m2u-upass-core / src / my / com / upass / UPassController.java @ 17:4173ef25ee8d
History | View | Annotate | Download (42.7 KB)
1 | 0:02300db8682b | hadi | package my.com.upass; |
---|---|---|---|
2 | |||
3 | import java.text.ParseException; |
||
4 | import java.text.SimpleDateFormat; |
||
5 | import java.util.Calendar; |
||
6 | import java.util.Date; |
||
7 | import java.util.HashMap; |
||
8 | |||
9 | import my.com.upass.db.DBOperations; |
||
10 | import my.com.upass.factory.UPassFactory; |
||
11 | 9:16125cca68e4 | hadi | import my.com.upass.pojo.MinimalUserBean; |
12 | 0:02300db8682b | hadi | import my.com.upass.pojo.TacBean; |
13 | import my.com.upass.pojo.UserBean; |
||
14 | import my.com.upass.spassword.PasswordController; |
||
15 | import my.com.upass.vasco.LoadTokenDPX; |
||
16 | import my.com.upass.vasco.TokenController; |
||
17 | |||
18 | //import com.vasco.utils.DigipassInfo;
|
||
19 | |||
20 | /**
|
||
21 | * @author LeeTK dking
|
||
22 | * UPassController Class Release 20090703
|
||
23 | *
|
||
24 | */
|
||
25 | 9:16125cca68e4 | hadi | public class UPassController extends MinimalUPassController { |
26 | 0:02300db8682b | hadi | |
27 | // private UserBean userBean = null;
|
||
28 | // private TacBean tacBean = null;
|
||
29 | long userID;
|
||
30 | |||
31 | /**
|
||
32 | * Constructs an empty object
|
||
33 | */
|
||
34 | public UPassController() {
|
||
35 | getSystemProperties(); |
||
36 | logger.info("Constructor::UPassController()");
|
||
37 | } |
||
38 | |||
39 | /**
|
||
40 | * Constructs an object contains the initial userAlias value
|
||
41 | *
|
||
42 | * @param userAlias
|
||
43 | */
|
||
44 | public UPassController(String userAlias) { |
||
45 | getSystemProperties(); |
||
46 | logger.info("Constructor::UPassController(" + userAlias + ")"); |
||
47 | setUserAlias(userAlias); |
||
48 | } |
||
49 | |||
50 | /**
|
||
51 | * Sets the userAlias with this binding.
|
||
52 | *
|
||
53 | * @param userAlias
|
||
54 | */
|
||
55 | public void setUserAlias(String userAlias) { |
||
56 | this.userAlias = userAlias;
|
||
57 | } |
||
58 | |||
59 | private void getSystemProperties() { |
||
60 | Config cfg = Config.getInstance(); |
||
61 | try {
|
||
62 | 17:4173ef25ee8d | hadi | SUPERVISOR_ID_SUSPEND = Integer.parseInt(cfg.get("SUPERVISOR_ID_SUSPEND").toString()); |
63 | _MAX_ERROR = Integer.parseInt(cfg.get("PASSWORD_MAX_ERROR").toString()); |
||
64 | |||
65 | 0:02300db8682b | hadi | } catch (Exception e) { |
66 | 17:4173ef25ee8d | hadi | logger.error(e.toString(), e); |
67 | 0:02300db8682b | hadi | } |
68 | } |
||
69 | |||
70 | // /////////////////////////////////////////////////////////////////////////////////////////
|
||
71 | // Static Password Methods
|
||
72 | // /////////////////////////////////////////////////////////////////////////////////////////
|
||
73 | /**
|
||
74 | * This method verify static password generated using SP_ChangeStaticPassword().
|
||
75 | *
|
||
76 | * @param userAlias
|
||
77 | * @param password
|
||
78 | * @return ERR_code defined in the Constants.<br/>
|
||
79 | * ERR_SUCCESS<br/>
|
||
80 | * ERR_SYSTEM_NOT_READY<br/>
|
||
81 | * ERR_USERALIAS_NOT_FOUND <br/>
|
||
82 | * ERR_INVALID_STATE - user not active or temporary suspended.<br/>
|
||
83 | * ERR_APP_SERV_NOT_PERMITTED - for operation not allowed for the user type.<br/>
|
||
84 | * ERR_EXCEED_MAX_TRIES - used ModifyUser to reset password.<br/>
|
||
85 | * ERR_INVALID_CREDENTIAL<br/>
|
||
86 | * ERR_PASSWD_EXPIRED - password is valid but expired, suggest to change new password.<br/>
|
||
87 | */
|
||
88 | public int SP_VerifyStaticPassword(String userAlias, String password) { |
||
89 | int rc = verifyStaticPassword(userAlias, password, false, 0); |
||
90 | logger.info(userAlias + " Return=" + rc);
|
||
91 | return rc;
|
||
92 | } |
||
93 | |||
94 | /**
|
||
95 | * This method generate static password and to be using SP_VerifyStaticPassword().
|
||
96 | *
|
||
97 | * @param userAlias
|
||
98 | * @param newPassword
|
||
99 | * @param oldPassword
|
||
100 | * @return ERR_code defined in the Constants<br/>
|
||
101 | * ERR_SUCCESS<br/>
|
||
102 | * ERR_SYSTEM_NOT_READY<br/>
|
||
103 | * ERR_USERALIAS_NOT_FOUND<br/>
|
||
104 | * ERR_INVALID_STATE - user not active or temporary suspended.<br/>
|
||
105 | * ERR_APP_SERV_NOT_PERMITTED - for operation not allowed for the user type.<br/>
|
||
106 | * ERR_EXCEED_MAX_TRIES - used ModifyUser to reset password.<br/>
|
||
107 | * ERR_INVALID_CREDENTIAL<br/>
|
||
108 | * ERR_REUSED_PASSWD - reuse previous generated password.<br/>
|
||
109 | */
|
||
110 | public int SP_ChangeStaticPassword(String userAlias, String newPassword, String oldPassword) { |
||
111 | int rc = changeStaticPassword(userAlias, newPassword, oldPassword);
|
||
112 | logger.info(userAlias + " Return=" + rc);
|
||
113 | return rc;
|
||
114 | } |
||
115 | |||
116 | private int changeStaticPassword(String userAlias, String newPassword, String oldPassword) { |
||
117 | DBOperations dbo = new DBOperations();
|
||
118 | 9:16125cca68e4 | hadi | MinimalUserBean userBean = new UserBean();
|
119 | 0:02300db8682b | hadi | userBean = dbo.getUserFromStore(userAlias); |
120 | if (userBean == null) { |
||
121 | dbo.close(); |
||
122 | return Constants.ERR_USERALIAS_NOT_FOUND;
|
||
123 | } |
||
124 | |||
125 | // verify user
|
||
126 | PasswordController pc = new PasswordController(userBean);
|
||
127 | int rc = pc.VerifyPassword(oldPassword);
|
||
128 | |||
129 | if (rc == Constants.ERR_SUCCESS ||
|
||
130 | rc == Constants.ERR_PASSWD_EXPIRED) { |
||
131 | rc = pc.GeneratePassword(newPassword, true);
|
||
132 | } |
||
133 | |||
134 | userBean = pc.getUpdatedObject(); |
||
135 | |||
136 | // Debug info:
|
||
137 | logger.debug("RC........." + rc +
|
||
138 | "\n.use......." + userBean.getPuseCount() +
|
||
139 | "\n.err......." + userBean.getPerrorCount() +
|
||
140 | "\n.hist......" + userBean.getPhistoryList() +
|
||
141 | "\n.last......" +
|
||
142 | new String(Constants.defaultDateFormat.format(userBean.getPdateLastUsed()))); |
||
143 | // debug info:
|
||
144 | |||
145 | // update database
|
||
146 | boolean lrc = dbo.updateUserToStore(userBean);
|
||
147 | dbo.close(); |
||
148 | if (!lrc) {
|
||
149 | rc = Constants.ERR_SYSTEM_NOT_READY; |
||
150 | } |
||
151 | |||
152 | return rc;
|
||
153 | } |
||
154 | |||
155 | // /////////////////////////////////////////////////////////////////////////////////////////
|
||
156 | // User Administration methods.
|
||
157 | // /////////////////////////////////////////////////////////////////////////////////////////
|
||
158 | |||
159 | /**
|
||
160 | * This method to add online users to the system
|
||
161 | *
|
||
162 | * @param adminUserAlias
|
||
163 | * @param adminUserPassword
|
||
164 | * @param userAlias
|
||
165 | * @param userDesc
|
||
166 | * @param userPassword
|
||
167 | * @return ERR_code defined in the Constants<br/>
|
||
168 | * ERR_SUCCESS<br/>
|
||
169 | * ERR_SYSTEM_NOT_READY<br/>
|
||
170 | * ERR_USERALIAS_NOT_FOUND <br/>
|
||
171 | * ERR_INVALID_STATE - admin not active or temporary suspended.<br/>
|
||
172 | * ERR_APP_SERV_NOT_PERMITTED - for operation not allowed for the user type.<br/>
|
||
173 | * ERR_EXCEED_MAX_TRIES<br/>
|
||
174 | * ERR_INVALID_CREDENTIAL<br/>
|
||
175 | * ERR_INVALID_INPUT - internal error.<br/>
|
||
176 | * ERR_ALREADY_EXIST<br/>
|
||
177 | */
|
||
178 | |||
179 | public int UA_AddUser(String adminUserAlias, String adminUserPassword, |
||
180 | String userAlias, String userDesc, String userPassword) { |
||
181 | int rc = ua_AddUser(adminUserAlias, adminUserPassword, userAlias, userDesc, userPassword);
|
||
182 | logger.info(adminUserAlias + " " + userAlias + " Return=" + rc); |
||
183 | return rc;
|
||
184 | } |
||
185 | |||
186 | private int ua_AddUser(String adminUserAlias, String adminUserPassword, |
||
187 | String userAlias, String userDesc, String userPassword) { |
||
188 | |||
189 | // verify supervisor password
|
||
190 | int rc = verifyStaticPassword(adminUserAlias, adminUserPassword, true, Constants.UTYPE_STATE_ADMIN); |
||
191 | if (rc != Constants.ERR_SUCCESS) {
|
||
192 | return rc;
|
||
193 | } |
||
194 | return addUser(userAlias, Constants.UTYPE_STATE_USER, userDesc, userPassword, Constants.UID_STATE_ACTIVE);
|
||
195 | } |
||
196 | |||
197 | /**
|
||
198 | * This method to Modify online users to the system
|
||
199 | *
|
||
200 | * @param adminUserAlias
|
||
201 | * @param adminUserPassword
|
||
202 | * @param userAlias
|
||
203 | * @param userDesc
|
||
204 | * - can be null - Null denotes no description will be modified.
|
||
205 | * @param userPassword
|
||
206 | * - can be null - Null denotes no password will be modified.
|
||
207 | * @return ERR_code defined in the Constants<br/>
|
||
208 | * ERR_SUCCESS<br/>
|
||
209 | * ERR_SYSTEM_NOT_READY<br/>
|
||
210 | * ERR_USERALIAS_NOT_FOUND <br/>
|
||
211 | * ERR_INVALID_STATE - admin not active or temporary suspended.<br/>
|
||
212 | * ERR_APP_SERV_NOT_PERMITTED - for operation not allowed for the user type.<br/>
|
||
213 | * ERR_EXCEED_MAX_TRIES<br/>
|
||
214 | * ERR_INVALID_CREDENTIAL<br/>
|
||
215 | * ERR_INVALID_INPUT - internal error.<br/>
|
||
216 | * ERR_USERALIAS_NOT_FOUND<br/>
|
||
217 | * ERR_REUSED_PASSWD - the password entered was used previously.<br/>
|
||
218 | */
|
||
219 | public int UA_ModifyUser(String adminUserAlias, String adminUserPassword, |
||
220 | String userAlias, String userDesc, String userPassword) { |
||
221 | int rc = ua_ModifyUser(adminUserAlias, adminUserPassword, userAlias, userDesc, userPassword);
|
||
222 | logger.info(adminUserAlias + " " + userAlias + " Return=" + rc); |
||
223 | return rc;
|
||
224 | } |
||
225 | |||
226 | private int ua_ModifyUser(String adminUserAlias, String adminUserPassword, |
||
227 | String userAlias, String userDesc, String userPassword) { |
||
228 | |||
229 | // verify supervisor password
|
||
230 | int rc = verifyStaticPassword(adminUserAlias, adminUserPassword, true, Constants.UTYPE_STATE_ADMIN); |
||
231 | if (rc != Constants.ERR_SUCCESS) {
|
||
232 | return rc;
|
||
233 | } |
||
234 | return modifyUser(userAlias, Constants.UTYPE_STATE_USER, userDesc, userPassword, Constants.UID_STATE_ACTIVE);
|
||
235 | } |
||
236 | |||
237 | /**
|
||
238 | * This method to modify admin users to the system
|
||
239 | *
|
||
240 | * @param rootAlias
|
||
241 | * @param rootPassword
|
||
242 | * @param adminUserAlias
|
||
243 | * @param adminDesc
|
||
244 | * - can be null - Null denotes no description will be modified.
|
||
245 | * @param adminUserPassword
|
||
246 | * - can be null - Null denotes no password will be modified.
|
||
247 | * @return ERR_code defined in the Constants.<br/>
|
||
248 | * ERR_SUCCESS<br/>
|
||
249 | * ERR_SYSTEM_NOT_READY<br/>
|
||
250 | * ERR_USERALIAS_NOT_FOUND <br/>
|
||
251 | * ERR_INVALID_STATE - root not active or temporary suspended.<br/>
|
||
252 | * ERR_APP_SERV_NOT_PERMITTED - for operation not allowed for the user type.<br/>
|
||
253 | * ERR_EXCEED_MAX_TRIES<br/>
|
||
254 | * ERR_INVALID_CREDENTIAL<br/>
|
||
255 | * ERR_INVALID_INPUT - internal error.<br/>
|
||
256 | * ERR_USERALIAS_NOT_FOUND<br/>
|
||
257 | * ERR_REUSED_PASSWD - the password entered was used previously.<br/>
|
||
258 | * ERR_PASSWD_WEAK - the password entered is too weak.<br/>
|
||
259 | */
|
||
260 | public int AD_ModifyUser(String rootAlias, String rootPassword, |
||
261 | String adminUserAlias, String adminDesc, String adminUserPassword) { |
||
262 | int rc = ad_ModifyUser(rootAlias, rootPassword, adminUserAlias, adminDesc, adminUserPassword);
|
||
263 | logger.info(rootAlias + " " + adminUserAlias + " Return=" + rc); |
||
264 | return rc;
|
||
265 | } |
||
266 | |||
267 | private int ad_ModifyUser(String rootAlias, String rootPassword, |
||
268 | String adminUserAlias, String adminDesc, String adminUserPassword) { |
||
269 | |||
270 | // verify supervisor password
|
||
271 | int rc = verifyStaticPassword(rootAlias, rootPassword, true, Constants.UTYPE_STATE_ROOT); |
||
272 | if (rc != Constants.ERR_SUCCESS) {
|
||
273 | return rc;
|
||
274 | } |
||
275 | return modifyUser(adminUserAlias, Constants.UTYPE_STATE_ADMIN, adminDesc, adminUserPassword,
|
||
276 | Constants.UID_STATE_ACTIVE); |
||
277 | } |
||
278 | |||
279 | // TODO: chg to public for testing purpose only
|
||
280 | private int modifyUser(String userAlias, int userType, String userDesc, String userPassword, int userState) { |
||
281 | int rc;
|
||
282 | |||
283 | if (userAlias == null) |
||
284 | return Constants.ERR_INVALID_INPUT;
|
||
285 | |||
286 | // insert into DB
|
||
287 | DBOperations dbo = new DBOperations();
|
||
288 | 9:16125cca68e4 | hadi | MinimalUserBean ub = new UserBean();
|
289 | 0:02300db8682b | hadi | ub = dbo.getUserFromStore(userAlias); |
290 | if (ub == null) { |
||
291 | dbo.close(); |
||
292 | return Constants.ERR_USERALIAS_NOT_FOUND;
|
||
293 | } |
||
294 | |||
295 | if (userPassword != null) { |
||
296 | // Generate new paswword
|
||
297 | PasswordController pc = new PasswordController(ub);
|
||
298 | // rc = pc.GeneratePassword(userPassword, false); //disable password hist check 20081220
|
||
299 | rc = pc.GeneratePassword(userPassword, true);
|
||
300 | if (rc != Constants.ERR_SUCCESS) {
|
||
301 | dbo.close(); |
||
302 | return rc;
|
||
303 | } |
||
304 | ub = pc.getUpdatedObject(); |
||
305 | } |
||
306 | |||
307 | if (userDesc != null) { |
||
308 | ub.setDescription(userDesc); |
||
309 | } |
||
310 | |||
311 | ub.setUserType(userType); |
||
312 | ub.setUstate(userState); |
||
313 | |||
314 | if (dbo.updateUserToStore(ub)) {
|
||
315 | rc = Constants.ERR_SUCCESS; |
||
316 | } |
||
317 | else {
|
||
318 | rc = Constants.ERR_UNKNOWN; |
||
319 | } |
||
320 | |||
321 | dbo.close(); |
||
322 | return rc;
|
||
323 | |||
324 | } |
||
325 | |||
326 | /**
|
||
327 | * This method to change online users state to ACTIVE status.
|
||
328 | *
|
||
329 | * @param adminUserAlias
|
||
330 | * @param adminUserPassword
|
||
331 | * @param userAlias
|
||
332 | * @return ERR_code defined in the Constants.<br/>
|
||
333 | * ERR_SUCCESS<br/>
|
||
334 | * ERR_SYSTEM_NOT_READY<br/>
|
||
335 | * ERR_USERALIAS_NOT_FOUND <br/>
|
||
336 | * ERR_INVALID_STATE - admin not active or temporary suspended.<br/>
|
||
337 | * ERR_APP_SERV_NOT_PERMITTED - for operation not allowed for the user type.<br/>
|
||
338 | * ERR_EXCEED_MAX_TRIES<br/>
|
||
339 | * ERR_INVALID_CREDENTIAL<br/>
|
||
340 | * ERR_USERALIAS_NOT_FOUND<br/>
|
||
341 | * ERR_UNKNOWN <br/>
|
||
342 | */
|
||
343 | public int UA_ActivateUser(String adminUserAlias, String adminUserPassword, String userAlias) { |
||
344 | int rc = ua_ActivateUser(adminUserAlias, adminUserPassword, userAlias);
|
||
345 | logger.info(adminUserAlias + " " + userAlias + " Return=" + rc); |
||
346 | return rc;
|
||
347 | } |
||
348 | |||
349 | private int ua_ActivateUser(String adminUserAlias, String adminUserPassword, String userAlias) { |
||
350 | |||
351 | // verify supervisor password
|
||
352 | int rc = verifyStaticPassword(adminUserAlias, adminUserPassword, true, Constants.UTYPE_STATE_ADMIN); |
||
353 | if (rc != Constants.ERR_SUCCESS) {
|
||
354 | return rc;
|
||
355 | } |
||
356 | return activateUser(userAlias);
|
||
357 | } |
||
358 | |||
359 | /**
|
||
360 | * This method to change admin users state to ACTIVE status.
|
||
361 | *
|
||
362 | * @param rootAlias
|
||
363 | * @param rootPassword
|
||
364 | * @param adminUserAlias
|
||
365 | * @return ERR_code defined in the Constants.<br/>
|
||
366 | * ERR_SUCCESS<br/>
|
||
367 | * ERR_SYSTEM_NOT_READY<br/>
|
||
368 | * ERR_USERALIAS_NOT_FOUND <br/>
|
||
369 | * ERR_INVALID_STATE - root not active or temporary suspended.<br/>
|
||
370 | * ERR_APP_SERV_NOT_PERMITTED - for operation not allowed for the user type.<br/>
|
||
371 | * ERR_EXCEED_MAX_TRIES<br/>
|
||
372 | * ERR_INVALID_CREDENTIAL<br/>
|
||
373 | * ERR_USERALIAS_NOT_FOUND<br/>
|
||
374 | * ERR_UNKNOWN<br/>
|
||
375 | */
|
||
376 | public int AD_ActivateUser(String rootAlias, String rootPassword, String adminUserAlias) { |
||
377 | int rc = ad_ActivateUser(rootAlias, rootPassword, adminUserAlias);
|
||
378 | logger.info(rootAlias + " " + adminUserAlias + " Return=" + rc); |
||
379 | return rc;
|
||
380 | } |
||
381 | |||
382 | private int ad_ActivateUser(String rootAlias, String rootPassword, String adminUserAlias) { |
||
383 | |||
384 | // verify supervisor password
|
||
385 | int rc = verifyStaticPassword(rootAlias, rootPassword, true, Constants.UTYPE_STATE_ROOT); |
||
386 | if (rc != Constants.ERR_SUCCESS) {
|
||
387 | return rc;
|
||
388 | } |
||
389 | return activateUser(adminUserAlias);
|
||
390 | } |
||
391 | |||
392 | // TODO: chg to public for testing purpose only
|
||
393 | private int activateUser(String userAlias) { |
||
394 | int rc;
|
||
395 | |||
396 | if (userAlias == null) |
||
397 | return Constants.ERR_INVALID_INPUT;
|
||
398 | |||
399 | DBOperations dbo = new DBOperations();
|
||
400 | 9:16125cca68e4 | hadi | MinimalUserBean ub = new UserBean();
|
401 | 0:02300db8682b | hadi | ub = dbo.getUserFromStore(userAlias); |
402 | if (ub == null) { |
||
403 | dbo.close(); |
||
404 | return Constants.ERR_USERALIAS_NOT_FOUND;
|
||
405 | } |
||
406 | |||
407 | ub.setUstate(Constants.UID_STATE_ACTIVE); |
||
408 | ub.setUdateLastActivated(new Date()); |
||
409 | |||
410 | if (dbo.updateUserToStore(ub)) {
|
||
411 | rc = Constants.ERR_SUCCESS; |
||
412 | } |
||
413 | else {
|
||
414 | rc = Constants.ERR_UNKNOWN; |
||
415 | } |
||
416 | dbo.close(); |
||
417 | return rc;
|
||
418 | } |
||
419 | |||
420 | /**
|
||
421 | * This method is to check whether the user alias exist in the system.
|
||
422 | *
|
||
423 | * @param userAlias
|
||
424 | * @return ERR_code defined in the Constants.<br/>
|
||
425 | * ERR_SUCCESS 0 - found<br/>
|
||
426 | * ERR_USERALIAS_NOT_FOUND 6<br/>
|
||
427 | * ERR_SYSTEM_NOT_READY 98<br/>
|
||
428 | */
|
||
429 | public int UA_IsUserExist(String userAlias) { |
||
430 | DBOperations dbo = new DBOperations();
|
||
431 | 9:16125cca68e4 | hadi | MinimalUserBean ub = new UserBean();
|
432 | 0:02300db8682b | hadi | ub = dbo.getUserFromStore(userAlias); |
433 | dbo.close(); |
||
434 | if (ub == null) { |
||
435 | return Constants.ERR_USERALIAS_NOT_FOUND;
|
||
436 | } |
||
437 | |||
438 | return Constants.ERR_SUCCESS;
|
||
439 | } |
||
440 | |||
441 | /**
|
||
442 | * This method is to get user type. Valid return is [0-root user | 1-admin user | 2-Ordinary User]
|
||
443 | *
|
||
444 | * @param userAlias
|
||
445 | * @return <br/>
|
||
446 | * UTYPE_STATE_ROOT = 0<br/>
|
||
447 | * UTYPE_STATE_ADMIN = 1<br/>
|
||
448 | * UTYPE_STATE_USER = 2<br/>
|
||
449 | * ERR_USERALIAS_NOT_FOUND = 6<br/>
|
||
450 | * ERR_SYSTEM_NOT_READY = 98<br/>
|
||
451 | */
|
||
452 | |||
453 | public int UA_GetUserType(String userAlias) { |
||
454 | DBOperations dbo = new DBOperations();
|
||
455 | 9:16125cca68e4 | hadi | MinimalUserBean ub = new UserBean();
|
456 | 0:02300db8682b | hadi | ub = dbo.getUserFromStore(userAlias); |
457 | dbo.close(); |
||
458 | if (ub == null) { |
||
459 | return Constants.ERR_USERALIAS_NOT_FOUND;
|
||
460 | } |
||
461 | |||
462 | return ub.getUserType();
|
||
463 | } |
||
464 | |||
465 | /**
|
||
466 | * This method is to get user ID associated to user alias
|
||
467 | *
|
||
468 | * @param userAlias
|
||
469 | * @return userID or Zero if failed.
|
||
470 | */
|
||
471 | public long UA_GetUserIDByAlias(String userAlias) { |
||
472 | DBOperations dbo = new DBOperations();
|
||
473 | 9:16125cca68e4 | hadi | MinimalUserBean ub = new UserBean();
|
474 | 0:02300db8682b | hadi | ub = dbo.getUserFromStore(userAlias); |
475 | dbo.close(); |
||
476 | return (ub == null) ? 0 : ub.getUserID(); |
||
477 | } |
||
478 | |||
479 | /**
|
||
480 | * This method is to get attributes associated to user. Return type is HashMap<String,String>
|
||
481 | * The object keys is as below:<br/>
|
||
482 | * RC - Return Code [always present]<br/>
|
||
483 | * RT - Return Code in Text [always present]<br/>
|
||
484 | * <br/>
|
||
485 | * The following data present only with the return is ERR_SUCCESS<br/>
|
||
486 | * Type - User Type [0-Root User] [1-Admin User] [2-Ordinary User][9-SysControl]<br/>
|
||
487 | * State - User State [0-Active] [1-Temporary Locked] [2-Locked] [3-Inactive] [4-Deleted]<br/>
|
||
488 | * Description - User Description<br/>
|
||
489 | * UseCount - Number of time the record being access<br/>
|
||
490 | * DateCreated - Created date<br/>
|
||
491 | * DateLastUsed - Last access of the record<br/>
|
||
492 | * DateLastActivated - Last activation of the record<br/>
|
||
493 | * DateLastLocked - Last date the user being locked<br/>
|
||
494 | * DateLockedFrom - last date the user being locked from<br/>
|
||
495 | * DateLockedTo - last date the user being locked to<br/>
|
||
496 | *
|
||
497 | * @param userAlias
|
||
498 | * @return HashMap
|
||
499 | */
|
||
500 | public HashMap<String, String> UA_GetUserData(String userAlias) { |
||
501 | HashMap<String, String> map = new HashMap<String, String>(); |
||
502 | |||
503 | DBOperations dbo = new DBOperations();
|
||
504 | 9:16125cca68e4 | hadi | MinimalUserBean ub = new UserBean();
|
505 | 0:02300db8682b | hadi | ub = dbo.getUserFromStore(userAlias); |
506 | dbo.close(); |
||
507 | if (ub == null) { |
||
508 | map.put("RC", new Integer(Constants.ERR_USERALIAS_NOT_FOUND).toString()); |
||
509 | map.put("RT", "ERR_USERALIAS_NOT_FOUND"); |
||
510 | return map;
|
||
511 | } |
||
512 | |||
513 | // return Constants.ERR_SUCCESS;
|
||
514 | map.put("RC", new Integer(Constants.ERR_SUCCESS).toString()); |
||
515 | map.put("RT", "ERR_SUCCESS"); |
||
516 | map.put("Type", new Integer(ub.getUserType()).toString()); |
||
517 | map.put("State", new Integer(ub.getUstate()).toString()); |
||
518 | map.put("Description", ub.getDescription());
|
||
519 | map.put("UseCount", new Integer(ub.getUuseCount()).toString()); |
||
520 | map.put("DateCreated", (ub.getUdateCreated() == null) ? "NULL" : ub.getUdateCreated().toString()); |
||
521 | map.put("DateLastUsed", (ub.getUdateLastUsed() == null) ? "NULL" : ub.getUdateLastUsed().toString()); |
||
522 | map.put("DateLastActivated", (ub.getUdateLastActivated() == null) ? "NULL" : ub.getUdateLastActivated() |
||
523 | .toString()); |
||
524 | map.put("DateLastLocked", (ub.getUdateLastLocked() == null) ? "NULL" : ub.getUdateLastLocked().toString()); |
||
525 | map.put("DateLockedFrom", (ub.getUdateLockedFrom() == null) ? "NULL" : ub.getUdateLockedFrom().toString()); |
||
526 | map.put("DateLockedTo", (ub.getUdateLockedTo() == null) ? "NULL" : ub.getUdateLockedTo().toString()); |
||
527 | return map;
|
||
528 | |||
529 | } |
||
530 | |||
531 | /**
|
||
532 | * This method is to get attributes associated to password. Return type is HashMap<String,String>
|
||
533 | * The object keys is as below:<br/>
|
||
534 | * RC - Return Code [always present]<br/>
|
||
535 | * RT - Return Code in Text [always present]<br/>
|
||
536 | * <br/>
|
||
537 | * The following data present only with the return is ERR_SUCCESS<br/>
|
||
538 | * State - Password State [0-Enable] [1-Disable] [2-OneTime Use]<br/>
|
||
539 | * ExpiryStatus - Expiry Status [0-Will Expired][1-Never Expired]
|
||
540 | * UseCount - Number of time the record being access<br/>
|
||
541 | * ErrorCount - Number of time the password verified error<br/>
|
||
542 | * DateCreated - Created date<br/>
|
||
543 | * DateFirstUsed - First access of the password<br/>
|
||
544 | * DateLastUsed - Last access of the password<br/>
|
||
545 | * DatePasswdExpired - Expiry date of the password<br/>
|
||
546 | *
|
||
547 | * @param userAlias
|
||
548 | * @return HashMap
|
||
549 | */
|
||
550 | public HashMap<String, String> QueryPassword(String userAlias) { |
||
551 | HashMap<String, String> map = new HashMap<String, String>(); |
||
552 | |||
553 | DBOperations dbo = new DBOperations();
|
||
554 | 9:16125cca68e4 | hadi | MinimalUserBean ub = new UserBean();
|
555 | 0:02300db8682b | hadi | ub = dbo.getUserFromStore(userAlias); |
556 | dbo.close(); |
||
557 | if (ub == null) { |
||
558 | map.put("RC", new Integer(Constants.ERR_USERALIAS_NOT_FOUND).toString()); |
||
559 | map.put("RT", "ERR_USERALIAS_NOT_FOUND"); |
||
560 | return map;
|
||
561 | } |
||
562 | |||
563 | // return Constants.ERR_SUCCESS;
|
||
564 | map.put("RC", new Integer(Constants.ERR_SUCCESS).toString()); |
||
565 | map.put("RT", "ERR_SUCCESS"); |
||
566 | map.put("State", new Integer(ub.getPstate()).toString()); |
||
567 | map.put("ExpiryStatus", new Integer(ub.getPexpiredStatus()).toString()); |
||
568 | map.put("UseCount", new Integer(ub.getPuseCount()).toString()); |
||
569 | map.put("ErrorCount", new Integer(ub.getPerrorCount()).toString()); |
||
570 | map.put("DateCreated", (ub.getPdateCreated() == null) ? "NULL" : ub.getPdateCreated().toString()); |
||
571 | map.put("DateFirstUsed", (ub.getPdateFirstUsed() == null) ? "NULL" : ub.getPdateFirstUsed().toString()); |
||
572 | map.put("DateLastUsed", (ub.getPdateLastUsed() == null) ? "NULL" : ub.getPdateLastUsed().toString()); |
||
573 | map.put("DatePasswdExpired", (ub.getPdateExpired() == null) ? "NULL" : ub.getPdateExpired().toString()); |
||
574 | return map;
|
||
575 | |||
576 | } |
||
577 | |||
578 | /**
|
||
579 | * This method is to get attributes associated to TAC. Return type is HashMap<String,String>
|
||
580 | * The object keys is as below:<br/>
|
||
581 | * RC - Return Code [always present]<br/>
|
||
582 | * RT - Return Code in Text [always present]<br/>
|
||
583 | * <br/>
|
||
584 | * The following data present only with the return is ERR_SUCCESS<br/>
|
||
585 | * State - User State [0-Enable] [1-Disable]<br/>
|
||
586 | * UseCount - Number of time the record being access<br/>
|
||
587 | * ErrorCount - Number of time the TAC verified error<br/>
|
||
588 | * DateCreated - TAC Created date<br/>
|
||
589 | * DateFirstUsed - First access of the TAC<br/>
|
||
590 | * DateLastUsed - Last access of the TAC<br/>
|
||
591 | *
|
||
592 | * @param userAlias
|
||
593 | * @return HashMap
|
||
594 | */
|
||
595 | public HashMap<String, String> QueryTAC(String userAlias) { |
||
596 | HashMap<String, String> map = new HashMap<String, String>(); |
||
597 | |||
598 | DBOperations dbo = new DBOperations();
|
||
599 | TacBean tacBean = new TacBean();
|
||
600 | tacBean = dbo.getTacFromStore(userAlias); |
||
601 | dbo.close(); |
||
602 | if (tacBean == null) { |
||
603 | map.put("RC", new Integer(Constants.ERR_USERALIAS_NOT_FOUND).toString()); |
||
604 | map.put("RT", "ERR_USERALIAS_NOT_FOUND"); |
||
605 | return map;
|
||
606 | } |
||
607 | |||
608 | // return Constants.ERR_SUCCESS;
|
||
609 | map.put("RC", new Integer(Constants.ERR_SUCCESS).toString()); |
||
610 | map.put("RT", "ERR_SUCCESS"); |
||
611 | |||
612 | map.put("State", new Integer(tacBean.getState()).toString()); |
||
613 | map.put("UseCount", new Integer(tacBean.getUseCount()).toString()); |
||
614 | map.put("ErrorCount", new Integer(tacBean.getErrorCount()).toString()); |
||
615 | map.put("DateCreated", (tacBean.getDateCreated() == null) ? "NULL" : tacBean.getDateCreated().toString()); |
||
616 | map.put("DateFirstUsed", (tacBean.getDateFirstUsed() == null) ? "NULL" : tacBean.getDateFirstUsed().toString()); |
||
617 | map.put("DateLastUsed", (tacBean.getDateLastUsed() == null) ? "NULL" : tacBean.getDateLastUsed().toString()); |
||
618 | map.put("SessionID", (tacBean.getSessionId() == null) ? "NULL" : tacBean.getSessionId()); |
||
619 | return map;
|
||
620 | |||
621 | } |
||
622 | |||
623 | /**
|
||
624 | * This method is to change online user state to LOCKED status.
|
||
625 | *
|
||
626 | * @param adminUserAlias
|
||
627 | * @param adminUserPassword
|
||
628 | * @param userAlias
|
||
629 | * @return ERR_code defined in the Constants.<br/>
|
||
630 | * ERR_SUCCESS<br/>
|
||
631 | * ERR_SYSTEM_NOT_READY<br/>
|
||
632 | * ERR_USERALIAS_NOT_FOUND <br/>
|
||
633 | * ERR_INVALID_STATE - admin not active or temporary suspended.<br/>
|
||
634 | * ERR_APP_SERV_NOT_PERMITTED - for operation not allowed for the user type.<br/>
|
||
635 | * ERR_EXCEED_MAX_TRIES<br/>
|
||
636 | * ERR_INVALID_CREDENTIAL<br/>
|
||
637 | * ERR_UNKNOWN<br/>
|
||
638 | */
|
||
639 | public int UA_LockUser(String adminUserAlias, String adminUserPassword, String userAlias) { |
||
640 | int rc = ua_LockUser(adminUserAlias, adminUserPassword, userAlias);
|
||
641 | logger.info(adminUserAlias + " " + userAlias + " Return=" + rc); |
||
642 | return rc;
|
||
643 | } |
||
644 | |||
645 | private int ua_LockUser(String adminUserAlias, String adminUserPassword, String userAlias) { |
||
646 | // verify supervisor password
|
||
647 | int rc = verifyStaticPassword(adminUserAlias, adminUserPassword, true, Constants.UTYPE_STATE_ADMIN); |
||
648 | if (rc != Constants.ERR_SUCCESS) {
|
||
649 | return rc;
|
||
650 | } |
||
651 | return lockUser(userAlias);
|
||
652 | |||
653 | } |
||
654 | |||
655 | /**
|
||
656 | * This method is to change admin user state to LOCKED status.
|
||
657 | *
|
||
658 | * @param rootAlias
|
||
659 | * @param rootPassword
|
||
660 | * @param adminUserAlias
|
||
661 | * @return ERR_code defined in the Constants.<br/>
|
||
662 | * ERR_SUCCESS<br/>
|
||
663 | * ERR_SYSTEM_NOT_READY<br/>
|
||
664 | * ERR_USERALIAS_NOT_FOUND <br/>
|
||
665 | * ERR_INVALID_STATE - root not active or temporary suspended.<br/>
|
||
666 | * ERR_APP_SERV_NOT_PERMITTED - for operation not allowed for the user type.<br/>
|
||
667 | * ERR_EXCEED_MAX_TRIES<br/>
|
||
668 | * ERR_INVALID_CREDENTIAL<br/>
|
||
669 | * ERR_UNKNOWN<br/>
|
||
670 | */
|
||
671 | public int AD_LockUser(String rootAlias, String rootPassword, String adminUserAlias) { |
||
672 | int rc = ad_LockUser(rootAlias, rootPassword, adminUserAlias);
|
||
673 | logger.info(rootAlias + " " + adminUserAlias + " Return=" + rc); |
||
674 | return rc;
|
||
675 | } |
||
676 | |||
677 | private int ad_LockUser(String rootAlias, String rootPassword, String adminUserAlias) { |
||
678 | |||
679 | // verify supervisor password
|
||
680 | int rc = verifyStaticPassword(rootAlias, rootPassword, true, Constants.UTYPE_STATE_ROOT); |
||
681 | if (rc != Constants.ERR_SUCCESS) {
|
||
682 | return rc;
|
||
683 | } |
||
684 | return lockUser(adminUserAlias);
|
||
685 | } |
||
686 | |||
687 | /**
|
||
688 | * This method is to suspend online user from when for how many Minutes
|
||
689 | *
|
||
690 | * @param adminUserAlias
|
||
691 | * @param adminUserPassword
|
||
692 | * @param userAlias
|
||
693 | * @param fromDate
|
||
694 | * - from when
|
||
695 | * @param nMinutes
|
||
696 | * - Suspend for how many minutes
|
||
697 | * @return ERR_code defined in the Constants.<br/>
|
||
698 | * ERR_SUCCESS<br/>
|
||
699 | * ERR_SYSTEM_NOT_READY<br/>
|
||
700 | * ERR_USERALIAS_NOT_FOUND <br/>
|
||
701 | * ERR_INVALID_STATE - admin not active or temporary suspended.<br/>
|
||
702 | * ERR_APP_SERV_NOT_PERMITTED - for operation not allowed for the user type.<br/>
|
||
703 | * ERR_EXCEED_MAX_TRIES<br/>
|
||
704 | * ERR_INVALID_CREDENTIAL<br/>
|
||
705 | * ERR_UNKNOWN<br/>
|
||
706 | */
|
||
707 | public int UA_SuspendUser(String adminUserAlias, String adminUserPassword, String userAlias, String strFromDate, |
||
708 | int nMinutes) {
|
||
709 | Date fromDate = StringToDate(strFromDate);
|
||
710 | int rc = ua_SuspendUser(adminUserAlias, adminUserPassword, userAlias, fromDate, nMinutes);
|
||
711 | logger.info(adminUserAlias + " " + userAlias + " From:" + fromDate + " for " + nMinutes + "min Return=" + rc); |
||
712 | return rc;
|
||
713 | } |
||
714 | |||
715 | private int ua_SuspendUser(String adminUserAlias, String adminUserPassword, String userAlias, Date fromDate, |
||
716 | int nMinutes) {
|
||
717 | // verify supervisor password
|
||
718 | int rc = verifyStaticPassword(adminUserAlias, adminUserPassword, true, Constants.UTYPE_STATE_ADMIN); |
||
719 | if (rc != Constants.ERR_SUCCESS) {
|
||
720 | return rc;
|
||
721 | } |
||
722 | return lockUser(userAlias, Constants.UID_STATE_TMP_LOCKED, fromDate, nMinutes);
|
||
723 | } |
||
724 | |||
725 | /**
|
||
726 | * This method is to suspend admin user from when for how many Minutes
|
||
727 | *
|
||
728 | * @param rootAlias
|
||
729 | * @param rootPassword
|
||
730 | * @param adminUserAlias
|
||
731 | * @param fromDate
|
||
732 | * - from when
|
||
733 | * @param nMinutes
|
||
734 | * - Suspend for how many Minutes
|
||
735 | * @return ERR_code defined in the Constants.<br/>
|
||
736 | * ERR_SUCCESS<br/>
|
||
737 | * ERR_SYSTEM_NOT_READY<br/>
|
||
738 | * ERR_USERALIAS_NOT_FOUND <br/>
|
||
739 | * ERR_INVALID_STATE - root not active or temporary suspended.<br/>
|
||
740 | * ERR_APP_SERV_NOT_PERMITTED - for operation not allowed for the user type.<br/>
|
||
741 | * ERR_EXCEED_MAX_TRIES<br/>
|
||
742 | * ERR_INVALID_CREDENTIAL<br/>
|
||
743 | * ERR_UNKNOWN<br/>
|
||
744 | */
|
||
745 | public int AD_SuspendUser(String rootAlias, String rootPassword, String adminUserAlias, String strFromDate, |
||
746 | int nMinutes) {
|
||
747 | Date fromDate = StringToDate(strFromDate);
|
||
748 | int rc = ad_SuspendUser(rootAlias, rootPassword, adminUserAlias, fromDate, nMinutes);
|
||
749 | logger.info(userAlias + " Return=" + rc);
|
||
750 | return rc;
|
||
751 | } |
||
752 | |||
753 | private int ad_SuspendUser(String rootAlias, String rootPassword, String adminUserAlias, Date fromDate, int nMinutes) { |
||
754 | |||
755 | // verify supervisor password
|
||
756 | int rc = verifyStaticPassword(rootAlias, rootPassword, true, Constants.UTYPE_STATE_ROOT); |
||
757 | if (rc != Constants.ERR_SUCCESS) {
|
||
758 | return rc;
|
||
759 | } |
||
760 | return lockUser(adminUserAlias, Constants.UID_STATE_TMP_LOCKED, fromDate, nMinutes);
|
||
761 | } |
||
762 | |||
763 | private int lockUser(String userAlias) { |
||
764 | return lockUser(userAlias, Constants.UID_STATE_LOCKED, null, 0); |
||
765 | } |
||
766 | |||
767 | private int lockUser(String userAlias, int mode, Date fromDate, int nMinutes) { |
||
768 | int rc;
|
||
769 | |||
770 | if (userAlias == null) |
||
771 | return Constants.ERR_INVALID_INPUT;
|
||
772 | |||
773 | DBOperations dbo = new DBOperations();
|
||
774 | 9:16125cca68e4 | hadi | MinimalUserBean ub = new UserBean();
|
775 | 0:02300db8682b | hadi | ub = dbo.getUserFromStore(userAlias); |
776 | if (ub == null) { |
||
777 | dbo.close(); |
||
778 | return Constants.ERR_USERALIAS_NOT_FOUND;
|
||
779 | } |
||
780 | |||
781 | Date now = new Date(); |
||
782 | if (mode == Constants.UID_STATE_LOCKED) {
|
||
783 | ub.setUstate(Constants.UID_STATE_LOCKED); |
||
784 | } else {
|
||
785 | ub.setUstate(Constants.UID_STATE_TMP_LOCKED); |
||
786 | ub.setUdateLockedFrom(fromDate); |
||
787 | |||
788 | Calendar expiryDate = Calendar.getInstance(); |
||
789 | expiryDate.setTime(fromDate); // set expiry date to fromDate
|
||
790 | expiryDate.add(Calendar.MINUTE, +nMinutes);
|
||
791 | ub.setUdateLockedTo(expiryDate.getTime()); |
||
792 | } |
||
793 | |||
794 | ub.setUdateLastLocked(now); |
||
795 | |||
796 | if (dbo.updateUserToStore(ub)) {
|
||
797 | rc = Constants.ERR_SUCCESS; |
||
798 | } |
||
799 | else {
|
||
800 | rc = Constants.ERR_UNKNOWN; |
||
801 | } |
||
802 | |||
803 | dbo.close(); |
||
804 | return rc;
|
||
805 | } |
||
806 | |||
807 | // ///////////////////////////////////////////////////////////////////////////////
|
||
808 | // token area
|
||
809 | // ///////////////////////////////////////////////////////////////////////////////
|
||
810 | |||
811 | /**
|
||
812 | * This method is to verify token password
|
||
813 | *
|
||
814 | * @param userAlias
|
||
815 | * @param inPassword
|
||
816 | * @return ERR_code defined in the Constants<br/>
|
||
817 | * ERR_SUCCESS<br/>
|
||
818 | * ERR_SYSTEM_NOT_READY<br/>
|
||
819 | * ERR_USERALIAS_NOT_FOUND<br/>
|
||
820 | * ERR_INVALID_STATE<br/>
|
||
821 | * ERR_EXCEED_MAX_TRIES<br/>
|
||
822 | * ERR_INVALID_CREDENTIAL<br/>
|
||
823 | * ERR_PASSWD_EXPIRED<br/>
|
||
824 | * ERR_REUSED_PASSWD<br/>
|
||
825 | */
|
||
826 | public int VerifyToken(String userAlias, String inPassword) { |
||
827 | int rc = verifyToken(userAlias, inPassword);
|
||
828 | logger.info(userAlias + " Return=" + rc);
|
||
829 | return rc;
|
||
830 | } |
||
831 | |||
832 | private int verifyToken(String userAlias, String inPassword) { |
||
833 | DBOperations dbo = new DBOperations();
|
||
834 | TokenBean tb = new TokenBean();
|
||
835 | int rc = Constants.ERR_SYSTEM_NOT_READY;
|
||
836 | try {
|
||
837 | tb = dbo.getTokenFromStoreByUserAlias(userAlias); |
||
838 | if (tb == null) { |
||
839 | dbo.close(); |
||
840 | return Constants.ERR_USERALIAS_NOT_FOUND;
|
||
841 | } |
||
842 | |||
843 | if (tb.getVstate() != Constants.TKN_STATE_ASSIGNED) {
|
||
844 | dbo.close(); |
||
845 | return Constants.ERR_INVALID_STATE;
|
||
846 | } |
||
847 | |||
848 | TokenController tc = UPassFactory.getTokenController(tb); |
||
849 | rc = tc.verifyToken(inPassword, "", ""); |
||
850 | |||
851 | tb = tc.getUpdatedObject(); |
||
852 | |||
853 | // update first time used
|
||
854 | if (tb.getVdateFirstUsed() == null) { |
||
855 | tb.setVdateFirstUsed(new Date()); |
||
856 | } |
||
857 | // update last time used
|
||
858 | tb.setVdateLastUsed(new Date()); |
||
859 | |||
860 | // update database
|
||
861 | boolean lrc = dbo.updateTokenToStore(tb);
|
||
862 | dbo.close(); |
||
863 | if (!lrc) {
|
||
864 | return Constants.ERR_UNKNOWN;
|
||
865 | } |
||
866 | } catch (Exception e) |
||
867 | { |
||
868 | e.printStackTrace(); |
||
869 | } |
||
870 | |||
871 | return rc;
|
||
872 | } |
||
873 | |||
874 | /**
|
||
875 | * This method is to reset user token <br/>
|
||
876 | *
|
||
877 | * @param adminUserAlias
|
||
878 | * @param adminUserPassword
|
||
879 | * @param userAlias
|
||
880 | * @return ERR_code defined in the Constants<br/>
|
||
881 | * ERR_SUCCESS<br/>
|
||
882 | * ERR_SYSTEM_NOT_READY<br/>
|
||
883 | * ERR_USERALIAS_NOT_FOUND<br/>
|
||
884 | * ERR_INVALID_STATE<br/>
|
||
885 | * ERR_EXCEED_MAX_TRIES<br/>
|
||
886 | * ERR_INVALID_CREDENTIAL<br/>
|
||
887 | */
|
||
888 | public int ResetToken(String adminUserAlias, String adminUserPassword, String userAlias) { |
||
889 | int rc = resetToken(adminUserAlias, adminUserPassword, userAlias);
|
||
890 | logger.info(adminUserAlias + " " + userAlias + " Return=" + rc); |
||
891 | return rc;
|
||
892 | } |
||
893 | |||
894 | private int resetToken(String adminUserAlias, String adminUserPassword, String userAlias) { |
||
895 | |||
896 | // verify supervisor password
|
||
897 | int rc = verifyStaticPassword(adminUserAlias, adminUserPassword, true, Constants.UTYPE_STATE_ADMIN); |
||
898 | if (rc != Constants.ERR_SUCCESS) {
|
||
899 | return rc;
|
||
900 | } |
||
901 | |||
902 | DBOperations dbo = new DBOperations();
|
||
903 | TokenBean tb = new TokenBean();
|
||
904 | tb = dbo.getTokenFromStoreByUserAlias(userAlias); |
||
905 | if (tb == null) { |
||
906 | dbo.close(); |
||
907 | return Constants.ERR_USERALIAS_NOT_FOUND;
|
||
908 | } |
||
909 | |||
910 | TokenController tc = UPassFactory.getTokenController(tb); |
||
911 | rc = tc.resetToken(); |
||
912 | tb = tc.getUpdatedObject(); |
||
913 | |||
914 | // update database
|
||
915 | boolean lrc = dbo.updateTokenToStore(tb);
|
||
916 | dbo.close(); |
||
917 | if (!lrc) {
|
||
918 | return Constants.ERR_UNKNOWN;
|
||
919 | } |
||
920 | |||
921 | return rc;
|
||
922 | } |
||
923 | |||
924 | /**
|
||
925 | * This method is to query token information, Return type is HashMap<String,String>
|
||
926 | * RC - Return Code [always present]<br/>
|
||
927 | * RT - Return Code in Text [always present]<br/>
|
||
928 | * <br/>
|
||
929 | * The following data present only with the return is ERR_SUCCESS<br/>
|
||
930 | * SerailNo - The serial number of token<br/>
|
||
931 | * State - Token State, [0-UNASSIGNED], [1-ASSIGNED], [2-DISABLE], [3-LOCKED], [4-DELETED]<br/>
|
||
932 | * UseCount - number of time of password authentication <br/>
|
||
933 | * ErrorCount - number of time error encountered of password authentication<br/>
|
||
934 | * DateAssigned - date of assignment to user<br/>
|
||
935 | * DateFirstUsed - date of 1st time use<br/>
|
||
936 | * DateLastUsed - date of last time used<br/>
|
||
937 | * BatchID - the ID used for loading the token into data store<br/>
|
||
938 | * <br/>
|
||
939 | *
|
||
940 | * Data retrieved from token BLOB<br/>
|
||
941 | * TOKEN_MODEL<br/>
|
||
942 | * USE_COUNT<br/>
|
||
943 | * ERROR_COUNT<br/>
|
||
944 | * LAST_TIME_USED<br/>
|
||
945 | * CODE_WORD<br/>
|
||
946 | * TRIPLE_DES<br/>
|
||
947 | * MAX_INPUT_FIELDS<br/>
|
||
948 | * RESPONSE_LENGTH<br/>
|
||
949 | * RESPONSE_TYPE<br/>
|
||
950 | * RESPONSE_CHECKSUM<br/>
|
||
951 | * TIME_STEP_USED<br/>
|
||
952 | *
|
||
953 | * @param userAlias
|
||
954 | * @return HashMap
|
||
955 | */
|
||
956 | public HashMap<String, String> QueryToken(String userAlias) { |
||
957 | HashMap<String, String> map = new HashMap<String, String>(); |
||
958 | |||
959 | DBOperations dbo = new DBOperations();
|
||
960 | TokenBean tb = new TokenBean();
|
||
961 | tb = dbo.getTokenFromStoreByUserAlias(userAlias); |
||
962 | dbo.close(); |
||
963 | |||
964 | if (tb == null) { |
||
965 | map.put("RC", new Integer(Constants.ERR_USERALIAS_NOT_FOUND).toString()); |
||
966 | map.put("RT", "ERR_USERALIAS_NOT_FOUND"); |
||
967 | return map;
|
||
968 | } |
||
969 | |||
970 | map.put("RC", new Integer(Constants.ERR_SUCCESS).toString()); |
||
971 | map.put("RT", "ERR_SUCCESS"); |
||
972 | |||
973 | map.put("SerailNo", tb.getVserialNumber());
|
||
974 | map.put("State", new Integer(tb.getVstate()).toString()); |
||
975 | map.put("UseCount", new Integer(tb.getVuseCount()).toString()); |
||
976 | map.put("ErrorCount", new Integer(tb.getVerrorCount()).toString()); |
||
977 | map.put("DateAssigned", (tb.getVdateAssigned() == null) ? "NULL" : tb.getVdateAssigned().toString()); |
||
978 | map.put("DateFirstUsed", (tb.getVdateFirstUsed() == null) ? "NULL" : tb.getVdateFirstUsed().toString()); |
||
979 | map.put("DateLastUsed", (tb.getVdateLastUsed() == null) ? "NULL" : tb.getVdateLastUsed().toString()); |
||
980 | map.put("BatchID", new Long(tb.getVbatchNo()).toString()); |
||
981 | |||
982 | HashMap<String, String> hmBLOB = new HashMap<String, String>(); |
||
983 | TokenController tc = UPassFactory.getTokenController(tb); |
||
984 | hmBLOB = tc.getTokenBlobInfo(); |
||
985 | |||
986 | map.put("TOKEN_MODEL", hmBLOB.get("TOKEN_MODEL")); |
||
987 | map.put("USE_COUNT", hmBLOB.get("USE_COUNT")); |
||
988 | map.put("ERROR_COUNT", hmBLOB.get("ERROR_COUNT")); |
||
989 | map.put("LAST_TIME_USED", hmBLOB.get("LAST_TIME_USED")); |
||
990 | map.put("CODE_WORD", hmBLOB.get("CODE_WORD")); |
||
991 | map.put("TRIPLE_DES", hmBLOB.get("TRIPLE_DES")); |
||
992 | map.put("MAX_INPUT_FIELDS", hmBLOB.get("MAX_INPUT_FIELDS")); |
||
993 | map.put("RESPONSE_LENGTH", hmBLOB.get("RESPONSE_LENGTH")); |
||
994 | map.put("RESPONSE_TYPE", hmBLOB.get("RESPONSE_TYPE")); |
||
995 | map.put("RESPONSE_CHECKSUM", hmBLOB.get("RESPONSE_CHECKSUM")); |
||
996 | map.put("TIME_STEP_USED", hmBLOB.get("TIME_STEP_USED")); |
||
997 | |||
998 | return map;
|
||
999 | } |
||
1000 | |||
1001 | public int DeleteTokenFromStore(String adminUserAlias, String adminUserPassword, String serialNumber) { |
||
1002 | int rc = deleteTokenFromStore(adminUserAlias, adminUserPassword, serialNumber);
|
||
1003 | logger.info(serialNumber + " Return=" + rc);
|
||
1004 | return rc;
|
||
1005 | } |
||
1006 | |||
1007 | private int deleteTokenFromStore(String adminUserAlias, String adminUserPassword, String serialNumber) { |
||
1008 | // verify supervisor password
|
||
1009 | int rc = verifyStaticPassword(adminUserAlias, adminUserPassword, true, Constants.UTYPE_STATE_ADMIN); |
||
1010 | if (rc != Constants.ERR_SUCCESS) {
|
||
1011 | return rc;
|
||
1012 | } |
||
1013 | |||
1014 | DBOperations dbo = new DBOperations();
|
||
1015 | boolean lrc = dbo.deleteTokenFromStoreBySerialNumber(serialNumber);
|
||
1016 | dbo.close(); |
||
1017 | |||
1018 | if (lrc)
|
||
1019 | return Constants.ERR_SUCCESS;
|
||
1020 | else
|
||
1021 | return Constants.ERR_TOKEN_NOT_EXIST;
|
||
1022 | |||
1023 | } |
||
1024 | |||
1025 | /**
|
||
1026 | * This method is to assign token to user<br/>
|
||
1027 | *
|
||
1028 | * @param serialNumber
|
||
1029 | * @param userAlias
|
||
1030 | * @return ERR_code defined in the Constants<br/>
|
||
1031 | * ERR_SUCCESS<br/>
|
||
1032 | * ERR_SYSTEM_NOT_READY<br/>
|
||
1033 | * ERR_USERALIAS_NOT_FOUND<br/>
|
||
1034 | * ERR_INVALID_STATE<br/>
|
||
1035 | */
|
||
1036 | public int AssignTokenToUser(String adminUserAlias, String adminUserPassword, String serialNumber, String userAlias) { |
||
1037 | int rc = assignToken(adminUserAlias, adminUserPassword, serialNumber, userAlias, Constants.TKN_STATE_ASSIGNED);
|
||
1038 | logger.info(serialNumber + " " + userAlias + " Return=" + rc); |
||
1039 | return rc;
|
||
1040 | } |
||
1041 | |||
1042 | /**
|
||
1043 | * This method is to return Token to store; Reset the Token.<br/>
|
||
1044 | * The token is ready to re-assign to other user.<br/>
|
||
1045 | *
|
||
1046 | * @param adminUserAlias
|
||
1047 | * @param adminUserPassword
|
||
1048 | * @param userAlias
|
||
1049 | * @return ERR_code defined in the Constants<br/>
|
||
1050 | * ERR_SUCCESS<br/>
|
||
1051 | * ERR_SYSTEM_NOT_READY<br/>
|
||
1052 | * ERR_USERALIAS_NOT_FOUND<br/>
|
||
1053 | * ERR_INVALID_STATE<br/>
|
||
1054 | */
|
||
1055 | public int UnassignTokenFromUser(String adminUserAlias, String adminUserPassword, String userAlias) { |
||
1056 | int rc = assignToken(adminUserAlias, adminUserPassword, null, userAlias, Constants.TKN_STATE_UNASSIGNED); |
||
1057 | logger.info(userAlias + " Return=" + rc);
|
||
1058 | return rc;
|
||
1059 | } |
||
1060 | |||
1061 | /**
|
||
1062 | * This method is to disable the token<br/>
|
||
1063 | *
|
||
1064 | * @param adminUserAlias
|
||
1065 | * @param adminUserPassword
|
||
1066 | * @param userAlias
|
||
1067 | * @return ERR_code defined in the Constants<br/>
|
||
1068 | * ERR_SUCCESS<br/>
|
||
1069 | * ERR_SYSTEM_NOT_READY<br/>
|
||
1070 | * ERR_USERALIAS_NOT_FOUND<br/>
|
||
1071 | * ERR_INVALID_STATE<br/>
|
||
1072 | */
|
||
1073 | public int DisableToken(String adminUserAlias, String adminUserPassword, String userAlias) { |
||
1074 | int rc = disableToken(adminUserAlias, adminUserPassword, userAlias, true); |
||
1075 | logger.info(userAlias + " Return=" + rc);
|
||
1076 | return rc;
|
||
1077 | } |
||
1078 | |||
1079 | /**
|
||
1080 | * This method is to enable to token<br/>
|
||
1081 | *
|
||
1082 | * @param adminUserAlias
|
||
1083 | * @param adminUserPassword
|
||
1084 | * @param userAlias
|
||
1085 | * @return ERR_code defined in the Constants<br/>
|
||
1086 | * ERR_SUCCESS<br/>
|
||
1087 | * ERR_SYSTEM_NOT_READY<br/>
|
||
1088 | * ERR_USERALIAS_NOT_FOUND<br/>
|
||
1089 | * ERR_INVALID_STATE<br/>
|
||
1090 | */
|
||
1091 | public int EnableToken(String adminUserAlias, String adminUserPassword, String userAlias) { |
||
1092 | int rc = disableToken(adminUserAlias, adminUserPassword, userAlias, false); |
||
1093 | logger.info(userAlias + " Return=" + rc);
|
||
1094 | return rc;
|
||
1095 | } |
||
1096 | |||
1097 | private int disableToken(String adminUserAlias, String adminUserPassword, String userAlias, boolean ldisable) { |
||
1098 | // verify supervisor password
|
||
1099 | int rc = verifyStaticPassword(adminUserAlias, adminUserPassword, true, Constants.UTYPE_STATE_ADMIN); |
||
1100 | if (rc != Constants.ERR_SUCCESS) {
|
||
1101 | return rc;
|
||
1102 | } |
||
1103 | |||
1104 | DBOperations dbo = new DBOperations();
|
||
1105 | TokenBean tb = new TokenBean();
|
||
1106 | tb = dbo.getTokenFromStoreByUserAlias(userAlias); |
||
1107 | |||
1108 | // check state vs operations
|
||
1109 | boolean validState = true; |
||
1110 | if (ldisable & tb.getVstate() != Constants.TKN_STATE_ASSIGNED) {
|
||
1111 | validState = false;
|
||
1112 | } |
||
1113 | |||
1114 | if (!ldisable & tb.getVstate() != Constants.TKN_STATE_DISABLE) {
|
||
1115 | validState = false;
|
||
1116 | } |
||
1117 | |||
1118 | if (!validState) {
|
||
1119 | dbo.close(); |
||
1120 | return Constants.ERR_INVALID_STATE;
|
||
1121 | } |
||
1122 | |||
1123 | // assign state according to Enable|Disable
|
||
1124 | int TargetTokenAssignmentState = (ldisable) ? Constants.TKN_STATE_DISABLE : Constants.TKN_STATE_ASSIGNED;
|
||
1125 | tb.setVstate(TargetTokenAssignmentState); |
||
1126 | tb.setVdateLastUsed(null);
|
||
1127 | |||
1128 | // update database
|
||
1129 | boolean lrc = dbo.updateTokenToStore(tb);
|
||
1130 | dbo.close(); |
||
1131 | if (!lrc) {
|
||
1132 | return Constants.ERR_UNKNOWN;
|
||
1133 | } |
||
1134 | |||
1135 | return Constants.ERR_SUCCESS;
|
||
1136 | } |
||
1137 | |||
1138 | private int assignToken(String adminUserAlias, String adminUserPassword, String serialNumber, String userAlias, |
||
1139 | int TargetTokenAssignmentState) {
|
||
1140 | |||
1141 | // verify supervisor password
|
||
1142 | int rc = verifyStaticPassword(adminUserAlias, adminUserPassword, true, Constants.UTYPE_STATE_ADMIN); |
||
1143 | if (rc != Constants.ERR_SUCCESS) {
|
||
1144 | return rc;
|
||
1145 | } |
||
1146 | |||
1147 | DBOperations dbo = new DBOperations();
|
||
1148 | TokenBean tb = new TokenBean();
|
||
1149 | String targetUserAlias = null; |
||
1150 | |||
1151 | if (TargetTokenAssignmentState == Constants.TKN_STATE_ASSIGNED) {
|
||
1152 | // if the operation is to assign token to user, query by token serial number
|
||
1153 | // then assign token to user
|
||
1154 | tb = dbo.getTokenFromStoreBySerialNumber(serialNumber); |
||
1155 | targetUserAlias = userAlias; |
||
1156 | } else {
|
||
1157 | // query by user ID, since it already assigned
|
||
1158 | // then return token back to TokenOwner
|
||
1159 | tb = dbo.getTokenFromStoreByUserAlias(userAlias); |
||
1160 | targetUserAlias = "TokenOwner";
|
||
1161 | } |
||
1162 | |||
1163 | if (tb == null) { |
||
1164 | dbo.close(); |
||
1165 | return Constants.ERR_TOKEN_NOT_EXIST;
|
||
1166 | } |
||
1167 | |||
1168 | // check if the token already assigned and the target state is assignToken
|
||
1169 | if (TargetTokenAssignmentState == Constants.TKN_STATE_ASSIGNED &
|
||
1170 | tb.getVstate() == Constants.TKN_STATE_ASSIGNED) { |
||
1171 | return Constants.ERR_TOKEN_ALREADY_ASSIGNED;
|
||
1172 | } |
||
1173 | |||
1174 | // check user exist for the token
|
||
1175 | 9:16125cca68e4 | hadi | MinimalUserBean ub = new UserBean();
|
1176 | 0:02300db8682b | hadi | ub = dbo.getUserFromStore(targetUserAlias); |
1177 | if (ub == null) { |
||
1178 | dbo.close(); |
||
1179 | return Constants.ERR_USERALIAS_NOT_FOUND;
|
||
1180 | } |
||
1181 | |||
1182 | // reset and assign token to user
|
||
1183 | TokenController tc = UPassFactory.getTokenController(tb); |
||
1184 | rc = tc.resetToken(); |
||
1185 | |||
1186 | tb = tc.getUpdatedObject(); |
||
1187 | tb.setVstate(TargetTokenAssignmentState); |
||
1188 | tb.setVdateAssigned(new Date()); |
||
1189 | tb.setVuserID(ub.getUserID()); |
||
1190 | tb.setVdateFirstUsed(null);
|
||
1191 | tb.setVdateLastUsed(null);
|
||
1192 | |||
1193 | // update database
|
||
1194 | boolean lrc = dbo.updateTokenToStore(tb);
|
||
1195 | dbo.close(); |
||
1196 | if (!lrc) {
|
||
1197 | return Constants.ERR_UNKNOWN;
|
||
1198 | } |
||
1199 | |||
1200 | return Constants.ERR_SUCCESS;
|
||
1201 | |||
1202 | } |
||
1203 | |||
1204 | /**
|
||
1205 | * This method is to load token from DPX file to UPass data store
|
||
1206 | * Refer to System Console for additional information.
|
||
1207 | *
|
||
1208 | * @param adminUserAlias
|
||
1209 | * @param adminUserPassword
|
||
1210 | * @param filename
|
||
1211 | * @param importKey
|
||
1212 | * @param BatchID
|
||
1213 | * @return ERR_code defined in the Constants<br/>
|
||
1214 | * ERR_SUCCESS<br/>
|
||
1215 | * ERR_SYSTEM_NOT_READY<br/>
|
||
1216 | */
|
||
1217 | public int LoadToken(String adminUserAlias, String adminUserPassword, String filename, String importKey, |
||
1218 | String BatchID) {
|
||
1219 | int rc = loadToken(adminUserAlias, adminUserPassword, filename, importKey, BatchID);
|
||
1220 | logger.info(userAlias + " Return=" + rc);
|
||
1221 | return rc;
|
||
1222 | } |
||
1223 | |||
1224 | private int loadToken(String adminUserAlias, String adminUserPassword, String filename, String importKey, |
||
1225 | String BatchID) {
|
||
1226 | |||
1227 | // verify supervisor password
|
||
1228 | int rc = verifyStaticPassword(adminUserAlias, adminUserPassword, true, Constants.UTYPE_STATE_ADMIN); |
||
1229 | if (rc != Constants.ERR_SUCCESS) {
|
||
1230 | return rc;
|
||
1231 | } |
||
1232 | |||
1233 | LoadTokenDPX ldpx = new LoadTokenDPX(filename, importKey, BatchID);
|
||
1234 | rc = ldpx.importToken(); |
||
1235 | |||
1236 | return rc;
|
||
1237 | } |
||
1238 | |||
1239 | // ///////////////////////////////////////////////////////////////////////////////
|
||
1240 | // token area end
|
||
1241 | // ///////////////////////////////////////////////////////////////////////////////
|
||
1242 | |||
1243 | private Date StringToDate(String dateString) { |
||
1244 | |||
1245 | String DATE_FORMAT = "yyyyMMddHHmmss"; |
||
1246 | SimpleDateFormat format = new SimpleDateFormat(DATE_FORMAT); |
||
1247 | Date parsedDate = new Date(); |
||
1248 | try {
|
||
1249 | parsedDate = format.parse(dateString); |
||
1250 | 17:4173ef25ee8d | hadi | |
1251 | 0:02300db8682b | hadi | } catch (ParseException pe) { |
1252 | logger.info("ERROR: Cannot parse date in String " + dateString);
|
||
1253 | } |
||
1254 | |||
1255 | logger.info("Date=" + parsedDate.toString());
|
||
1256 | |||
1257 | return parsedDate;
|
||
1258 | } |
||
1259 | }// end class |