", "ERR_PASSWD_EXPIRED" ); |
|
238 |
map.put("5", "ERR_INVALID_STATE" ); |
|
239 |
map.put("6", "ERR_USERALIAS_NOT_FOUND" ); |
|
240 |
map.put("7", "ERR_TOKEN_NOT_ASSIGNED" ); |
|
241 |
map.put("8", "ERR_TOKEN_ALREADY_ASSIGNED" ); |
|
242 |
map.put("9", "ERR_TOKEN_NOT_EXIST" ); |
|
243 |
map.put("10", "ERR_APP_SERV_NOT_PERMITTED" ); |
|
244 |
map.put("11", "ERR_ALREADY_EXIST" ); |
|
245 |
map.put("12", "ERR_TAC_ALREADY_EXIST" ); |
|
246 |
map.put("13", "ERR_EXCEED_MAX_USE" ); |
|
247 |
map.put("14", "ERR_INVALID_SESSION" ); |
|
248 |
map.put("15", "ERR_EXCEED_MAX_USE" ); |
|
249 |
map.put("16", "ERR_USER_DORMANT" ); |
|
250 |
map.put("17", "ERR_PASSWORD_SAMEAS_USERALIAS" ); |
|
251 |
|
|
252 |
//Additional error text for gemalto application (from text 18 to text 26) |
|
253 |
map.put("18", "ERR_BLOBINVALID" ); |
|
254 |
map.put("19", "ERR_BUFFER" ); |
|
255 |
map.put("20", "ERR_PARAM" ); |
|
256 |
map.put("21", "ERR_SNOINVALID" ); |
|
257 |
map.put("22", "ERR_OTPINVALID" ); |
|
258 |
map.put("23", "ERR_BLOBOTINIT" ); |
|
259 |
map.put("24", "ERR_FAILED" ); |
|
260 |
map.put("25", "ERR_REQINVALID" ); |
|
261 |
map.put("26", "ERR_AUTH_MODE" ); |
|
262 |
|
|
263 |
map.put("96", "ERR_PASSWD_WEAK" ); |
|
264 |
map.put("97", "ERR_INVALID_INPUT" ); |
|
265 |
map.put("98", "ERR_SYSTEM_NOT_READY" ); |
|
266 |
map.put("99", "ERR_UNKNOWN" ); |
|
267 |
|
|
268 |
//Additional error code for secure metric application (from code 102 to code 225) |
|
269 |
map.put("101", "Execution failure" ); |
|
270 |
map.put("102", "Invalid parameter" ); |
|
271 |
map.put("103", "Incorrect license file" ); |
|
272 |
map.put("104", "License file expired" ); |
|
273 |
map.put("105", "Successful authentication" ); |
|
274 |
map.put("106", "No username found" ); |
|
275 |
map.put("107", "No dynamic password found" ); |
|
276 |
map.put("108", "No user PIN found" ); |
|
277 |
map.put("109", "No token number found" ); |
|
278 |
map.put("110", "Invalid username" ); |
|
279 |
map.put("111", "Invalid OTP" ); |
|
280 |
map.put("112", "Invalid token seed" ); |
|
281 |
map.put("113", "Invalid authentication base number" ); |
|
282 |
map.put("114", "The token should be synchronized" ); |
|
283 |
map.put("115", "Invalid clock offset" ); |
|
284 |
map.put("116", "Invalid user PIN" ); |
|
285 |
map.put("117", "Invalid database user PIN" ); |
|
286 |
map.put("118", "Failed to get userinformation" ); |
|
287 |
map.put("119", "Failed to get token information" ); |
|
288 |
map.put("120", "The token has been reported as lost" ); |
|
289 |
map.put("121", "The token has beenlocked" ); |
|
290 |
map.put("122", "No PIN in database" ); |
|
291 |
map.put("123", "Invalid token type" ); |
|
292 |
map.put("124", "Invalid token number" ); |
|
293 |
map.put("125", "Failed to get token assignment status" ); |
|
294 |
map.put("126", "Failed to get the number of the tokens assigned to the user" ); |
|
295 |
map.put("127", "The token has been assigned" ); |
|
296 |
map.put("128", "The number of the tokens that are bound is the maximum already" ); |
|
297 |
map.put("129", "Need to verify PIN" ); |
|
298 |
map.put("130", "The user is inactive" ); |
|
299 |
map.put("131", "No authentication agent found" ); |
|
300 |
map.put("132", "No authentication server found" ); |
|
301 |
map.put("133", "No shared key found" ); |
|
302 |
map.put("134", "Configuration file error" ); |
|
303 |
map.put("135", "Database type error" ); |
|
304 |
map.put("136", "Connection error" ); |
|
305 |
map.put("137", "No data source found or driver error" ); |
|
306 |
map.put("138", "No database found" ); |
|
307 |
map.put("139", "No server found or access denied" ); |
|
308 |
map.put("140", "Username/password error, logon failure" ); |
|
309 |
map.put("141", "No connection available" ); |
|
310 |
map.put("142", "The number of connections is the maximum already" ); |
|
311 |
map.put("143", "The operation is restricted by user source settings" ); |
|
312 |
map.put("144", "The user already exists" ); |
|
313 |
map.put("145", "The user does not exist" ); |
|
314 |
map.put("146", "The record does not exist" ); |
|
315 |
map.put("147", "The token already exists" ); |
|
316 |
map.put("148", "The token does not exist" ); |
|
317 |
map.put("149", "The agent already exists" ); |
|
318 |
map.put("150", "The agent does not exist" ); |
|
319 |
map.put("151", "The authentication server already exists" ); |
|
320 |
map.put("152", "The authentication server does not exist" ); |
|
321 |
map.put("153", "User source type error" ); |
|
322 |
map.put("154", "The buffer is not long enough" ); |
|
323 |
map.put("155", "Failed to execute a query" ); |
|
324 |
map.put("156", "Failed to add user information" ); |
|
325 |
map.put("157", "Failed to delete user information" ); |
|
326 |
map.put("158", "Failed to search for user information" ); |
|
327 |
map.put("159", "Failed to change user information" ); |
|
328 |
map.put("160", "Failed to add token information" ); |
|
329 |
map.put("161", "Failed to delete token information" ); |
|
330 |
map.put("162", "Failed to search for token information" ); |
|
331 |
map.put("163", "Failed to change token information" ); |
|
332 |
map.put("164", "Failed to bind token" ); |
|
333 |
map.put("165", "Failed to unbind token" ); |
|
334 |
map.put("166", "The token has not been bound" ); |
|
335 |
map.put("167", "Failed to add authentication agent" ); |
|
336 |
map.put("168", "Failed to delete authentication agent" ); |
|
337 |
map.put("169", "Failed to update authentication agent" ); |
|
338 |
map.put("170", "Failed to get authentication agent" ); |
|
339 |
map.put("171", "Failed to add authentication server" ); |
|
340 |
map.put("172", "Failed to delete authentication server" ); |
|
341 |
map.put("173", "Failed to update authentication server" ); |
|
342 |
map.put("174", "Failed to get authentication server" ); |
|
343 |
map.put("175", "Failed to add mapping to authentication agent" ); |
|
344 |
map.put("176", "Failed to delete mapping to authentication agent" ); |
|
345 |
map.put("177", "Failed to update mapping to authentication agent" ); |
|
346 |
map.put("178", "Failed to get mapping to authentication agent" ); |
|
347 |
map.put("179", "Failed to add log" ); |
|
348 |
map.put("180", "Failed to delete log" ); |
|
349 |
map.put("181", "Failed to update log" ); |
|
350 |
map.put("182", "Failed to get log" ); |
|
351 |
map.put("183", "Failed to add configuration" ); |
|
352 |
map.put("184", "Failed to delete configuration" ); |
|
353 |
map.put("185", "Failed to update configuration" ); |
|
354 |
map.put("186", "Failed to get configuration" ); |
|
355 |
map.put("187", "Failed to add administrator group" ); |
|
356 |
map.put("188", "Failed to delete administrator group" ); |
|
357 |
map.put("189", "Failed to update administrator group" ); |
|
358 |
map.put("190", "Failed to get administrator group" ); |
|
359 |
map.put("191", "Failed to add administration log" ); |
|
360 |
map.put("192", "Failed to delete administration log" ); |
|
361 |
map.put("193", "Failed to update administration log" ); |
|
362 |
map.put("194", "Failed to get administration log" ); |
|
363 |
map.put("195", "Failed to add administrator" ); |
|
364 |
map.put("196", "Failed to delete administrator" ); |
|
365 |
map.put("197", "Failed to update administrator" ); |
|
366 |
map.put("198", "Failed to get administrator" ); |
|
367 |
map.put("199", "Failed to add domain" ); |
|
368 |
map.put("200", "Failed to delete domain" ); |
|
369 |
map.put("201", "Failed to update domain" ); |
|
370 |
map.put("202", "Failed to get domain" ); |
|
371 |
map.put("203", "Failed to add temporary user" ); |
|
372 |
map.put("204", "Failed to delete temporary user" ); |
|
373 |
map.put("205", "Failed to update temporary user" ); |
|
374 |
map.put("206", "Failed to get temporary user" ); |
|
375 |
map.put("207", "Failed to reload database connection" ); |
|
376 |
map.put("208", "Failed to load LOG4J configuration file" ); |
|
377 |
map.put("209", "Failed to add application group" ); |
|
378 |
map.put("210", "Failed to delete application group" ); |
|
379 |
map.put("211", "Failed to update application group" ); |
|
380 |
map.put("212", "Failed to get application group" ); |
|
381 |
map.put("213", "Failed to add user and application group" ); |
|
382 |
map.put("214", "Failed to delete user and application group" ); |
|
383 |
map.put("215", "Failed to update user and application group" ); |
|
384 |
map.put("216", "Failed to get user and application group" ); |
|
385 |
map.put("217", "Failed to add zone" ); |
|
386 |
map.put("218", "Failed to delete zone" ); |
|
387 |
map.put("219", "Failed to update zone" ); |
|
388 |
map.put("220", "Failed to get zone" ); |
|
389 |
map.put("221", "Failed to add license" ); |
|
390 |
map.put("222", "Failed to delete license" ); |
|
391 |
map.put("223", "Failed to update license" ); |
|
392 |
map.put("224", "Failed to get license" ); |
|
393 |
map.put("225", "Failed to initialize LDAP" ); |
|
394 |
// end text here |
|
395 |
|
|
396 |
return map; |
|
397 |
} |
|
398 |
|
|
399 | 189 |
//Gemalto authentication mode |
400 | 190 |
public static HashMap <String,Integer> authModeMapInstance = null; |
401 | 191 |
|
... | ... | |
419 | 209 |
return getAuthInstance().get(authMode); |
420 | 210 |
} |
421 | 211 |
|
422 |
/** |
|
423 |
* defaultDateFormat = "dd-MM-yyyy HH:mm:ss"; |
|
424 |
*/ |
|
425 |
public static final SimpleDateFormat defaultDateFormat = new SimpleDateFormat( |
|
426 |
"dd-MM-yyyy HH:mm:ss"); |
|
427 |
|
|
428 | 212 |
public static final String TYPE_SYSTEM = "SYSTEM"; |
429 | 213 |
public static final int SYSTEM_ID = 0; |
430 | 214 |
|
src/my/com/upass/UPassController.java | ||
---|---|---|
9 | 9 |
|
10 | 10 |
import my.com.upass.db.DBOperations; |
11 | 11 |
import my.com.upass.factory.UPassFactory; |
12 |
import my.com.upass.pojo.MinimalUserBean; |
|
12 | 13 |
import my.com.upass.pojo.TacBean; |
13 | 14 |
import my.com.upass.pojo.UserBean; |
14 | 15 |
import my.com.upass.spassword.PasswordController; |
15 | 16 |
import my.com.upass.vasco.LoadTokenDPX; |
16 | 17 |
import my.com.upass.vasco.TokenController; |
17 | 18 |
|
18 |
import org.apache.log4j.Logger; |
|
19 |
|
|
20 | 19 |
//import com.vasco.utils.DigipassInfo; |
21 | 20 |
|
22 | 21 |
/** |
... | ... | |
24 | 23 |
* UPassController Class Release 20090703 |
25 | 24 |
* |
26 | 25 |
*/ |
27 |
public class UPassController { |
|
26 |
public class UPassController extends MinimalUPassController {
|
|
28 | 27 |
|
29 | 28 |
// private UserBean userBean = null; |
30 | 29 |
// private TacBean tacBean = null; |
31 | 30 |
long userID; |
32 |
String userAlias; |
|
33 |
int SUPERVISOR_ID_SUSPEND = 0; |
|
34 |
int _MAX_ERROR = 0; |
|
35 |
|
|
36 |
Logger logger = Logger.getLogger(UPassController.class.getName()); |
|
37 | 31 |
|
38 | 32 |
/** |
39 | 33 |
* Constructs an empty object |
... | ... | |
98 | 92 |
return rc; |
99 | 93 |
} |
100 | 94 |
|
101 |
int verifyStaticPassword(String userAlias, String password, boolean chkUserType, int userType) { |
|
102 |
|
|
103 |
if (userAlias == null || password == null) { |
|
104 |
return Constants.ERR_INVALID_INPUT; |
|
105 |
} |
|
106 |
|
|
107 |
DBOperations dbo = new DBOperations(); |
|
108 |
UserBean userBean = new UserBean(); |
|
109 |
userBean = dbo.getUserFromStore(userAlias); |
|
110 |
if (userBean == null) { |
|
111 |
dbo.close(); |
|
112 |
return Constants.ERR_USERALIAS_NOT_FOUND; |
|
113 |
} |
|
114 |
|
|
115 |
// verify user state, must be active (not inactive|locked|deleted) |
|
116 |
switch (userBean.getUstate()) { |
|
117 |
case (Constants.UID_STATE_ACTIVE): |
|
118 |
break; |
|
119 |
case (Constants.UID_STATE_TMP_LOCKED): |
|
120 |
Date now = new Date(); |
|
121 |
if (userBean.getUdateLockedTo().after(now)) { |
|
122 |
dbo.close(); |
|
123 |
return Constants.ERR_INVALID_STATE; |
|
124 |
} |
|
125 |
break; |
|
126 |
default: |
|
127 |
dbo.close(); |
|
128 |
return Constants.ERR_INVALID_STATE; |
|
129 |
} |
|
130 |
|
|
131 |
// verify user type |
|
132 |
if (chkUserType && userBean.getUserType() != userType) { |
|
133 |
dbo.close(); |
|
134 |
return Constants.ERR_APP_SERV_NOT_PERMITTED; |
|
135 |
} |
|
136 |
|
|
137 |
// verify user password |
|
138 |
PasswordController pc = new PasswordController(userBean); |
|
139 |
int rc = pc.VerifyPassword(password); |
|
140 |
userBean = pc.getUpdatedObject(); |
|
141 |
|
|
142 |
// suspend if exceeded max retries |
|
143 |
if (rc == Constants.ERR_EXCEED_MAX_TRIES && |
|
144 |
(userBean.getUserType() != Constants.UTYPE_STATE_USER)) { |
|
145 |
|
|
146 |
Calendar expiryDate = Calendar.getInstance(); |
|
147 |
expiryDate.add(Calendar.MINUTE, +SUPERVISOR_ID_SUSPEND); |
|
148 |
|
|
149 |
userBean.setUstate(Constants.UID_STATE_TMP_LOCKED); |
|
150 |
userBean.setPerrorCount(_MAX_ERROR - 1); |
|
151 |
userBean.setUdateLockedFrom((new Date())); |
|
152 |
userBean.setUdateLockedTo(expiryDate.getTime()); |
|
153 |
userBean.setUdateLastLocked((new Date())); |
|
154 |
} |
|
155 |
|
|
156 |
// Debug info: |
|
157 |
logger.debug("RC........." + rc + "\n" + |
|
158 |
".use......." + userBean.getPuseCount() + "\n" + |
|
159 |
".err......." + userBean.getPerrorCount() + "\n" + |
|
160 |
".hist......" + userBean.getPhistoryList() + "\n" + |
|
161 |
".last......" + |
|
162 |
new String(Constants.defaultDateFormat.format(userBean.getPdateLastUsed()))); |
|
163 |
// debug info: |
|
164 |
|
|
165 |
// update database |
|
166 |
boolean lrc = dbo.updateUserToStore(userBean); |
|
167 |
dbo.close(); |
|
168 |
if (!lrc) { |
|
169 |
rc = Constants.ERR_SYSTEM_NOT_READY; |
|
170 |
} |
|
171 |
return rc; |
|
172 |
} |
|
173 |
|
|
174 | 95 |
/** |
175 | 96 |
* This method generate static password and to be using SP_VerifyStaticPassword(). |
176 | 97 |
* |
... | ... | |
195 | 116 |
|
196 | 117 |
private int changeStaticPassword(String userAlias, String newPassword, String oldPassword) { |
197 | 118 |
DBOperations dbo = new DBOperations(); |
198 |
UserBean userBean = new UserBean(); |
|
119 |
MinimalUserBean userBean = new UserBean();
|
|
199 | 120 |
userBean = dbo.getUserFromStore(userAlias); |
200 | 121 |
if (userBean == null) { |
201 | 122 |
dbo.close(); |
... | ... | |
315 | 236 |
} |
316 | 237 |
|
317 | 238 |
/** |
318 |
* This method to add admin users to the system |
|
319 |
* |
|
320 |
* @param rootAlias |
|
321 |
* @param rootPassword |
|
322 |
* @param adminUserAlias |
|
323 |
* @param adminDesc |
|
324 |
* @param adminUserPassword |
|
325 |
* @return ERR_code defined in the Constants<br/> |
|
326 |
* ERR_SUCCESS<br/> |
|
327 |
* ERR_SYSTEM_NOT_READY<br/> |
|
328 |
* ERR_USERALIAS_NOT_FOUND <br/> |
|
329 |
* ERR_INVALID_STATE - root not active or temporary suspended.<br/> |
|
330 |
* ERR_APP_SERV_NOT_PERMITTED - for operation not allowed for the user type.<br/> |
|
331 |
* ERR_EXCEED_MAX_TRIES<br/> |
|
332 |
* ERR_INVALID_CREDENTIAL<br/> |
|
333 |
* ERR_INVALID_INPUT - internal error.<br/> |
|
334 |
* ERR_ALREADY_EXIST<br/> |
|
335 |
*/ |
|
336 |
public int AD_AddUser(String rootAlias, String rootPassword, |
|
337 |
String adminUserAlias, String adminDesc, String adminUserPassword) { |
|
338 |
int rc = ad_AddUser(rootAlias, rootPassword, adminUserAlias, adminDesc, adminUserPassword); |
|
339 |
logger.info(userAlias + " Return=" + rc); |
|
340 |
return rc; |
|
341 |
} |
|
342 |
|
|
343 |
private int ad_AddUser(String rootAlias, String rootPassword, |
|
344 |
String adminUserAlias, String adminDesc, String adminUserPassword) { |
|
345 |
|
|
346 |
// verify supervisor password |
|
347 |
int rc = verifyStaticPassword(rootAlias, rootPassword, true, Constants.UTYPE_STATE_ROOT); |
|
348 |
if (rc != Constants.ERR_SUCCESS) { |
|
349 |
return rc; |
|
350 |
} |
|
351 |
|
|
352 |
rc = addUser(adminUserAlias, Constants.UTYPE_STATE_ADMIN, adminDesc, adminUserPassword, |
|
353 |
Constants.UID_STATE_ACTIVE); |
|
354 |
return rc; |
|
355 |
} |
|
356 |
|
|
357 |
/** |
|
358 | 239 |
* This method to modify admin users to the system |
359 | 240 |
* |
360 | 241 |
* @param rootAlias |
... | ... | |
396 | 277 |
Constants.UID_STATE_ACTIVE); |
397 | 278 |
} |
398 | 279 |
|
399 |
private int addUser(String userAlias, int userType, String userDesc, String userPassword, int userState) { |
|
400 |
int rc; |
|
401 |
|
|
402 |
if (userAlias == null || userPassword == null) |
|
403 |
return Constants.ERR_INVALID_INPUT; |
|
404 |
|
|
405 |
// insert into DB |
|
406 |
DBOperations dbo = new DBOperations(); |
|
407 |
UserBean ub = new UserBean(); |
|
408 |
ub.setUserAlias(userAlias); |
|
409 |
ub.setDescription(userDesc); |
|
410 |
ub.setUserType(userType); |
|
411 |
ub.setUstate(userState); |
|
412 |
|
|
413 |
PasswordController pc = new PasswordController(ub); |
|
414 |
rc = pc.VerifyUserAlias(userAlias); |
|
415 |
// if useralias is valid then continue else return error |
|
416 |
if (rc == Constants.ERR_SUCCESS) { |
|
417 |
rc = pc.GeneratePassword(userPassword, false); |
|
418 |
ub = pc.getUpdatedObject(); |
|
419 |
|
|
420 |
// Debug info: |
|
421 |
// logger.info( "RC........." + rc); |
|
422 |
// logger.info( ".hist......" + ub.getPhistoryList() + "/" + ub.getUserID()); |
|
423 |
|
|
424 |
// debug info: |
|
425 |
if (dbo.insertUserToStore(ub)) { |
|
426 |
rc = Constants.ERR_SUCCESS; |
|
427 |
} |
|
428 |
else { |
|
429 |
rc = Constants.ERR_ALREADY_EXIST; |
|
430 |
} |
|
431 |
dbo.close(); |
|
432 |
} |
|
433 |
|
|
434 |
return rc; |
|
435 |
|
|
436 |
} |
|
437 |
|
|
438 | 280 |
// TODO: chg to public for testing purpose only |
439 | 281 |
private int modifyUser(String userAlias, int userType, String userDesc, String userPassword, int userState) { |
440 | 282 |
int rc; |
... | ... | |
444 | 286 |
|
445 | 287 |
// insert into DB |
446 | 288 |
DBOperations dbo = new DBOperations(); |
447 |
UserBean ub = new UserBean(); |
|
289 |
MinimalUserBean ub = new UserBean();
|
|
448 | 290 |
ub = dbo.getUserFromStore(userAlias); |
449 | 291 |
if (ub == null) { |
450 | 292 |
dbo.close(); |
... | ... | |
556 | 398 |
return Constants.ERR_INVALID_INPUT; |
557 | 399 |
|
558 | 400 |
DBOperations dbo = new DBOperations(); |
559 |
UserBean ub = new UserBean(); |
|
401 |
MinimalUserBean ub = new UserBean();
|
|
560 | 402 |
ub = dbo.getUserFromStore(userAlias); |
561 | 403 |
if (ub == null) { |
562 | 404 |
dbo.close(); |
... | ... | |
587 | 429 |
*/ |
588 | 430 |
public int UA_IsUserExist(String userAlias) { |
589 | 431 |
DBOperations dbo = new DBOperations(); |
590 |
UserBean ub = new UserBean(); |
|
432 |
MinimalUserBean ub = new UserBean();
|
|
591 | 433 |
ub = dbo.getUserFromStore(userAlias); |
592 | 434 |
dbo.close(); |
593 | 435 |
if (ub == null) { |
... | ... | |
611 | 453 |
|
612 | 454 |
public int UA_GetUserType(String userAlias) { |
613 | 455 |
DBOperations dbo = new DBOperations(); |
614 |
UserBean ub = new UserBean(); |
|
456 |
MinimalUserBean ub = new UserBean();
|
|
615 | 457 |
ub = dbo.getUserFromStore(userAlias); |
616 | 458 |
dbo.close(); |
617 | 459 |
if (ub == null) { |
... | ... | |
629 | 471 |
*/ |
630 | 472 |
public long UA_GetUserIDByAlias(String userAlias) { |
631 | 473 |
DBOperations dbo = new DBOperations(); |
632 |
UserBean ub = new UserBean(); |
|
474 |
MinimalUserBean ub = new UserBean();
|
|
633 | 475 |
ub = dbo.getUserFromStore(userAlias); |
634 | 476 |
dbo.close(); |
635 | 477 |
return (ub == null) ? 0 : ub.getUserID(); |
... | ... | |
660 | 502 |
HashMap<String, String> map = new HashMap<String, String>(); |
661 | 503 |
|
662 | 504 |
DBOperations dbo = new DBOperations(); |
663 |
UserBean ub = new UserBean(); |
|
505 |
MinimalUserBean ub = new UserBean();
|
|
664 | 506 |
ub = dbo.getUserFromStore(userAlias); |
665 | 507 |
dbo.close(); |
666 | 508 |
if (ub == null) { |
... | ... | |
710 | 552 |
HashMap<String, String> map = new HashMap<String, String>(); |
711 | 553 |
|
712 | 554 |
DBOperations dbo = new DBOperations(); |
713 |
UserBean ub = new UserBean(); |
|
555 |
MinimalUserBean ub = new UserBean();
|
|
714 | 556 |
ub = dbo.getUserFromStore(userAlias); |
715 | 557 |
dbo.close(); |
716 | 558 |
if (ub == null) { |
... | ... | |
930 | 772 |
return Constants.ERR_INVALID_INPUT; |
931 | 773 |
|
932 | 774 |
DBOperations dbo = new DBOperations(); |
933 |
UserBean ub = new UserBean(); |
|
775 |
MinimalUserBean ub = new UserBean();
|
|
934 | 776 |
ub = dbo.getUserFromStore(userAlias); |
935 | 777 |
if (ub == null) { |
936 | 778 |
dbo.close(); |
... | ... | |
1331 | 1173 |
} |
1332 | 1174 |
|
1333 | 1175 |
// check user exist for the token |
1334 |
UserBean ub = new UserBean(); |
|
1176 |
MinimalUserBean ub = new UserBean();
|
|
1335 | 1177 |
ub = dbo.getUserFromStore(targetUserAlias); |
1336 | 1178 |
if (ub == null) { |
1337 | 1179 |
dbo.close(); |
src/my/com/upass/UPassControllerExt.java | ||
---|---|---|
3 | 3 |
import java.util.Date; |
4 | 4 |
|
5 | 5 |
import my.com.upass.db.DBOperations; |
6 |
import my.com.upass.pojo.MinimalUserBean; |
|
6 | 7 |
import my.com.upass.pojo.UserBean; |
7 | 8 |
|
8 | 9 |
/** |
... | ... | |
73 | 74 |
} |
74 | 75 |
|
75 | 76 |
DBOperations dbo = new DBOperations (); |
76 |
UserBean ub = new UserBean (); |
|
77 |
MinimalUserBean ub = new UserBean ();
|
|
77 | 78 |
ub = dbo.getUserFromStore (userAlias); |
78 | 79 |
|
79 | 80 |
if (ub == null) |
src/my/com/upass/db/DBOperations.java | ||
---|---|---|
1 | 1 |
package my.com.upass.db; |
2 | 2 |
|
3 |
import java.math.BigDecimal; |
|
4 |
import java.sql.CallableStatement; |
|
5 | 3 |
import java.sql.Connection; |
6 | 4 |
import java.sql.PreparedStatement; |
7 | 5 |
import java.sql.ResultSet; |
8 | 6 |
import java.sql.SQLException; |
9 | 7 |
import java.sql.Statement; |
10 |
import java.util.Date; |
|
11 | 8 |
|
12 | 9 |
import my.com.upass.Constants; |
13 | 10 |
import my.com.upass.TokenBean; |
14 | 11 |
import my.com.upass.pojo.TacBean; |
15 |
import my.com.upass.pojo.UserBean; |
|
16 | 12 |
import net.penril.generic.hibernate.HibernateUtils; |
17 | 13 |
|
18 |
import org.apache.log4j.Logger; |
|
19 | 14 |
|
20 |
public class DBOperations { |
|
15 |
public class DBOperations extends MinimalDbOperations {
|
|
21 | 16 |
|
22 |
public static final Logger logger = Logger.getLogger (DBOperations.class); |
|
23 |
public Connection conn = null; |
|
24 |
|
|
25 | 17 |
public DBOperations() { |
26 | 18 |
// constructor |
27 | 19 |
try { |
... | ... | |
84 | 76 |
return conn; |
85 | 77 |
} |
86 | 78 |
|
87 |
public boolean isValidConnection() throws Exception { |
|
88 |
if (this.conn == null || this.conn.isClosed()) { |
|
89 |
System.out.println("ERR: Invalid connection!"); |
|
90 |
return false; |
|
91 |
} |
|
92 |
return true; |
|
93 |
} |
|
94 |
|
|
95 |
public void close() { |
|
96 |
// System.out.println("Close connection!"); |
|
97 |
try { |
|
98 |
if (this.conn != null) { |
|
99 |
this.conn.close(); |
|
100 |
} |
|
101 |
} catch (Exception e) { |
|
102 |
logger.error(getFullTrace(e)); |
|
103 |
} |
|
104 |
} |
|
105 |
|
|
106 |
|
|
107 |
public ResultSet executeSQLSelect(PreparedStatement pstmt) throws Exception{ |
|
108 |
|
|
109 |
ResultSet rs = null; |
|
110 |
try { |
|
111 |
if ( isValidConnection() ) { |
|
112 |
if (pstmt == null) |
|
113 |
return null; |
|
114 |
rs = pstmt.executeQuery(); |
|
115 |
} else { |
|
116 |
logger.info("ERR: executeSQL: Invalid DB Conn"); |
|
117 |
return null; |
|
118 |
}// end conn not valid |
|
119 |
}catch(SQLException ex) { |
|
120 |
logger.error("EXC: executeSQL " + ex.getMessage()); |
|
121 |
return null; |
|
122 |
} |
|
123 |
return rs; |
|
124 |
} |
|
125 |
|
|
126 |
public int executeSQLUpdate(PreparedStatement pstmt) throws Exception { |
|
127 |
int rc = 0; |
|
128 |
try { |
|
129 |
if ( isValidConnection() ) { |
|
130 |
if (pstmt == null) |
|
131 |
return 0; |
|
132 |
rc = pstmt.executeUpdate(); //rc is the row count for Insert/modi/dele |
|
133 |
} else { |
|
134 |
logger.info("ERR: executeSQLUpdate: Invalid DB Conn"); |
|
135 |
return 0; |
|
136 |
}// end conn not valid |
|
137 |
}catch(SQLException ex) { |
|
138 |
logger.error("EXC: executeSQLUpdate " + ex.getMessage()); |
|
139 |
// |
|
140 |
// rollback |
|
141 |
// |
|
142 |
try { |
|
143 |
this.conn.rollback(); |
|
144 |
logger.info("EXC:1 executeSQLUpdate :: rollback."); |
|
145 |
} catch(SQLException rbex) { |
|
146 |
logger.error("EXC:executeSQLUpdate :: rollback failed! " + rbex.getMessage()); |
|
147 |
} |
|
148 |
// rollback completed |
|
149 |
|
|
150 |
return 0; |
|
151 |
} finally { |
|
152 |
// |
|
153 |
//this.conn.close(); |
|
154 |
// |
|
155 |
} |
|
156 |
|
|
157 |
return rc; |
|
158 |
} |
|
159 |
|
|
160 |
|
|
161 |
|
|
162 |
public static java.sql.Timestamp getCurrentSqlDate() { |
|
163 |
java.util.Date today = new java.util.Date(); |
|
164 |
return new java.sql.Timestamp(today.getTime()); |
|
165 |
} |
|
166 |
|
|
167 |
public static java.sql.Timestamp convertSqlDate(java.util.Date d) { |
|
168 |
if (d == null) { |
|
169 |
//d = new java.util.Date(); |
|
170 |
return null; |
|
171 |
} |
|
172 |
return new java.sql.Timestamp(d.getTime()); |
|
173 |
} |
|
174 |
|
|
175 | 79 |
public long getCurrSeqID(int mode) { |
176 | 80 |
|
177 | 81 |
|
... | ... | |
220 | 124 |
return lVal; |
221 | 125 |
} |
222 | 126 |
|
223 |
public long getSqlServerSeqID() { |
|
224 |
|
|
225 |
// setup the unique ID |
|
226 |
BigDecimal nextValue = new BigDecimal(0); |
|
227 |
CallableStatement cstmt = null; |
|
228 |
try { |
|
229 |
cstmt = conn.prepareCall(// |
|
230 |
"{call nextval_SEQ_USER_ID(?)}"); |
|
231 |
cstmt.registerOutParameter(1, java.sql.Types.BIGINT); |
|
232 |
cstmt.execute(); |
|
233 |
nextValue = cstmt.getBigDecimal(1); |
|
234 |
logger.info("seq_user_id.value=" + nextValue); |
|
235 |
} catch (SQLException ex) { |
|
236 |
logger.error("SQLEXC: getSqlServerSeqID " + ex.getMessage()); |
|
237 |
} finally { |
|
238 |
logger.info(": getSqlServerSeqID Final"); |
|
239 |
try { |
|
240 |
cstmt.close(); |
|
241 |
} catch (SQLException ex) { |
|
242 |
logger.error (getFullTrace (ex)); |
|
243 |
} |
|
244 |
} |
|
245 |
return nextValue.longValue (); |
|
246 |
} |
|
127 |
|
|
247 | 128 |
|
248 | 129 |
/////////////////////////////////////////////////////////////////////// |
249 | 130 |
// User Bean |
250 | 131 |
/////////////////////////////////////////////////////////////////////// |
251 | 132 |
|
252 |
/** |
|
253 |
* |
|
254 |
*/ |
|
255 |
public UserBean getUserFromStore(String userAlias) { |
|
256 |
return getUserFromStore(userAlias, Constants.MODE_QUSERBEAN); |
|
257 |
} |
|
258 | 133 |
|
259 |
public UserBean getUserFromStore(String userAlias, int sqlMode) { |
|
260 |
|
|
261 |
String sqlStmt0 = "SELECT * FROM tb_am_user WHERE u_user_alias = ?"; |
|
262 |
String sqlStmt1 = "SELECT * FROM tb_am_user a, tb_am_tac b WHERE a.u_user_alias = ? AND a.u_user_id = b.t_user_id"; |
|
263 |
String sqlStmt2 = "SELECT * FROM tb_am_user a, tb_am_vasco b WHERE a.u_user_alias = ? AND a.u_user_id = b.p_user_id"; |
|
264 |
|
|
265 |
String sqlStmt = null; |
|
266 |
|
|
267 |
switch (sqlMode) { |
|
268 |
case Constants.MODE_QUSERBEAN: sqlStmt = sqlStmt0; break; |
|
269 |
case Constants.MODE_QTACBEAN: sqlStmt = sqlStmt1; break; |
|
270 |
case Constants.MODE_QVASCOBEAN: sqlStmt = sqlStmt2; break; |
|
271 |
} |
|
272 |
|
|
273 |
|
|
274 |
ResultSet rs = null; |
|
275 |
PreparedStatement pstmt = null; |
|
276 |
|
|
277 |
UserBean ub = new UserBean(); |
|
278 |
|
|
279 |
try { |
|
280 |
pstmt = this.conn.prepareStatement(sqlStmt); |
|
281 |
pstmt.setString(1, userAlias); |
|
282 |
rs = executeSQLSelect(pstmt); |
|
283 |
|
|
284 |
if (rs.next()) { |
|
285 |
ub.setUserID( rs.getLong("U_USER_ID") ); |
|
286 |
ub.setUserAlias(rs.getString("U_USER_ALIAS")); |
|
287 |
ub.setUserType(rs.getInt("U_USER_TYPE")); |
|
288 |
ub.setDescription(rs.getString("U_USER_DESC")); |
|
289 |
ub.setUdateCreated( rs.getTimestamp("U_DATE_CREATED")); |
|
290 |
ub.setUdateLastUsed(rs.getTimestamp("U_DATE_LAST_USED")); |
|
291 |
ub.setUuseCount( rs.getInt("U_USE_COUNT")); |
|
292 |
ub.setUdateLastActivated(rs.getTimestamp("U_DATE_LAST_ACT")); |
|
293 |
ub.setUdateLastLocked(rs.getTimestamp("U_DATE_LAST_LOCK")); |
|
294 |
ub.setUstate(rs.getInt("U_USER_STATE")); |
|
295 |
ub.setUdateLockedFrom(rs.getTimestamp("U_DATE_LOCK_FROM")); |
|
296 |
ub.setUdateLockedTo(rs.getTimestamp("U_DATE_LOCK_TO")); |
|
297 |
ub.setPcipherText(rs.getString("P_PASSWD_CIPHERTEXT")); |
|
298 |
ub.setPstate(rs.getInt("P_PASSWD_STATE")); |
|
299 |
ub.setPdateCreated(rs.getTimestamp("P_DATE_GENERATED")); |
|
300 |
ub.setPdateFirstUsed(rs.getTimestamp("P_DATE_FIRST_USED")); |
|
301 |
ub.setPdateLastUsed(rs.getTimestamp("P_DATE_LAST_USED")); |
|
302 |
ub.setPuseCount(rs.getInt("P_USE_COUNT")); |
|
303 |
ub.setPerrorCount(rs.getInt("P_ERROR_COUNT")); |
|
304 |
ub.setPexpiredStatus(rs.getInt("P_EXPIRED_STATUS")); |
|
305 |
ub.setPdateExpired(rs.getTimestamp("P_DATE_EXPIRED")); |
|
306 |
ub.setPhistoryList(rs.getString("P_PASSWD_HIST")); |
|
307 |
|
|
308 |
|
|
309 |
switch (sqlMode) { |
|
310 |
case Constants.MODE_QUSERBEAN: |
|
311 |
break; |
|
312 |
case Constants.MODE_QTACBEAN: |
|
313 |
TacBean tb = new TacBean(); |
|
314 |
tb.setCipherText(rs.getString("T_TAC_CIPHERTEXT")); |
|
315 |
tb.setState(rs.getInt("T_TAC_STATE")); |
|
316 |
tb.setDateCreated(rs.getTimestamp("T_DATE_GENERATED")); |
|
317 |
tb.setDateFirstUsed(rs.getTimestamp("T_DATE_FIRST_USED")); |
|
318 |
tb.setDateLastUsed(rs.getTimestamp("T_DATE_LAST_USED")); |
|
319 |
tb.setUseCount(rs.getInt("T_USE_COUNT")); |
|
320 |
tb.setErrorCount(rs.getInt("T_ERROR_COUNT")); |
|
321 |
break; |
|
322 |
|
|
323 |
case Constants.MODE_QVASCOBEAN: sqlStmt = sqlStmt2; |
|
324 |
break; |
|
325 |
} |
|
326 |
|
|
327 |
|
|
328 |
|
|
329 |
} else { //no record found |
|
330 |
logger.info("ERR: no record found!"); |
|
331 |
ub = null; |
|
332 |
} // |
|
333 |
} catch (SQLException ex) { |
|
334 |
logger.error("SQLEXC:1 getUserFromStore " + ex.getMessage()); |
|
335 |
ub = null; |
|
336 |
} catch (Exception e) { |
|
337 |
logger.error("EXC:1 getUserFromStore " + e.getMessage()); |
|
338 |
ub = null; |
|
339 |
} finally { // close database resources |
|
340 |
try { |
|
341 |
rs.close(); |
|
342 |
pstmt.close(); |
|
343 |
//this.conn.close(); |
|
344 |
} catch (SQLException ex) { |
|
345 |
logger.error("SQLException:Final getUserFromStore " + ex.getMessage()); |
|
346 |
} catch (Exception e) { |
|
347 |
logger.error("Exception:Final getUserFromStore " + e.getMessage()); |
|
348 |
} |
|
349 |
}//finally-- |
|
350 |
|
|
351 |
return ub; |
|
352 |
} |
|
353 |
|
|
354 |
/** |
|
355 |
* |
|
356 |
*/ |
|
357 |
public boolean updateUserToStore(UserBean ub) { |
|
358 |
|
|
359 |
boolean rc = false; |
|
360 |
String sqlStmt = "UPDATE tb_am_user SET " + |
|
361 |
"U_USER_TYPE=?, U_USER_DESC=?, U_DATE_LAST_USED=?, U_USE_COUNT=?, U_DATE_LAST_ACT=?, " + |
|
362 |
"U_DATE_LAST_LOCK=?, U_USER_STATE=?, U_DATE_LOCK_FROM=?, U_DATE_LOCK_TO=?, " + |
|
363 |
"P_PASSWD_CIPHERTEXT=?, P_PASSWD_STATE=?, P_DATE_GENERATED=?, P_DATE_FIRST_USED=?, " + |
|
364 |
"P_DATE_LAST_USED=?, P_USE_COUNT=?, P_ERROR_COUNT=?, P_EXPIRED_STATUS=?, P_DATE_EXPIRED=?, " + |
|
365 |
"P_PASSWD_HIST=? WHERE u_user_id = ?"; |
|
366 |
int nRow = 0; |
|
367 |
|
|
368 |
// insert into DB |
|
369 |
PreparedStatement pstmt = null; |
|
370 |
try { |
|
371 |
pstmt = this.conn.prepareStatement(sqlStmt); |
|
372 |
pstmt.setInt(1,ub.getUserType()); |
|
373 |
pstmt.setString(2, ub.getDescription()); |
|
374 |
|
|
375 |
java.sql.Timestamp today = getCurrentSqlDate(); |
|
376 |
pstmt.setTimestamp(3, today); //last used |
|
377 |
pstmt.setInt(4, ub.getUuseCount()+1); |
|
378 |
pstmt.setTimestamp(5, convertSqlDate(ub.getUdateLastActivated())); //last act |
|
379 |
pstmt.setTimestamp(6, convertSqlDate(ub.getUdateLastLocked())); //last lock |
|
380 |
|
|
381 |
pstmt.setInt(7,ub.getUstate()); |
|
382 |
pstmt.setTimestamp(8, convertSqlDate(ub.getUdateLockedFrom())); // lock ft |
|
383 |
pstmt.setTimestamp(9, convertSqlDate(ub.getUdateLockedTo())); //lock to |
|
384 |
pstmt.setString(10, ub.getPcipherText()); |
|
385 |
pstmt.setInt(11,ub.getPstate()); |
|
386 |
pstmt.setTimestamp(12, convertSqlDate(ub.getUdateCreated() )); //generated |
|
387 |
pstmt.setTimestamp(13, convertSqlDate(ub.getPdateFirstUsed()) ); //1st used |
|
388 |
pstmt.setTimestamp(14, convertSqlDate(ub.getPdateLastUsed()) ); //1ast used |
|
389 |
pstmt.setInt(15,ub.getPuseCount()); |
|
390 |
pstmt.setInt(16,ub.getPerrorCount()); |
|
391 |
pstmt.setInt(17,ub.getPexpiredStatus()); |
|
392 |
pstmt.setTimestamp(18, convertSqlDate(ub.getPdateExpired()) ); |
|
393 |
pstmt.setString(19, ub.getPhistoryList()); |
|
394 |
|
|
395 |
pstmt.setLong(20, ub.getUserID()); |
|
396 |
|
|
397 |
nRow = executeSQLUpdate(pstmt); |
|
398 |
//// System.out.println(nRow + " Row modified to table Key=" + ub.getUserID() + "/" + ub.getUserAlias()); |
|
399 |
|
|
400 |
if (nRow < 1) { |
|
401 |
System.out.println("ERR: no row modified into user table!"); |
|
402 |
// |
|
403 |
// rollback |
|
404 |
// |
|
405 |
try { |
|
406 |
this.conn.rollback(); |
|
407 |
logger.info("INFO:1 updateUserToStore :: rollback."); |
|
408 |
} catch(Exception rbe) { |
|
409 |
logger.error("EXC:updateUserToStore :: rollback failed!"); |
|
410 |
} |
|
411 |
// rollback completed |
|
412 |
rc = false; |
|
413 |
} else { |
|
414 |
////System.out.println("GOOD: perf db commit!"); |
|
415 |
this.conn.commit(); |
|
416 |
rc = true; |
|
417 |
} |
|
418 |
|
|
419 |
} catch (Exception e) { |
|
420 |
logger.error("EXC:1 updateUserToStore"); |
|
421 |
logger.error(getFullTrace(e)); |
|
422 |
rc = false; |
|
423 |
} finally { // close database resources |
|
424 |
try { |
|
425 |
pstmt.close(); |
|
426 |
//this.conn.close(); |
|
427 |
} catch (Exception e) { |
|
428 |
logger.error("EXC:Final updateUserToStore"); |
|
429 |
logger.error(getFullTrace(e)); |
|
430 |
} |
|
431 |
} //finally-- |
|
432 |
|
|
433 |
return rc; |
|
434 |
} |
|
435 |
|
|
436 |
/** |
|
437 |
* |
|
438 |
*/ |
|
439 |
public boolean insertUserToStore(UserBean ub) { |
|
440 |
boolean rc = false; |
|
441 |
int nRow = 0; |
|
442 |
|
|
443 |
long nextVal= getSqlServerSeqID(); |
|
444 |
|
|
445 |
String sqlStmt1 = "INSERT INTO tb_am_usermas (m_user_alias, m_user_id) VALUES (?, ?)"; |
|
446 |
|
|
447 |
//TODO: use buff string.. later |
|
448 |
// String sqlStmt2 = "INSERT ALL " + |
|
449 |
// "INTO tb_am_user (U_USER_ID, U_USER_ALIAS, U_USER_TYPE, U_USER_DESC, U_USER_STATE," + |
|
450 |
// "P_PASSWD_CIPHERTEXT, P_DATE_EXPIRED, P_PASSWD_HIST) VALUES (?, ?, ?, ?, ?, ?, ?, ?) " + |
|
451 |
// "INTO tb_am_tac (T_USER_ID) VALUES (?) SELECT * FROM dual"; |
|
452 |
String sqlStmt2 = "INSERT " + |
|
453 |
"INTO tb_am_user (U_USER_ID, U_USER_ALIAS, U_USER_TYPE, U_USER_DESC, U_USER_STATE," + |
|
454 |
"P_PASSWD_CIPHERTEXT, P_DATE_EXPIRED, P_PASSWD_HIST, U_DATE_CREATED, U_USE_COUNT, P_PASSWD_STATE, P_DATE_GENERATED, P_USE_COUNT, P_ERROR_COUNT, P_EXPIRED_STATUS) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?) "; |
|
455 |
|
|
456 |
String sqlStmt3 = "INSERT INTO tb_am_tac (T_USER_ID, T_TAC_STATE, T_DATE_GENERATED, T_USE_COUNT, T_ERROR_COUNT) VALUES (?, ?, ?, ?, ?)"; |
|
457 |
|
|
458 |
// insert into DB |
|
459 |
PreparedStatement pstmt = null; |
|
460 |
try { |
|
461 |
pstmt = this.conn.prepareStatement(sqlStmt1); |
|
462 |
pstmt.setString(1, ub.getUserAlias()); |
|
463 |
pstmt.setLong(2, nextVal); |
|
464 |
|
|
465 |
nRow = executeSQLUpdate(pstmt); |
|
466 |
//// System.out.println(nRow + " Row inserted to table"); |
|
467 |
|
|
468 |
if (nRow < 1) { |
|
469 |
logger.info("ERR: no row inserted into master table!"); |
|
470 |
rc = false; |
|
471 |
} else { |
|
472 |
pstmt = this.conn.prepareStatement(sqlStmt2); |
|
473 |
pstmt.setLong(1, nextVal); |
|
474 |
pstmt.setString(2, ub.getUserAlias()); |
|
475 |
pstmt.setInt(3,ub.getUserType()); |
|
476 |
pstmt.setString(4, ub.getDescription()); |
|
477 |
pstmt.setInt(5,ub.getUstate()); |
|
478 |
pstmt.setString(6, ub.getPcipherText()); |
|
479 |
pstmt.setTimestamp(7, convertSqlDate(ub.getPdateExpired()) ); |
|
480 |
pstmt.setString(8, ub.getPhistoryList()); |
|
481 |
pstmt.setTimestamp(9, convertSqlDate(new Date())); |
|
482 |
pstmt.setInt(10, 0); |
|
483 |
pstmt.setInt(11, 0); |
|
484 |
pstmt.setTimestamp(12, convertSqlDate(new Date())); |
|
485 |
pstmt.setInt(13, 0); |
|
486 |
pstmt.setInt(14, 0); |
|
487 |
pstmt.setInt(15, 1); |
|
488 |
|
|
489 |
nRow = executeSQLUpdate(pstmt); |
|
490 |
|
|
491 |
logger.info(nRow + " Row inserted to table"); |
|
492 |
|
|
493 |
pstmt = this.conn.prepareStatement(sqlStmt3); |
|
494 |
pstmt.setLong(1, nextVal); |
|
495 |
pstmt.setLong(2, 0); |
|
496 |
pstmt.setTimestamp (3, convertSqlDate(new Date())); |
|
497 |
pstmt.setInt(4, 0); |
|
498 |
pstmt.setInt(5, 0); |
|
499 |
nRow = executeSQLUpdate(pstmt); |
|
500 |
|
|
501 |
logger.info(nRow + " Row inserted to table"); |
|
502 |
|
|
503 |
if (nRow < 1) { |
|
504 |
logger.info("ERR: no row inserted into user table!"); |
|
505 |
// |
|
506 |
// rollback |
|
507 |
// |
|
508 |
try { |
|
509 |
this.conn.rollback(); |
|
510 |
logger.info("INFO:1 insertUserToStore :: rollback."); |
|
511 |
} catch(Exception rbe) { |
|
512 |
logger.error("EXC:insertUserToStore :: rollback failed!"); |
|
513 |
} |
|
514 |
// rollback completed |
|
515 |
rc = false; |
|
516 |
} else { |
|
517 |
////System.out.println("GOOD: perf db commit!"); |
|
518 |
this.conn.commit(); |
|
519 |
rc = true; |
|
520 |
} |
|
521 |
} |
|
522 |
|
|
523 |
} catch (Exception e) { |
|
524 |
logger.error(getFullTrace(e)); |
|
525 |
logger.error("EXC:1 insertUserToStore"); |
|
526 |
rc = false; |
|
527 |
} finally { // close database resources |
|
528 |
try { |
|
529 |
pstmt.close(); |
|
530 |
//this.conn.close(); |
|
531 |
} catch (Exception e) { |
|
532 |
logger.error("EXC:Final insertUserToStore"); |
|
533 |
logger.error(getFullTrace(e)); |
|
534 |
} |
|
535 |
}//finally-- |
|
536 |
|
|
537 |
return rc; |
|
538 |
} |
|
539 | 134 |
|
540 | 135 |
/////////////////////////////////////////////////////////////////////// |
541 | 136 |
// TAC Bean |
... | ... | |
939 | 534 |
return rc; |
940 | 535 |
|
941 | 536 |
} |
942 |
|
|
943 |
public static String getFullTrace (Exception e) |
|
944 |
{ |
|
945 |
String newLine = "\r\n"; |
|
946 |
StringBuffer m_sErrorMessage = new StringBuffer (); |
|
947 |
|
|
948 |
m_sErrorMessage.append (e.getMessage ()); |
|
949 |
|
|
950 |
m_sErrorMessage.append (newLine); |
|
951 |
StackTraceElement[] m_oElements = e.getStackTrace (); |
|
952 |
m_sErrorMessage.append ("Exception class : " |
|
953 |
+ m_oElements[0].getClassName () + ", class method : " |
|
954 |
+ m_oElements[0].getMethodName () + ", line number : " |
|
955 |
+ m_oElements[0].getLineNumber ()); |
|
956 |
m_sErrorMessage.append (newLine); |
|
957 |
|
|
958 |
for (int i = 0; i < m_oElements.length; i++) |
|
959 |
{ |
|
960 |
m_sErrorMessage.append (m_oElements[i].toString ()); |
|
961 |
m_sErrorMessage.append (newLine); |
|
962 |
} |
|
963 |
return m_sErrorMessage.toString (); |
|
964 |
} |
|
965 | 537 |
}//end class |
src/my/com/upass/gemalto/GemaltoTokenControllerImpl.java | ||
---|---|---|
10 | 10 |
*/ |
11 | 11 |
package my.com.upass.gemalto; |
12 | 12 |
|
13 |
|
|
14 | 13 |
import java.util.Date; |
15 | 14 |
import java.util.HashMap; |
16 | 15 |
import ocra.Ocra; |
... | ... | |
50 | 49 |
public class GemaltoTokenControllerImpl implements TokenController |
51 | 50 |
{ |
52 | 51 |
private Ocra myocra = new Ocra(); |
53 |
|
|
52 |
|
|
54 | 53 |
private TokenBean tb; |
55 | 54 |
private int retCode; |
56 | 55 |
private String serialNumber; |
57 | 56 |
private String authMode; |
58 |
private byte[] blob;
|
|
57 |
private byte[] blob; |
|
59 | 58 |
private int useCount; |
60 | 59 |
private int errorCount; |
61 | 60 |
private Date lastTimeUsed; |
62 | 61 |
private Date firstTimeUsed; |
63 | 62 |
private Date lastAuthentication; |
64 | 63 |
private Date tokenExpectedDateTime; |
65 |
|
|
64 |
|
|
66 | 65 |
/** |
67 | 66 |
* this will override the existing tokenBean object |
68 | 67 |
* this will override the existing serial number, authentication mode and blob |
69 | 68 |
* |
70 | 69 |
* @param tokenBean |
71 | 70 |
*/ |
72 |
public GemaltoTokenControllerImpl(TokenBean tokenBean)
|
|
71 |
public GemaltoTokenControllerImpl(TokenBean tokenBean) |
|
73 | 72 |
{ |
74 | 73 |
this.tb = tokenBean; |
75 | 74 |
setSerialNumber(); |
76 | 75 |
setAuthMode(); |
77 | 76 |
setBlob(); |
78 | 77 |
} |
79 |
|
|
78 |
|
|
80 | 79 |
/** |
81 | 80 |
* this will override the existing last authentication date |
82 | 81 |
* |
... | ... | |
86 | 85 |
{ |
87 | 86 |
this.lastAuthentication = lastAuthentication; |
88 | 87 |
} |
89 |
|
|
88 |
|
|
90 | 89 |
/** |
91 | 90 |
* this will return updated last authentication date |
92 | 91 |
* |
... | ... | |
96 | 95 |
{ |
97 | 96 |
return lastAuthentication; |
98 | 97 |
} |
99 |
|
|
98 |
|
|
100 | 99 |
/** |
101 | 100 |
* this will override the existing token expected date and time |
102 | 101 |
* |
... | ... | |
106 | 105 |
{ |
107 | 106 |
this.tokenExpectedDateTime = tokenExpectedDateTime; |
108 | 107 |
} |
109 |
|
|
108 |
|
|
110 | 109 |
/** |
111 | 110 |
* this will return updated token expected date and time |
112 | 111 |
* |
... | ... | |
116 | 115 |
{ |
117 | 116 |
return tokenExpectedDateTime; |
118 | 117 |
} |
119 |
|
|
118 |
|
|
120 | 119 |
/** |
121 | 120 |
* this will override the existing tokenBean |
122 | 121 |
* |
123 | 122 |
*/ |
124 |
public void setObject(TokenBean tokenBean)
|
|
123 |
public void setObject(TokenBean tokenBean) |
|
125 | 124 |
{ |
126 | 125 |
this.tb = tokenBean; |
127 | 126 |
} |
128 |
|
|
127 |
|
|
129 | 128 |
/** |
130 | 129 |
* this will return the updated object (tokenBean) |
131 | 130 |
* |
132 | 131 |
*/ |
133 |
public TokenBean getUpdatedObject()
|
|
132 |
public TokenBean getUpdatedObject() |
|
134 | 133 |
{ |
135 | 134 |
return tb; |
136 | 135 |
} |
137 |
|
|
136 |
|
|
138 | 137 |
/** |
139 | 138 |
* this will override the existing serial number |
140 | 139 |
* |
141 | 140 |
*/ |
142 |
private void setSerialNumber()
|
|
141 |
private void setSerialNumber() |
|
143 | 142 |
{ |
144 | 143 |
this.serialNumber = tb.getVserialNumber(); |
145 | 144 |
} |
146 |
|
|
145 |
|
|
147 | 146 |
/** |
148 | 147 |
* this will override the existing authentication mode |
149 | 148 |
* |
150 | 149 |
*/ |
151 |
private void setAuthMode()
|
|
150 |
private void setAuthMode() |
|
152 | 151 |
{ |
153 | 152 |
this.authMode = tb.getVdpAuthMode(); |
154 | 153 |
} |
155 |
|
|
154 |
|
|
156 | 155 |
/** |
157 | 156 |
* this will override the existing blob |
158 | 157 |
* |
159 | 158 |
*/ |
160 |
private void setBlob()
|
|
159 |
private void setBlob() |
|
161 | 160 |
{ |
162 | 161 |
this.blob = tb.getVdpCipherText(); |
163 | 162 |
} |
164 |
|
|
163 |
|
|
165 | 164 |
/** |
166 | 165 |
* this will return the updated blob |
167 | 166 |
* |
168 | 167 |
*/ |
169 |
public byte[] getUpdatedBlob()
|
|
168 |
public byte[] getUpdatedBlob() |
|
170 | 169 |
{ |
171 | 170 |
return this.blob; |
172 | 171 |
} |
173 |
|
|
172 |
|
|
174 | 173 |
/** |
175 | 174 |
* this will override the existing useCount |
176 | 175 |
* |
... | ... | |
179 | 178 |
{ |
180 | 179 |
this.useCount = tb.getVuseCount(); |
181 | 180 |
} |
182 |
|
|
181 |
|
|
183 | 182 |
/** |
184 | 183 |
* this will increase the existing useCount by 1 whenever it is invoked. |
185 | 184 |
* |
... | ... | |
188 | 187 |
{ |
189 | 188 |
this.useCount++; |
190 | 189 |
} |
191 |
|
|
190 |
|
|
192 | 191 |
/** |
193 | 192 |
* this will return the updated useCount |
194 | 193 |
* |
195 | 194 |
*/ |
196 |
public int getUseCount()
|
|
195 |
public int getUseCount() |
|
197 | 196 |
{ |
198 | 197 |
return this.useCount; |
199 | 198 |
} |
200 |
|
|
199 |
|
|
201 | 200 |
/** |
202 | 201 |
* this will override the existing errorCount |
203 | 202 |
* |
... | ... | |
206 | 205 |
{ |
207 | 206 |
this.errorCount = tb.getVerrorCount(); |
208 | 207 |
} |
209 |
|
|
208 |
|
|
210 | 209 |
/** |
211 | 210 |
* this will increase the existing errorCount by 1 whenever it is invoked. |
212 | 211 |
* |
... | ... | |
215 | 214 |
{ |
216 | 215 |
this.errorCount++; |
217 | 216 |
} |
218 |
|
|
217 |
|
|
219 | 218 |
/** |
220 | 219 |
* this will return the updated errorCount |
221 | 220 |
* |
222 | 221 |
*/ |
223 |
public int getErrorCount()
|
|
222 |
public int getErrorCount() |
|
224 | 223 |
{ |
225 | 224 |
return this.errorCount; |
226 | 225 |
} |
227 |
|
|
226 |
|
|
228 | 227 |
/** |
229 | 228 |
* this will override the existing first used date |
230 | 229 |
* |
... | ... | |
233 | 232 |
{ |
234 | 233 |
this.firstTimeUsed = tb.getVdateFirstUsed(); |
235 | 234 |
} |
236 |
|
|
235 |
|
|
237 | 236 |
/** |
238 | 237 |
* case 1: if first used date is null, then first used date will be override by current date. |
239 | 238 |
* case 2: throw exception if first used date is after last used date. |
... | ... | |
243 | 242 |
*/ |
244 | 243 |
public void setFirstTimeUsed(Date currentDate) throws Exception |
245 | 244 |
{ |
246 |
if(this.firstTimeUsed == null) |
|
245 |
if (this.firstTimeUsed == null)
|
|
247 | 246 |
{ |
248 | 247 |
this.firstTimeUsed = currentDate; |
249 | 248 |
} |
250 |
else if(this.firstTimeUsed.compareTo(this.lastTimeUsed) > 0) |
|
251 |
{
|
|
249 |
else if (this.firstTimeUsed.compareTo(this.lastTimeUsed) > 0)
|
|
250 |
{ |
|
252 | 251 |
throw new Exception("Invalid date. First used date cannot be after last used date."); |
253 | 252 |
} |
254 | 253 |
} |
255 |
|
|
254 |
|
|
256 | 255 |
/** |
257 | 256 |
* this will return the updated first used date |
258 | 257 |
* |
... | ... | |
261 | 260 |
{ |
262 | 261 |
return firstTimeUsed; |
263 | 262 |
} |
264 |
|
|
263 |
|
|
265 | 264 |
/** |
266 | 265 |
* this will override the existing last used date. |
267 | 266 |
* |
... | ... | |
270 | 269 |
{ |
271 | 270 |
this.lastTimeUsed = tb.getVdateFirstUsed(); |
272 | 271 |
} |
273 |
|
|
272 |
|
|
274 | 273 |
/** |
275 | 274 |
* case 1: if last used date is null, then last used date will be override by current date. |
276 | 275 |
* case 2: if last used date is before the current date, then last used date will be override by current date. |
... | ... | |
282 | 281 |
*/ |
283 | 282 |
public void setLastTimeUsed(Date currentDate) throws Exception |
284 | 283 |
{ |
285 |
if(this.lastTimeUsed == null) |
|
286 |
{ |
|
287 |
this.lastTimeUsed = currentDate; |
|
288 |
} |
|
289 |
else if(this.lastTimeUsed.compareTo(currentDate) < 0) |
|
284 |
if (this.lastTimeUsed == null) |
|
290 | 285 |
{ |
291 | 286 |
this.lastTimeUsed = currentDate; |
292 | 287 |
} |
293 |
else if(this.lastTimeUsed.compareTo(currentDate) > 0) |
|
288 |
else if (this.lastTimeUsed.compareTo(currentDate) < 0) |
|
289 |
{ |
|
290 |
this.lastTimeUsed = currentDate; |
|
291 |
} |
|
292 |
else if (this.lastTimeUsed.compareTo(currentDate) > 0) |
|
294 | 293 |
{ |
295 | 294 |
throw new Exception("Invalid date. Last used date cannot be after current date."); |
296 | 295 |
} |
297 |
else if(this.lastTimeUsed.compareTo(this.firstTimeUsed) < 0) |
|
296 |
else if (this.lastTimeUsed.compareTo(this.firstTimeUsed) < 0)
|
|
298 | 297 |
{ |
299 | 298 |
throw new Exception("Invalid date. Last used date cannot be before first used date."); |
300 | 299 |
} |
301 | 300 |
} |
302 |
|
|
301 |
|
|
303 | 302 |
/** |
304 | 303 |
* this will return the updated last used date |
305 | 304 |
* |
... | ... | |
314 | 313 |
* it also acts as last returned error code. |
315 | 314 |
* |
316 | 315 |
*/ |
317 |
public int getRetCode()
|
|
316 |
public int getRetCode() |
|
318 | 317 |
{ |
319 | 318 |
return retCode; |
320 | 319 |
} |
... | ... | |
323 | 322 |
* this will return the updated error text based on the error code |
324 | 323 |
* |
325 | 324 |
*/ |
326 |
public String getLastError()
|
|
325 |
public String getLastError() |
|
327 | 326 |
{ |
328 | 327 |
String code = null; |
329 |
|
|
330 |
switch(this.retCode) |
|
328 |
|
|
329 |
switch (this.retCode)
|
|
331 | 330 |
{ |
332 |
case 0: code = "0"; |
|
333 |
case 1: code = "1"; |
|
334 |
case 2: code = "18"; |
|
335 |
case 3: code = "19"; |
|
336 |
case 4: code = "20"; |
|
337 |
case 5: code = "21"; |
|
338 |
case 6: code = "22"; |
|
339 |
case 7: code = "3"; |
|
340 |
case 8: code = "23"; |
|
341 |
case 9: code = "24"; |
|
342 |
case 10: code = "25"; |
|
343 |
case 11: code = "26"; |
|
344 |
default: |
|
345 |
try |
|
346 |
{ |
|
347 |
throw new Exception("Invalid error code."); |
|
348 |
} |
|
349 |
catch (Exception e) |
|
350 |
{ |
|
351 |
e.printStackTrace(); |
|
352 |
} |
|
331 |
case 0: |
|
332 |
code = "0"; |
|
333 |
case 1: |
|
334 |
code = "1"; |
|
335 |
case 2: |
|
336 |
code = "18"; |
|
337 |
case 3: |
|
338 |
code = "19"; |
|
339 |
case 4: |
|
340 |
code = "20"; |
|
341 |
case 5: |
|
342 |
code = "21"; |
|
343 |
case 6: |
|
344 |
code = "22"; |
|
345 |
case 7: |
|
346 |
code = "3"; |
|
347 |
case 8: |
|
348 |
code = "23"; |
|
349 |
case 9: |
|
350 |
code = "24"; |
|
351 |
case 10: |
|
352 |
code = "25"; |
|
353 |
case 11: |
|
354 |
code = "26"; |
|
355 |
default: |
|
356 |
try |
|
357 |
{ |
|
358 |
throw new Exception("Invalid error code."); |
|
359 |
} catch (Exception e) |
|
360 |
{ |
|
361 |
e.printStackTrace(); |
|
362 |
} |
|
353 | 363 |
} |
354 |
|
|
355 |
return Constants.getErrText(code).get(code); |
|
364 |
|
|
365 |
return (String) Constants.getErrText(code).get(code);
|
|
356 | 366 |
} |
357 | 367 |
|
358 | 368 |
/** |
... | ... | |
363 | 373 |
{ |
364 | 374 |
return verifyToken(otp); |
365 | 375 |
} |
376 |
|
|
366 | 377 |
/** |
367 | 378 |
* Verify the entered On Time Password (OTP/password) for the given token |
368 | 379 |
* |
369 | 380 |
*/ |
370 |
|
|
371 |
public int verifyToken(String password)
|
|
381 |
|
|
382 |
public int verifyToken(String password) |
|
372 | 383 |
{ |
373 | 384 |
int[] blobLen = new int[1]; |
374 |
blobLen[0]=500;
|
|
375 |
|
|
385 |
blobLen[0] = 500;
|
|
386 |
|
|
376 | 387 |
String[] blobInString = new String[1]; |
377 | 388 |
blobInString[0] = new String(this.blob); |
378 |
|
|
379 |
//Time based OTP verification |
Also available in: Unified diff