m2u-upass-core / src / my / com / upass / UPassControllerV2.java @ 17:4173ef25ee8d
History | View | Annotate | Download (47.6 KB)
1 | 0:02300db8682b | hadi | /**
|
---|---|---|---|
2 | * Copyright (M) 2010 Penril Datability (M) Sdn Bhd All rights reserved.
|
||
3 | *
|
||
4 | * This software is copyrighted. Under the copyright laws, this software
|
||
5 | * may not be copied, in whole or in part, without prior written consent
|
||
6 | * of Penril Datability (M) Sdn Bhd or its assignees. This software is
|
||
7 | * provided under the terms of a license between Penril Datability (M)
|
||
8 | * Sdn Bhd and the recipient, and its use is subject to the terms of that
|
||
9 | * license.
|
||
10 | */
|
||
11 | package my.com.upass; |
||
12 | |||
13 | import java.text.ParseException; |
||
14 | import java.text.SimpleDateFormat; |
||
15 | import java.util.Date; |
||
16 | import java.util.HashMap; |
||
17 | import java.util.Iterator; |
||
18 | import java.util.List; |
||
19 | import java.util.Map; |
||
20 | import java.util.Set; |
||
21 | |||
22 | import my.com.upass.dao.ConfigurationDAO; |
||
23 | import my.com.upass.dao.DAOFactoryProvider; |
||
24 | import my.com.upass.factory.UPassFactory; |
||
25 | import my.com.upass.pojo.ConfigurationBean; |
||
26 | import my.com.upass.services.ActivateUserService; |
||
27 | import my.com.upass.services.AssignTokenService; |
||
28 | import my.com.upass.services.ChangeStaticPasswordService; |
||
29 | import my.com.upass.services.CheckPasswordReusedService; |
||
30 | import my.com.upass.services.CreateUserService; |
||
31 | import my.com.upass.services.DeleteTokenService; |
||
32 | import my.com.upass.services.DisableTacService; |
||
33 | import my.com.upass.services.DisableTokenService; |
||
34 | import my.com.upass.services.GenerateSecurityCodeService; |
||
35 | import my.com.upass.services.GenerateTacService; |
||
36 | import my.com.upass.services.LoadTokenService; |
||
37 | import my.com.upass.services.LockUserService; |
||
38 | import my.com.upass.services.ModifyUserService; |
||
39 | import my.com.upass.services.QueryInfoService; |
||
40 | import my.com.upass.services.ResetTacService; |
||
41 | import my.com.upass.services.ResetTokenService; |
||
42 | import my.com.upass.services.SynchronizeTokenService; |
||
43 | import my.com.upass.services.VerifyPasswordComplexityService; |
||
44 | import my.com.upass.services.VerifySecurityCodeService; |
||
45 | import my.com.upass.services.VerifyStaticPasswordService; |
||
46 | import my.com.upass.services.VerifyTacService; |
||
47 | import my.com.upass.services.VerifyTokenService; |
||
48 | import my.com.upass.services.DeleteUserService; |
||
49 | |||
50 | import org.apache.log4j.Logger; |
||
51 | |||
52 | /**
|
||
53 | * PROGRAMMER: Danniell
|
||
54 | * CHANGE-NO:
|
||
55 | * TASK-NO:
|
||
56 | * DATE CREATED: Oct 8, 2011
|
||
57 | * TAG AS:
|
||
58 | * REASON(S):
|
||
59 | * MODIFICATION:
|
||
60 | */
|
||
61 | |||
62 | /**
|
||
63 | * Data Access Object version of UPASS Controller
|
||
64 | */
|
||
65 | /**
|
||
66 | * @author Enson
|
||
67 | *
|
||
68 | */
|
||
69 | public class UPassControllerV2 |
||
70 | { |
||
71 | private static Logger logger = Logger.getLogger(UPassControllerV2.class); |
||
72 | private static Map<Integer, ConfigBean> configurationMap = new HashMap<Integer, ConfigBean>(); |
||
73 | |||
74 | private VerifyStaticPasswordService verifyStaticPasswordService = new VerifyStaticPasswordService(this); |
||
75 | private ChangeStaticPasswordService changeStaticPasswordService = new ChangeStaticPasswordService(this); |
||
76 | private CheckPasswordReusedService checkPasswordReusedService = new CheckPasswordReusedService(this); |
||
77 | private GenerateTacService generateTacService = new GenerateTacService(this); |
||
78 | private VerifyTacService verifyTacService = new VerifyTacService(this); |
||
79 | private ResetTacService resetTacService = new ResetTacService(this); |
||
80 | private GenerateSecurityCodeService generateSecurityCodeService = new GenerateSecurityCodeService(this); |
||
81 | private VerifySecurityCodeService verifySecurityCodeService = new VerifySecurityCodeService(this); |
||
82 | private DisableTacService disableTacService = new DisableTacService(this); |
||
83 | private CreateUserService createUserService = new CreateUserService(this); |
||
84 | private ModifyUserService modifyUserService = new ModifyUserService(this); |
||
85 | private ActivateUserService activateUserService = new ActivateUserService(); |
||
86 | private QueryInfoService queryInfoService = new QueryInfoService(); |
||
87 | private LockUserService lockUserService = new LockUserService(); |
||
88 | private VerifyTokenService verifyTokenService = new VerifyTokenService(); |
||
89 | private LoadTokenService loadTokenService = new LoadTokenService(); |
||
90 | private ResetTokenService resetTokenService = new ResetTokenService(); |
||
91 | private DeleteTokenService deleteTokenService = new DeleteTokenService(); |
||
92 | private AssignTokenService assignTokenService = new AssignTokenService(); |
||
93 | private DisableTokenService disableTokenService = new DisableTokenService(); |
||
94 | private SynchronizeTokenService synchronizeTokenService = new SynchronizeTokenService(); |
||
95 | private VerifyPasswordComplexityService verifyPasswordComplexityService = new VerifyPasswordComplexityService(this); |
||
96 | |||
97 | private DeleteUserService DeleteUserService = new DeleteUserService(this); |
||
98 | |||
99 | private static boolean configFirstLoad = true; |
||
100 | |||
101 | public UPassControllerV2()
|
||
102 | { |
||
103 | initializeConfigurations(); |
||
104 | } |
||
105 | |||
106 | private void initializeConfigurations() |
||
107 | { |
||
108 | try
|
||
109 | { |
||
110 | ConfigurationDAO configurationDAO = DAOFactoryProvider.getDAOFactory().getConfigurationDAO(); |
||
111 | boolean isConfigChange = configurationDAO.isConfigChanged();
|
||
112 | |||
113 | if (configFirstLoad || isConfigChange)
|
||
114 | { |
||
115 | logger.info("Refresh Configuration ....");
|
||
116 | |||
117 | List<ConfigurationBean> configurations = configurationDAO.getConfigurationsFromStore();
|
||
118 | ConfigurationBean configPojo; |
||
119 | ConfigBean configBean = null;
|
||
120 | |||
121 | int configType;
|
||
122 | Iterator<ConfigurationBean> itr = configurations.iterator();
|
||
123 | while (itr.hasNext())
|
||
124 | { |
||
125 | configPojo = itr.next(); |
||
126 | configType = configPojo.getApplicationId(); |
||
127 | |||
128 | configBean = configurationMap.get(configType); |
||
129 | if (configBean == null) |
||
130 | { |
||
131 | configBean = new ConfigBean();
|
||
132 | } |
||
133 | |||
134 | logger.info("COnfig Type:" + configType + "=config name:" + configPojo.getConfigName() |
||
135 | + "=config Value:" + configPojo.getConfigValue());
|
||
136 | configBean.setConfigBean(configPojo.getConfigName(), configPojo.getConfigValue()); |
||
137 | |||
138 | configurationMap.put(configType, configBean); |
||
139 | |||
140 | configFirstLoad = false; // this value dictate for every instance restart to refresh the map. After |
||
141 | // first load, turn it off
|
||
142 | } |
||
143 | logger.info("Refresh Configuration Done ....");
|
||
144 | } |
||
145 | } catch (Exception e) |
||
146 | { |
||
147 | logger.error(e); |
||
148 | } |
||
149 | } |
||
150 | |||
151 | /**
|
||
152 | * @return the configurationsMap
|
||
153 | */
|
||
154 | public Map<Integer, ConfigBean> getConfigurationsMap() |
||
155 | { |
||
156 | return configurationMap;
|
||
157 | } |
||
158 | |||
159 | /**
|
||
160 | * @return the configurationsMap
|
||
161 | */
|
||
162 | public ConfigBean setConfigurationBean(Map<String, String> paramMap) |
||
163 | { |
||
164 | ConfigBean configBean = new ConfigBean();
|
||
165 | @SuppressWarnings("rawtypes") |
||
166 | Set keys = paramMap.keySet();
|
||
167 | for (@SuppressWarnings("rawtypes") |
||
168 | Iterator i = keys.iterator(); i.hasNext();) {
|
||
169 | String configName = (String) i.next(); |
||
170 | String configValue = (String) paramMap.get(configName); |
||
171 | configBean.setConfigBean(configName, configValue); |
||
172 | } |
||
173 | |||
174 | return configBean;
|
||
175 | } |
||
176 | |||
177 | // ////////////////////////////////////////////////////////////////////////////////////////
|
||
178 | // Static Password Methods
|
||
179 | // /////////////////////////////////////////////////////////////////////////////////////////
|
||
180 | /**
|
||
181 | * This method verify static password generated using SP_ChangeStaticPassword()
|
||
182 | * and also check for user dormant status
|
||
183 | *
|
||
184 | * @param userAlias
|
||
185 | * @param password
|
||
186 | * @return ERR_code defined in the Constants.<br/>
|
||
187 | * ERR_SUCCESS<br/>
|
||
188 | * ERR_SYSTEM_NOT_READY<br/>
|
||
189 | * ERR_USERALIAS_NOT_FOUND <br/>
|
||
190 | * ERR_INVALID_STATE - user not active or temporary suspended.<br/>
|
||
191 | * ERR_APP_SERV_NOT_PERMITTED - for operation not allowed for the user type.<br/>
|
||
192 | * ERR_EXCEED_MAX_TRIES - used ModifyUser to reset password.<br/>
|
||
193 | * ERR_INVALID_CREDENTIAL<br/>
|
||
194 | * ERR_PASSWD_EXPIRED - password is valid but expired, suggest to change new password.<br/>
|
||
195 | */
|
||
196 | public int SP_Login(String userAlias, String password) |
||
197 | { |
||
198 | int rc = verifyStaticPasswordService.login(userAlias, password, false, 0); |
||
199 | logger.info("SP_Login - user alias: [" + userAlias + "] Return: " + rc); |
||
200 | return rc;
|
||
201 | } |
||
202 | |||
203 | /**
|
||
204 | * This method verify static password generated using SP_ChangeStaticPassword().
|
||
205 | *
|
||
206 | * @param userAlias
|
||
207 | * @param password
|
||
208 | * @return ERR_code defined in the Constants.<br/>
|
||
209 | * ERR_SUCCESS<br/>
|
||
210 | * ERR_SYSTEM_NOT_READY<br/>
|
||
211 | * ERR_USERALIAS_NOT_FOUND <br/>
|
||
212 | * ERR_INVALID_STATE - user not active or temporary suspended.<br/>
|
||
213 | * ERR_APP_SERV_NOT_PERMITTED - for operation not allowed for the user type.<br/>
|
||
214 | * ERR_EXCEED_MAX_TRIES - used ModifyUser to reset password.<br/>
|
||
215 | * ERR_INVALID_CREDENTIAL<br/>
|
||
216 | * ERR_PASSWD_EXPIRED - password is valid but expired, suggest to change new password.<br/>
|
||
217 | */
|
||
218 | public int SP_VerifyStaticPassword(String userAlias, String password) |
||
219 | { |
||
220 | int rc = verifyStaticPasswordService.verifyStaticPassword(userAlias, password, false, 0); |
||
221 | logger.info("SP_VerifyStaticPassword - user alias: [" + userAlias + "] Return: " + rc); |
||
222 | return rc;
|
||
223 | } |
||
224 | |||
225 | /**
|
||
226 | * This method generate static password and to be using SP_VerifyStaticPassword()
|
||
227 | *
|
||
228 | * @param userAlias
|
||
229 | * @param newPassword
|
||
230 | * @param oldPassword
|
||
231 | * @return ERR_code defined in the Constants<br/>
|
||
232 | * ERR_SUCCESS<br/>
|
||
233 | * ERR_SYSTEM_NOT_READY<br/>
|
||
234 | * ERR_USERALIAS_NOT_FOUND<br/>
|
||
235 | * ERR_INVALID_STATE - user not active or temporary suspended.<br/>
|
||
236 | * ERR_APP_SERV_NOT_PERMITTED - for operation not allowed for the user type.<br/>
|
||
237 | * ERR_EXCEED_MAX_TRIES - used ModifyUser to reset password.<br/>
|
||
238 | * ERR_INVALID_CREDENTIAL<br/>
|
||
239 | * ERR_REUSED_PASSWD - reuse previous generated password.<br/>
|
||
240 | */
|
||
241 | public int SP_ChangeStaticPassword(String userAlias, String newPassword, String oldPassword) |
||
242 | { |
||
243 | int rc = changeStaticPasswordService.changeStaticPassword(userAlias, newPassword, oldPassword, true); |
||
244 | logger.info("SP_ChangeStaticPassword - user alias: [" + userAlias + "] Return: " + rc); |
||
245 | return rc;
|
||
246 | } |
||
247 | |||
248 | public int SP_ForceChangeStaticPassword(String userAlias, String newPassword, String oldPassword) |
||
249 | { |
||
250 | int rc = changeStaticPasswordService.changeStaticPassword(userAlias, newPassword, oldPassword, false); |
||
251 | logger.info("SP_ChangeStaticPassword - user alias: [" + userAlias + "] Return: " + rc); |
||
252 | return rc;
|
||
253 | } |
||
254 | |||
255 | public int UA_CheckPasswordReused(String userAlias, String password) |
||
256 | { |
||
257 | int rc = checkPasswordReusedService.CheckPasswordReused(userAlias, password);
|
||
258 | logger.info("UA_CheckPasswordReused - user alias: [" + userAlias + "] Return: " + rc); |
||
259 | return rc;
|
||
260 | } |
||
261 | |||
262 | // /////////////////////////////////////////////////////////////////////////////////////////
|
||
263 | // TAC Methods ...
|
||
264 | // /////////////////////////////////////////////////////////////////////////////////////////
|
||
265 | |||
266 | /**
|
||
267 | * This method to Generate 6-digit TAC.
|
||
268 | *
|
||
269 | * @param userAlias
|
||
270 | * @param appId
|
||
271 | * TODO
|
||
272 | * @return 6-digit TAC or Error code with prefix *** <br/>
|
||
273 | * ***98 ERR_SYSTEM_NOT_READY<br/>
|
||
274 | * ***6 ERR_USERALIAS_NOT_FOUND<br/>
|
||
275 | * ***12 ERR_TAC_ALREADY_EXIST - Repeated request within allowed period<br/>
|
||
276 | */
|
||
277 | public String GenerateTAC(String userAlias, int appId) { |
||
278 | |||
279 | String tac = generateTacService.generateTAC(userAlias, null, null, appId); |
||
280 | logger.info(userAlias + " Return=" + tac.substring(2)); |
||
281 | return tac;
|
||
282 | } |
||
283 | |||
284 | /**
|
||
285 | * This method to Generate 6-digit TAC with SessionID verification.
|
||
286 | *
|
||
287 | * @param userAlias
|
||
288 | * @param sessionID
|
||
289 | * 16-Characters SessionID
|
||
290 | * @param appId
|
||
291 | * TODO
|
||
292 | * @return 6-digit TAC or Error code with prefix *** <br/>
|
||
293 | * ***98 ERR_SYSTEM_NOT_READY<br/>
|
||
294 | * ***6 ERR_USERALIAS_NOT_FOUND<br/>
|
||
295 | * ***12 ERR_TAC_ALREADY_EXIST - Repeated request within allowed period<br/>
|
||
296 | */
|
||
297 | public String GenerateTAC(String userAlias, String sessionID, int appId) { |
||
298 | |||
299 | String tac = generateTacService.generateTAC(userAlias, sessionID, null, appId); |
||
300 | logger.info(userAlias + " SessionID=" + sessionID + " Return=" + tac.substring(2)); |
||
301 | return tac;
|
||
302 | } |
||
303 | |||
304 | /**
|
||
305 | * This method to Generate 6-digit TAC with SessionID verification.
|
||
306 | *
|
||
307 | * @param userAlias
|
||
308 | * @param sessionID
|
||
309 | * 16-Characters SessionID
|
||
310 | * @param nonce
|
||
311 | * Additional nonce value
|
||
312 | * @param appId
|
||
313 | * TODO
|
||
314 | * @return 6-digit TAC or Error code with prefix *** <br/>
|
||
315 | * ***98 ERR_SYSTEM_NOT_READY<br/>
|
||
316 | * ***6 ERR_USERALIAS_NOT_FOUND<br/>
|
||
317 | * ***12 ERR_TAC_ALREADY_EXIST - Repeated request within allowed period<br/>
|
||
318 | */
|
||
319 | public String GenerateTAC(String userAlias, String sessionID, String nonce, int appId) { |
||
320 | |||
321 | String tac = generateTacService.generateTAC(userAlias, sessionID, nonce, appId);
|
||
322 | logger.info(userAlias + " SessionID=" + sessionID + " Return=" + tac.substring(2)); |
||
323 | return tac;
|
||
324 | } |
||
325 | |||
326 | /**
|
||
327 | * This method to verify 6-digit TAC generated by GenerateTAC()
|
||
328 | *
|
||
329 | * @param userAlias
|
||
330 | * @param inTac
|
||
331 | * User inputs TAC
|
||
332 | * @param appId
|
||
333 | * TODO
|
||
334 | * @return ERR_code defined in the Constants<br/>
|
||
335 | * ERR_SUCCESS<br/>
|
||
336 | * ERR_SYSTEM_NOT_READY<br/>
|
||
337 | * ERR_USERALIAS_NOT_FOUND<br/>
|
||
338 | * ERR_INVALID_STATE - Verify method call before generation; TAC disabled.<br/>
|
||
339 | * ERR_EXCEED_MAX_TRIES<br/>
|
||
340 | * ERR_INVALID_CREDENTIAL<br/>
|
||
341 | * ERR_PASSWD_EXPIRED - TAC expired.<br/>
|
||
342 | */
|
||
343 | public int VerifyTAC(String userAlias, String inTac, int appId) { |
||
344 | |||
345 | int rc = verifyTacService.verifyTAC(userAlias, inTac, null, appId); |
||
346 | logger.info("VerifyTAC - user alias: [" + userAlias + "] Return: " + rc); |
||
347 | return rc;
|
||
348 | } |
||
349 | |||
350 | /**
|
||
351 | * This method to verify 6-digit TAC generated by GenerateTAC() with SessionID verification
|
||
352 | *
|
||
353 | * @param userAlias
|
||
354 | * @param inTac
|
||
355 | * User inputs TAC
|
||
356 | * @param sessionID
|
||
357 | * 16-Characters SessionID
|
||
358 | * @param appId
|
||
359 | * TODO
|
||
360 | * @return ERR_code defined in the Constants<br/>
|
||
361 | * ERR_SUCCESS<br/>
|
||
362 | * ERR_SYSTEM_NOT_READY<br/>
|
||
363 | * ERR_USERALIAS_NOT_FOUND<br/>
|
||
364 | * ERR_INVALID_STATE - Verify method call before generation; TAC disabled.<br/>
|
||
365 | * ERR_EXCEED_MAX_TRIES<br/>
|
||
366 | * ERR_INVALID_CREDENTIAL<br/>
|
||
367 | * ERR_PASSWD_EXPIRED - TAC expired.<br/>
|
||
368 | * ERR_INVALID_SESSION<br/>
|
||
369 | */
|
||
370 | public int VerifyTAC(String userAlias, String inTac, String sessionID, int appId) { |
||
371 | |||
372 | return VerifyTAC(userAlias, inTac, sessionID, null, appId); |
||
373 | } |
||
374 | |||
375 | /**
|
||
376 | * This method to verify 6-digit TAC generated by GenerateTAC() with SessionID verification
|
||
377 | *
|
||
378 | * @param userAlias
|
||
379 | * @param inTac
|
||
380 | * User inputs TAC
|
||
381 | * @param sessionID
|
||
382 | * 16-Characters SessionID
|
||
383 | * @param nonce
|
||
384 | * Additional nonce value
|
||
385 | * @param appId
|
||
386 | * TODO
|
||
387 | * @return ERR_code defined in the Constants<br/>
|
||
388 | * ERR_SUCCESS<br/>
|
||
389 | * ERR_SYSTEM_NOT_READY<br/>
|
||
390 | * ERR_USERALIAS_NOT_FOUND<br/>
|
||
391 | * ERR_INVALID_STATE - Verify method call before generation; TAC disabled.<br/>
|
||
392 | * ERR_EXCEED_MAX_TRIES<br/>
|
||
393 | * ERR_INVALID_CREDENTIAL<br/>
|
||
394 | * ERR_PASSWD_EXPIRED - TAC expired.<br/>
|
||
395 | * ERR_INVALID_SESSION<br/>
|
||
396 | */
|
||
397 | public int VerifyTAC(String userAlias, String inTac, String sessionID, String nonce, int appId) { |
||
398 | |||
399 | int rc = verifyTacService.verifyTAC(userAlias, inTac, sessionID, nonce, appId);
|
||
400 | logger.info("VerifyTAC - user alias: [" + userAlias + "] SessID: [" + sessionID + "] Return: " + rc); |
||
401 | return rc;
|
||
402 | } |
||
403 | |||
404 | /**
|
||
405 | * This method is to reset Error Count to Zero and set state to PASSWD_STATUS_ENABLE
|
||
406 | *
|
||
407 | * @param adminUserAlias
|
||
408 | * @param adminUserPassword
|
||
409 | * @param userAlias
|
||
410 | * @return ERR_code defined in the Constants<br/>
|
||
411 | * ERR_SUCCESS<br/>
|
||
412 | * ERR_SYSTEM_NOT_READY<br/>
|
||
413 | * ERR_USERALIAS_NOT_FOUND <br/>
|
||
414 | * ERR_INVALID_STATE - admin not active or temporary suspended.<br/>
|
||
415 | * ERR_APP_SERV_NOT_PERMITTED - for operation not allowed for the user type.<br/>
|
||
416 | * ERR_EXCEED_MAX_TRIES<br/>
|
||
417 | * ERR_INVALID_CREDENTIAL<br/>
|
||
418 | * ERR_UNKNOWN<br/>
|
||
419 | */
|
||
420 | public int ResetTAC(String adminUserAlias, String adminUserPassword, String userAlias) { |
||
421 | |||
422 | int rc = verifyStaticPasswordService.verifyStaticPassword(
|
||
423 | adminUserAlias, adminUserPassword, true, Constants.UTYPE_STATE_ADMIN);
|
||
424 | |||
425 | if (rc != Constants.ERR_SUCCESS) {
|
||
426 | return rc;
|
||
427 | } |
||
428 | rc = resetTacService.resetTAC(userAlias); |
||
429 | logger.info("ResetTAC - user alias: [" + userAlias + "] Return: " + rc); |
||
430 | return rc;
|
||
431 | } |
||
432 | |||
433 | /**
|
||
434 | * This method is to set state to PASSWD_STATUS_DISABLE
|
||
435 | *
|
||
436 | * @param adminUserAlias
|
||
437 | * @param adminUserPassword
|
||
438 | * @param userAlias
|
||
439 | * @return ERR_code defined in the Constants<br/>
|
||
440 | * ERR_SUCCESS<br/>
|
||
441 | * ERR_SYSTEM_NOT_READY<br/>
|
||
442 | * ERR_USERALIAS_NOT_FOUND <br/>
|
||
443 | * ERR_INVALID_STATE - admin not active or temporary suspended.<br/>
|
||
444 | * ERR_APP_SERV_NOT_PERMITTED - for operation not allowed for the user type.<br/>
|
||
445 | * ERR_EXCEED_MAX_TRIES<br/>
|
||
446 | * ERR_INVALID_CREDENTIAL<br/>
|
||
447 | * ERR_UNKNOWN<br/>
|
||
448 | */
|
||
449 | public int DisableTAC(String adminUserAlias, String adminUserPassword, String userAlias) { |
||
450 | |||
451 | int rc = verifyStaticPasswordService.verifyStaticPassword(
|
||
452 | adminUserAlias, adminUserPassword, true, Constants.UTYPE_STATE_ADMIN);
|
||
453 | |||
454 | if (rc != Constants.ERR_SUCCESS) {
|
||
455 | return rc;
|
||
456 | } |
||
457 | rc = disableTacService.disableTAC(userAlias); |
||
458 | logger.info("DisableTAC - user alias: [" + userAlias + "] Return: " + rc); |
||
459 | return rc;
|
||
460 | } |
||
461 | |||
462 | // /////////////////////////////////////////////////////////////////////////////////////////
|
||
463 | // User Administration methods.
|
||
464 | // /////////////////////////////////////////////////////////////////////////////////////////
|
||
465 | |||
466 | /**
|
||
467 | * This method to add online users to the system
|
||
468 | *
|
||
469 | * @param adminUserAlias
|
||
470 | * @param adminUserPassword
|
||
471 | * @param userAlias
|
||
472 | * @param userDesc
|
||
473 | * @param userPassword
|
||
474 | * @param appId
|
||
475 | * @return ERR_code defined in the Constants<br/>
|
||
476 | * ERR_SUCCESS<br/>
|
||
477 | * ERR_SYSTEM_NOT_READY<br/>
|
||
478 | * ERR_USERALIAS_NOT_FOUND <br/>
|
||
479 | * ERR_INVALID_STATE - admin not active or temporary suspended.<br/>
|
||
480 | * ERR_APP_SERV_NOT_PERMITTED - for operation not allowed for the user type.<br/>
|
||
481 | * ERR_EXCEED_MAX_TRIES<br/>
|
||
482 | * ERR_INVALID_CREDENTIAL<br/>
|
||
483 | * ERR_INVALID_INPUT - internal error.<br/>
|
||
484 | * ERR_ALREADY_EXIST<br/>
|
||
485 | * ERR_INVALID_USERALIAS - User alias does not match with defined pattern <br/>
|
||
486 | * ERR_PASSWORD_SAMEAS_USERALIAS - password is same is user name error <br/>
|
||
487 | */
|
||
488 | |||
489 | public int UA_AddUser( |
||
490 | String adminUserAlias, String adminUserPassword, |
||
491 | String userAlias, String userDesc, String userPassword, int appId) { |
||
492 | |||
493 | // check if password is similar to user alias
|
||
494 | if (userAlias.equalsIgnoreCase(userPassword)) {
|
||
495 | return Constants.ERR_PASSWORD_SAMEAS_USERALIAS;
|
||
496 | } |
||
497 | int rc = verifyStaticPasswordService.verifyStaticPassword(
|
||
498 | adminUserAlias, adminUserPassword, true, Constants.UTYPE_STATE_ADMIN);
|
||
499 | |||
500 | if (rc != Constants.ERR_SUCCESS) {
|
||
501 | return rc;
|
||
502 | } |
||
503 | rc = createUserService.addUser(userAlias, Constants.UTYPE_STATE_USER, |
||
504 | userDesc, userPassword, Constants.UID_STATE_ACTIVE, appId); |
||
505 | |||
506 | logger.info("UA_AddUser - user alias: [" + userAlias + "] Return: " + rc); |
||
507 | return rc;
|
||
508 | } |
||
509 | |||
510 | /**
|
||
511 | * This method to Modify online users to the system
|
||
512 | *
|
||
513 | * @param adminUserAlias
|
||
514 | * @param adminUserPassword
|
||
515 | * @param userAlias
|
||
516 | * @param userDesc
|
||
517 | * - can be null - Null denotes no description will be modified.
|
||
518 | * @param userPassword
|
||
519 | * - can be null - Null denotes no password will be modified.
|
||
520 | * @return ERR_code defined in the Constants<br/>
|
||
521 | * ERR_SUCCESS<br/>
|
||
522 | * ERR_SYSTEM_NOT_READY<br/>
|
||
523 | * ERR_USERALIAS_NOT_FOUND <br/>
|
||
524 | * ERR_INVALID_STATE - admin not active or temporary suspended.<br/>
|
||
525 | * ERR_APP_SERV_NOT_PERMITTED - for operation not allowed for the user type.<br/>
|
||
526 | * ERR_EXCEED_MAX_TRIES<br/>
|
||
527 | * ERR_INVALID_CREDENTIAL<br/>
|
||
528 | * ERR_INVALID_INPUT - internal error.<br/>
|
||
529 | * ERR_USERALIAS_NOT_FOUND<br/>
|
||
530 | * ERR_INVALID_USERALIAS - User alias does not match with defined pattern <br/>
|
||
531 | * ERR_REUSED_PASSWD - the password entered was used previously.<br/>
|
||
532 | */
|
||
533 | public int UA_ModifyUser(String adminUserAlias, String adminUserPassword, |
||
534 | String userAlias, String userDesc, String userPassword) |
||
535 | { |
||
536 | // check if password is similar to user alias
|
||
537 | if (userAlias.equalsIgnoreCase(userPassword)) {
|
||
538 | return Constants.ERR_PASSWORD_SAMEAS_USERALIAS;
|
||
539 | } |
||
540 | |||
541 | int rc = verifyStaticPasswordService.verifyStaticPassword(
|
||
542 | adminUserAlias, adminUserPassword, true,
|
||
543 | Constants.UTYPE_STATE_ADMIN); |
||
544 | |||
545 | if (rc != Constants.ERR_SUCCESS)
|
||
546 | { |
||
547 | return rc;
|
||
548 | } |
||
549 | |||
550 | rc = modifyUserService.modifyUser(userAlias, |
||
551 | Constants.UTYPE_STATE_USER, userDesc, userPassword, |
||
552 | Constants.UID_STATE_ACTIVE); |
||
553 | |||
554 | logger.info("UA_ModifyUser - user alias: [" + userAlias + "] Return: " |
||
555 | + rc); |
||
556 | |||
557 | return rc;
|
||
558 | } |
||
559 | |||
560 | /**
|
||
561 | * This method to add admin users to the system
|
||
562 | *
|
||
563 | * @param rootAlias
|
||
564 | * @param rootPassword
|
||
565 | * @param adminUserAlias
|
||
566 | * @param adminDesc
|
||
567 | * @param adminUserPassword
|
||
568 | * @return ERR_code defined in the Constants<br/>
|
||
569 | * ERR_SUCCESS<br/>
|
||
570 | * ERR_SYSTEM_NOT_READY<br/>
|
||
571 | * ERR_USERALIAS_NOT_FOUND <br/>
|
||
572 | * ERR_INVALID_STATE - root not active or temporary suspended.<br/>
|
||
573 | * ERR_APP_SERV_NOT_PERMITTED - for operation not allowed for the user type.<br/>
|
||
574 | * ERR_EXCEED_MAX_TRIES<br/>
|
||
575 | * ERR_INVALID_CREDENTIAL<br/>
|
||
576 | * ERR_INVALID_INPUT - internal error.<br/>
|
||
577 | * ERR_ALREADY_EXIST<br/>
|
||
578 | * ERR_INVALID_USERALIAS - User alias does not match with defined pattern <br/>
|
||
579 | * ERR_PASSWORD_SAMEAS_USERALIAS - password is same is user name error <br/>
|
||
580 | */
|
||
581 | public int AD_AddUser(String rootAlias, String rootPassword, |
||
582 | String adminUserAlias, String adminDesc, String adminUserPassword) |
||
583 | { |
||
584 | // check if password is similar to user alias
|
||
585 | if (rootAlias.equalsIgnoreCase(rootPassword)) {
|
||
586 | return Constants.ERR_PASSWORD_SAMEAS_USERALIAS;
|
||
587 | } |
||
588 | |||
589 | int rc = verifyStaticPasswordService.verifyStaticPassword(
|
||
590 | rootAlias, rootPassword, true, Constants.UTYPE_STATE_ROOT);
|
||
591 | |||
592 | if (rc != Constants.ERR_SUCCESS)
|
||
593 | { |
||
594 | return rc;
|
||
595 | } |
||
596 | |||
597 | rc = createUserService.addUser(adminUserAlias, |
||
598 | Constants.UTYPE_STATE_ADMIN, adminDesc, adminUserPassword, |
||
599 | Constants.UID_STATE_ACTIVE, Constants.SYSTEM_ID); |
||
600 | |||
601 | logger.info("AD_AddUser - admin user alias: [" + adminUserAlias
|
||
602 | + "] Return: " + rc);
|
||
603 | |||
604 | return rc;
|
||
605 | } |
||
606 | |||
607 | /**
|
||
608 | * This method to modify admin users to the system
|
||
609 | *
|
||
610 | * @param rootAlias
|
||
611 | * @param rootPassword
|
||
612 | * @param adminUserAlias
|
||
613 | * @param adminDesc
|
||
614 | * - can be null - Null denotes no description will be modified.
|
||
615 | * @param adminUserPassword
|
||
616 | * - can be null - Null denotes no password will be modified.
|
||
617 | * @return ERR_code defined in the Constants.<br/>
|
||
618 | * ERR_SUCCESS<br/>
|
||
619 | * ERR_SYSTEM_NOT_READY<br/>
|
||
620 | * ERR_USERALIAS_NOT_FOUND <br/>
|
||
621 | * ERR_INVALID_STATE - root not active or temporary suspended.<br/>
|
||
622 | * ERR_APP_SERV_NOT_PERMITTED - for operation not allowed for the user type.<br/>
|
||
623 | * ERR_EXCEED_MAX_TRIES<br/>
|
||
624 | * ERR_INVALID_CREDENTIAL<br/>
|
||
625 | * ERR_INVALID_INPUT - internal error.<br/>
|
||
626 | * ERR_USERALIAS_NOT_FOUND<br/>
|
||
627 | * ERR_REUSED_PASSWD - the password entered was used previously.<br/>
|
||
628 | * ERR_PASSWD_WEAK - the password entered is too weak.<br/>
|
||
629 | * ERR_INVALID_USERALIAS - User alias does not match with defined pattern <br/>
|
||
630 | * ERR_PASSWORD_SAMEAS_USERALIAS - password is same is user name error <br/>
|
||
631 | */
|
||
632 | public int AD_ModifyUser(String rootAlias, String rootPassword, |
||
633 | String adminUserAlias, String adminDesc, String adminUserPassword) |
||
634 | { |
||
635 | // check if password is similar to user alias
|
||
636 | if (rootAlias.equalsIgnoreCase(rootPassword)) {
|
||
637 | return Constants.ERR_PASSWORD_SAMEAS_USERALIAS;
|
||
638 | } |
||
639 | |||
640 | int rc = verifyStaticPasswordService.verifyStaticPassword(
|
||
641 | rootAlias, rootPassword, true, Constants.UTYPE_STATE_ROOT);
|
||
642 | |||
643 | if (rc != Constants.ERR_SUCCESS)
|
||
644 | { |
||
645 | return rc;
|
||
646 | } |
||
647 | |||
648 | rc = modifyUserService.modifyUser(adminUserAlias, |
||
649 | Constants.UTYPE_STATE_ADMIN, adminDesc, adminUserPassword, |
||
650 | Constants.UID_STATE_ACTIVE); |
||
651 | |||
652 | logger.info("AD_ModifyUser - admin user alias: [" + adminUserAlias
|
||
653 | + "] Return: " + rc);
|
||
654 | |||
655 | return rc;
|
||
656 | } |
||
657 | |||
658 | /**
|
||
659 | * This method to change online users state to ACTIVE status.
|
||
660 | *
|
||
661 | * @param adminUserAlias
|
||
662 | * @param adminUserPassword
|
||
663 | * @param userAlias
|
||
664 | * @return ERR_code defined in the Constants.<br/>
|
||
665 | * ERR_SUCCESS<br/>
|
||
666 | * ERR_SYSTEM_NOT_READY<br/>
|
||
667 | * ERR_USERALIAS_NOT_FOUND <br/>
|
||
668 | * ERR_INVALID_STATE - admin not active or temporary suspended.<br/>
|
||
669 | * ERR_APP_SERV_NOT_PERMITTED - for operation not allowed for the user type.<br/>
|
||
670 | * ERR_EXCEED_MAX_TRIES<br/>
|
||
671 | * ERR_INVALID_CREDENTIAL<br/>
|
||
672 | * ERR_USERALIAS_NOT_FOUND<br/>
|
||
673 | * ERR_UNKNOWN <br/>
|
||
674 | */
|
||
675 | public int UA_ActivateUser(String adminUserAlias, String adminUserPassword, String userAlias) |
||
676 | { |
||
677 | int rc = verifyStaticPasswordService.verifyStaticPassword(
|
||
678 | adminUserAlias, adminUserPassword, true,
|
||
679 | Constants.UTYPE_STATE_ADMIN); |
||
680 | |||
681 | if (rc != Constants.ERR_SUCCESS)
|
||
682 | { |
||
683 | return rc;
|
||
684 | } |
||
685 | |||
686 | rc = activateUserService.activateUser(userAlias); |
||
687 | |||
688 | logger.info("UA_ActivateUser - user alias: [" + userAlias
|
||
689 | + "] Return: " + rc);
|
||
690 | |||
691 | return rc;
|
||
692 | } |
||
693 | |||
694 | /**
|
||
695 | * This method to change admin users state to ACTIVE status.
|
||
696 | *
|
||
697 | * @param rootAlias
|
||
698 | * @param rootPassword
|
||
699 | * @param adminUserAlias
|
||
700 | * @return ERR_code defined in the Constants.<br/>
|
||
701 | * ERR_SUCCESS<br/>
|
||
702 | * ERR_SYSTEM_NOT_READY<br/>
|
||
703 | * ERR_USERALIAS_NOT_FOUND <br/>
|
||
704 | * ERR_INVALID_STATE - root not active or temporary suspended.<br/>
|
||
705 | * ERR_APP_SERV_NOT_PERMITTED - for operation not allowed for the user type.<br/>
|
||
706 | * ERR_EXCEED_MAX_TRIES<br/>
|
||
707 | * ERR_INVALID_CREDENTIAL<br/>
|
||
708 | * ERR_USERALIAS_NOT_FOUND<br/>
|
||
709 | * ERR_UNKNOWN<br/>
|
||
710 | */
|
||
711 | public int AD_ActivateUser(String rootAlias, String rootPassword, |
||
712 | String adminUserAlias)
|
||
713 | { |
||
714 | int rc = verifyStaticPasswordService.verifyStaticPassword(
|
||
715 | rootAlias, rootPassword, true, Constants.UTYPE_STATE_ROOT);
|
||
716 | |||
717 | if (rc != Constants.ERR_SUCCESS)
|
||
718 | { |
||
719 | return rc;
|
||
720 | } |
||
721 | |||
722 | rc = activateUserService.activateUser(adminUserAlias); |
||
723 | |||
724 | logger.info("AD_ActivateUser - admin user alias: [" + adminUserAlias
|
||
725 | + "] Return: " + rc);
|
||
726 | |||
727 | return rc;
|
||
728 | } |
||
729 | |||
730 | /**
|
||
731 | * This method is to check whether the user alias exist in the system.
|
||
732 | *
|
||
733 | * @param userAlias
|
||
734 | * @return ERR_code defined in the Constants.<br/>
|
||
735 | * ERR_SUCCESS 0 - found<br/>
|
||
736 | * ERR_USERALIAS_NOT_FOUND 6<br/>
|
||
737 | * ERR_SYSTEM_NOT_READY 98<br/>
|
||
738 | */
|
||
739 | public int UA_IsUserExist(String userAlias) |
||
740 | { |
||
741 | return queryInfoService.checkUserExistence(userAlias);
|
||
742 | } |
||
743 | |||
744 | /**
|
||
745 | * This method is to get user type. Valid return is [0-root user | 1-admin user | 2-Ordinary User]
|
||
746 | *
|
||
747 | * @param userAlias
|
||
748 | * @return <br/>
|
||
749 | * UTYPE_STATE_ROOT = 0<br/>
|
||
750 | * UTYPE_STATE_ADMIN = 1<br/>
|
||
751 | * UTYPE_STATE_USER = 2<br/>
|
||
752 | * ERR_USERALIAS_NOT_FOUND = 6<br/>
|
||
753 | * ERR_SYSTEM_NOT_READY = 98<br/>
|
||
754 | */
|
||
755 | |||
756 | public int UA_GetUserType(String userAlias) |
||
757 | { |
||
758 | return queryInfoService.getUserType(userAlias);
|
||
759 | } |
||
760 | |||
761 | /**
|
||
762 | * This method is to get attributes associated to user. Return type is HashMap<String,String>
|
||
763 | * The object keys is as below:<br/>
|
||
764 | * RC - Return Code [always present]<br/>
|
||
765 | * RT - Return Code in Text [always present]<br/>
|
||
766 | * <br/>
|
||
767 | * The following data present only with the return is ERR_SUCCESS<br/>
|
||
768 | * Type - User Type [0-Root User] [1-Admin User] [2-Ordinary User][9-SysControl]<br/>
|
||
769 | * State - User State [0-Active] [1-Temporary Locked] [2-Locked] [3-Inactive] [4-Deleted]<br/>
|
||
770 | * Description - User Description<br/>
|
||
771 | * UseCount - Number of time the record being access<br/>
|
||
772 | * DateCreated - Created date<br/>
|
||
773 | * DateLastUsed - Last access of the record<br/>
|
||
774 | * DateLastActivated - Last activation of the record<br/>
|
||
775 | * DateLastLocked - Last date the user being locked<br/>
|
||
776 | * DateLockedFrom - last date the user being locked from<br/>
|
||
777 | * DateLockedTo - last date the user being locked to<br/>
|
||
778 | *
|
||
779 | * @param userAlias
|
||
780 | * @return HashMap
|
||
781 | */
|
||
782 | public HashMap<String, String> UA_GetUserData(String userAlias) |
||
783 | { |
||
784 | return queryInfoService.getUserData(userAlias);
|
||
785 | } |
||
786 | |||
787 | /**
|
||
788 | * This method is to get attributes associated to password. Return type is HashMap<String,String>
|
||
789 | * The object keys is as below:<br/>
|
||
790 | * RC - Return Code [always present]<br/>
|
||
791 | * RT - Return Code in Text [always present]<br/>
|
||
792 | * <br/>
|
||
793 | * The following data present only with the return is ERR_SUCCESS<br/>
|
||
794 | * State - Password State [0-Enable] [1-Disable] [2-OneTime Use]<br/>
|
||
795 | * ExpiryStatus - Expiry Status [0-Will Expired][1-Never Expired]
|
||
796 | * UseCount - Number of time the record being access<br/>
|
||
797 | * ErrorCount - Number of time the password verified error<br/>
|
||
798 | * DateCreated - Created date<br/>
|
||
799 | * DateFirstUsed - First access of the password<br/>
|
||
800 | * DateLastUsed - Last access of the password<br/>
|
||
801 | * DatePasswdExpired - Expiry date of the password<br/>
|
||
802 | *
|
||
803 | * @param userAlias
|
||
804 | * @return HashMap
|
||
805 | */
|
||
806 | public HashMap<String, String> QueryPassword(String userAlias) |
||
807 | { |
||
808 | return queryInfoService.queryPassword(userAlias);
|
||
809 | } |
||
810 | |||
811 | /**
|
||
812 | * This method is to get attributes associated to TAC. Return type is HashMap<String,String>
|
||
813 | * The object keys is as below:<br/>
|
||
814 | * RC - Return Code [always present]<br/>
|
||
815 | * RT - Return Code in Text [always present]<br/>
|
||
816 | * <br/>
|
||
817 | * The following data present only with the return is ERR_SUCCESS<br/>
|
||
818 | * State - User State [0-Enable] [1-Disable]<br/>
|
||
819 | * UseCount - Number of time the record being access<br/>
|
||
820 | * ErrorCount - Number of time the TAC verified error<br/>
|
||
821 | * DateCreated - TAC Created date<br/>
|
||
822 | * DateFirstUsed - First access of the TAC<br/>
|
||
823 | * DateLastUsed - Last access of the TAC<br/>
|
||
824 | *
|
||
825 | * @param userAlias
|
||
826 | * @param appId TODO
|
||
827 | * @return HashMap
|
||
828 | */
|
||
829 | public HashMap<String, String> QueryTAC(String userAlias, int appId) |
||
830 | { |
||
831 | return queryInfoService.queryTAC(userAlias, appId);
|
||
832 | } |
||
833 | |||
834 | /**
|
||
835 | * This method is to change online user state to LOCKED status.
|
||
836 | *
|
||
837 | * @param adminUserAlias
|
||
838 | * @param adminUserPassword
|
||
839 | * @param userAlias
|
||
840 | * @return ERR_code defined in the Constants.<br/>
|
||
841 | * ERR_SUCCESS<br/>
|
||
842 | * ERR_SYSTEM_NOT_READY<br/>
|
||
843 | * ERR_USERALIAS_NOT_FOUND <br/>
|
||
844 | * ERR_INVALID_STATE - admin not active or temporary suspended.<br/>
|
||
845 | * ERR_APP_SERV_NOT_PERMITTED - for operation not allowed for the user type.<br/>
|
||
846 | * ERR_EXCEED_MAX_TRIES<br/>
|
||
847 | * ERR_INVALID_CREDENTIAL<br/>
|
||
848 | * ERR_UNKNOWN<br/>
|
||
849 | */
|
||
850 | public int UA_LockUser(String adminUserAlias, String adminUserPassword, |
||
851 | String userAlias)
|
||
852 | { |
||
853 | int rc = verifyStaticPasswordService.verifyStaticPassword(
|
||
854 | adminUserAlias, adminUserPassword, true,
|
||
855 | Constants.UTYPE_STATE_ADMIN); |
||
856 | |||
857 | if (rc != Constants.ERR_SUCCESS)
|
||
858 | { |
||
859 | return rc;
|
||
860 | } |
||
861 | |||
862 | rc = lockUserService.lockUser(userAlias); |
||
863 | |||
864 | logger.info("UA_LockUser - user alias: [" + userAlias + "] Return:" |
||
865 | + rc); |
||
866 | |||
867 | return rc;
|
||
868 | } |
||
869 | |||
870 | /**
|
||
871 | * This method is to change admin user state to LOCKED status.
|
||
872 | *
|
||
873 | * @param rootAlias
|
||
874 | * @param rootPassword
|
||
875 | * @param adminUserAlias
|
||
876 | * @return ERR_code defined in the Constants.<br/>
|
||
877 | * ERR_SUCCESS<br/>
|
||
878 | * ERR_SYSTEM_NOT_READY<br/>
|
||
879 | * ERR_USERALIAS_NOT_FOUND <br/>
|
||
880 | * ERR_INVALID_STATE - root not active or temporary suspended.<br/>
|
||
881 | * ERR_APP_SERV_NOT_PERMITTED - for operation not allowed for the user type.<br/>
|
||
882 | * ERR_EXCEED_MAX_TRIES<br/>
|
||
883 | * ERR_INVALID_CREDENTIAL<br/>
|
||
884 | * ERR_UNKNOWN<br/>
|
||
885 | */
|
||
886 | public int AD_LockUser(String rootAlias, String rootPassword, |
||
887 | String adminUserAlias)
|
||
888 | { |
||
889 | int rc = verifyStaticPasswordService.verifyStaticPassword(
|
||
890 | rootAlias, rootPassword, true, Constants.UTYPE_STATE_ROOT);
|
||
891 | |||
892 | if (rc != Constants.ERR_SUCCESS)
|
||
893 | { |
||
894 | return rc;
|
||
895 | } |
||
896 | |||
897 | rc = lockUserService.lockUser(adminUserAlias); |
||
898 | |||
899 | logger.info("AD_LockUser - admin user alias: [" + adminUserAlias
|
||
900 | + "] Return: " + rc);
|
||
901 | |||
902 | return rc;
|
||
903 | } |
||
904 | |||
905 | /**
|
||
906 | * This method is to suspend online user from when for how many Minutes
|
||
907 | *
|
||
908 | * @param adminUserAlias
|
||
909 | * @param adminUserPassword
|
||
910 | * @param userAlias
|
||
911 | * @param fromDate
|
||
912 | * - from when
|
||
913 | * @param nMinutes
|
||
914 | * - Suspend for how many minutes
|
||
915 | * @return ERR_code defined in the Constants.<br/>
|
||
916 | * ERR_SUCCESS<br/>
|
||
917 | * ERR_SYSTEM_NOT_READY<br/>
|
||
918 | * ERR_USERALIAS_NOT_FOUND <br/>
|
||
919 | * ERR_INVALID_STATE - admin not active or temporary suspended.<br/>
|
||
920 | * ERR_APP_SERV_NOT_PERMITTED - for operation not allowed for the user type.<br/>
|
||
921 | * ERR_EXCEED_MAX_TRIES<br/>
|
||
922 | * ERR_INVALID_CREDENTIAL<br/>
|
||
923 | * ERR_UNKNOWN<br/>
|
||
924 | */
|
||
925 | public int UA_SuspendUser(String adminUserAlias, String adminUserPassword, |
||
926 | String userAlias, String strFromDate, int nMinutes) |
||
927 | { |
||
928 | Date fromDate = StringToDate(strFromDate);
|
||
929 | int rc = verifyStaticPasswordService.verifyStaticPassword(
|
||
930 | adminUserAlias, adminUserPassword, true,
|
||
931 | Constants.UTYPE_STATE_ADMIN); |
||
932 | |||
933 | if (rc != Constants.ERR_SUCCESS)
|
||
934 | { |
||
935 | return rc;
|
||
936 | } |
||
937 | |||
938 | rc = lockUserService.lockUser(userAlias, |
||
939 | Constants.UID_STATE_TMP_LOCKED, fromDate, nMinutes); |
||
940 | |||
941 | logger.info("UA_SuspendUser - admin user alias: [" + adminUserAlias
|
||
942 | + "] user alias: [" + userAlias + "] From: [" + fromDate |
||
943 | + " for " + nMinutes + "min] Return: " + rc); |
||
944 | |||
945 | return rc;
|
||
946 | } |
||
947 | |||
948 | /**
|
||
949 | * This method is to suspend admin user from when for how many Minutes
|
||
950 | *
|
||
951 | * @param rootAlias
|
||
952 | * @param rootPassword
|
||
953 | * @param adminUserAlias
|
||
954 | * @param fromDate
|
||
955 | * - from when
|
||
956 | * @param nMinutes
|
||
957 | * - Suspend for how many Minutes
|
||
958 | * @return ERR_code defined in the Constants.<br/>
|
||
959 | * ERR_SUCCESS<br/>
|
||
960 | * ERR_SYSTEM_NOT_READY<br/>
|
||
961 | * ERR_USERALIAS_NOT_FOUND <br/>
|
||
962 | * ERR_INVALID_STATE - root not active or temporary suspended.<br/>
|
||
963 | * ERR_APP_SERV_NOT_PERMITTED - for operation not allowed for the user type.<br/>
|
||
964 | * ERR_EXCEED_MAX_TRIES<br/>
|
||
965 | * ERR_INVALID_CREDENTIAL<br/>
|
||
966 | * ERR_UNKNOWN<br/>
|
||
967 | */
|
||
968 | public int AD_SuspendUser(String rootAlias, String rootPassword, |
||
969 | String adminUserAlias, String strFromDate, int nMinutes) |
||
970 | { |
||
971 | Date fromDate = StringToDate(strFromDate);
|
||
972 | int rc = verifyStaticPasswordService.verifyStaticPassword(
|
||
973 | rootAlias, rootPassword, true, Constants.UTYPE_STATE_ROOT);
|
||
974 | |||
975 | if (rc != Constants.ERR_SUCCESS)
|
||
976 | { |
||
977 | return rc;
|
||
978 | } |
||
979 | |||
980 | rc = lockUserService.lockUser(adminUserAlias, |
||
981 | Constants.UID_STATE_TMP_LOCKED, fromDate, nMinutes); |
||
982 | |||
983 | logger.info("AD_SuspendUser - admin user alias: [" + adminUserAlias
|
||
984 | + "] Return: " + rc);
|
||
985 | |||
986 | return rc;
|
||
987 | } |
||
988 | |||
989 | /**
|
||
990 | * This method is to concate existing user alias to allow re use user after deleted.
|
||
991 | *
|
||
992 | * @param rootAlias
|
||
993 | * @param rootPassword
|
||
994 | * @param adminUserAlias
|
||
995 | * @param fromDate
|
||
996 | * - from when
|
||
997 | * @param nMinutes
|
||
998 | * - Suspend for how many Minutes
|
||
999 | * @return ERR_code defined in the Constants.<br/>
|
||
1000 | * ERR_SUCCESS<br/>
|
||
1001 | * ERR_SYSTEM_NOT_READY<br/>
|
||
1002 | * ERR_USERALIAS_NOT_FOUND <br/>
|
||
1003 | * ERR_INVALID_STATE - root not active or temporary suspended.<br/>
|
||
1004 | * ERR_APP_SERV_NOT_PERMITTED - for operation not allowed for the user type.<br/>
|
||
1005 | * ERR_EXCEED_MAX_TRIES<br/>
|
||
1006 | * ERR_INVALID_CREDENTIAL<br/>
|
||
1007 | * ERR_UNKNOWN<br/>
|
||
1008 | */
|
||
1009 | public int UA_DeleteUser(String adminUserAlias, String adminUserPassword, String userAlias) |
||
1010 | { |
||
1011 | |||
1012 | int rc = verifyStaticPasswordService.verifyStaticPassword(
|
||
1013 | adminUserAlias, adminUserPassword, true,
|
||
1014 | Constants.UTYPE_STATE_ADMIN); |
||
1015 | |||
1016 | if (rc != Constants.ERR_SUCCESS)
|
||
1017 | { |
||
1018 | return rc;
|
||
1019 | } |
||
1020 | |||
1021 | rc = DeleteUserService.deleteUser(userAlias); |
||
1022 | |||
1023 | logger.info("AD_SuspendUser - admin user alias: [" + userAlias
|
||
1024 | + "] Return: " + rc);
|
||
1025 | |||
1026 | return rc;
|
||
1027 | } |
||
1028 | |||
1029 | // ///////////////////////////////////////////////////////////////////////////////
|
||
1030 | // token area
|
||
1031 | // ///////////////////////////////////////////////////////////////////////////////
|
||
1032 | |||
1033 | /**
|
||
1034 | * This method is to verify token password
|
||
1035 | *
|
||
1036 | * @param userAlias
|
||
1037 | * @param inPassword
|
||
1038 | * @return ERR_code defined in the Constants<br/>
|
||
1039 | * ERR_SUCCESS<br/>
|
||
1040 | * ERR_SYSTEM_NOT_READY<br/>
|
||
1041 | * ERR_USERALIAS_NOT_FOUND<br/>
|
||
1042 | * ERR_INVALID_STATE<br/>
|
||
1043 | * ERR_EXCEED_MAX_TRIES<br/>
|
||
1044 | * ERR_INVALID_CREDENTIAL<br/>
|
||
1045 | * ERR_PASSWD_EXPIRED<br/>
|
||
1046 | * ERR_REUSED_PASSWD<br/>
|
||
1047 | */
|
||
1048 | public int VerifyToken(String userAlias, String inPassword) |
||
1049 | { |
||
1050 | int rc = verifyTokenService.verifyToken(userAlias, inPassword);
|
||
1051 | |||
1052 | logger.info("VerifyToken - user alias: [" + userAlias + "] Return: " |
||
1053 | + rc); |
||
1054 | |||
1055 | return rc;
|
||
1056 | } |
||
1057 | |||
1058 | /**
|
||
1059 | * This method is to reset user token <br/>
|
||
1060 | *
|
||
1061 | * @param adminUserAlias
|
||
1062 | * @param adminUserPassword
|
||
1063 | * @param userAlias
|
||
1064 | * @return ERR_code defined in the Constants<br/>
|
||
1065 | * ERR_SUCCESS<br/>
|
||
1066 | * ERR_SYSTEM_NOT_READY<br/>
|
||
1067 | * ERR_USERALIAS_NOT_FOUND<br/>
|
||
1068 | * ERR_INVALID_STATE<br/>
|
||
1069 | * ERR_EXCEED_MAX_TRIES<br/>
|
||
1070 | * ERR_INVALID_CREDENTIAL<br/>
|
||
1071 | */
|
||
1072 | public int ResetToken(String adminUserAlias, String adminUserPassword, |
||
1073 | String userAlias)
|
||
1074 | { |
||
1075 | int rc = verifyStaticPasswordService.verifyStaticPassword(
|
||
1076 | adminUserAlias, adminUserPassword, true,
|
||
1077 | Constants.UTYPE_STATE_ADMIN); |
||
1078 | |||
1079 | if (rc != Constants.ERR_SUCCESS)
|
||
1080 | { |
||
1081 | return rc;
|
||
1082 | } |
||
1083 | |||
1084 | rc = resetTokenService.resetToken(userAlias); |
||
1085 | logger.info("ResetToken - user alias: [" + userAlias + "] Return: " |
||
1086 | + rc); |
||
1087 | return rc;
|
||
1088 | } |
||
1089 | |||
1090 | /**
|
||
1091 | * This method is to query token information, Return type is HashMap<String,String>
|
||
1092 | * RC - Return Code [always present]<br/>
|
||
1093 | * RT - Return Code in Text [always present]<br/>
|
||
1094 | * <br/>
|
||
1095 | * The following data present only with the return is ERR_SUCCESS<br/>
|
||
1096 | * SerailNo - The serial number of token<br/>
|
||
1097 | * State - Token State, [0-UNASSIGNED], [1-ASSIGNED], [2-DISABLE], [3-LOCKED], [4-DELETED]<br/>
|
||
1098 | * UseCount - number of time of password authentication <br/>
|
||
1099 | * ErrorCount - number of time error encountered of password authentication<br/>
|
||
1100 | * DateAssigned - date of assignment to user<br/>
|
||
1101 | * DateFirstUsed - date of 1st time use<br/>
|
||
1102 | * DateLastUsed - date of last time used<br/>
|
||
1103 | * BatchID - the ID used for loading the token into data store<br/>
|
||
1104 | * <br/>
|
||
1105 | *
|
||
1106 | * Data retrieved from token BLOB<br/>
|
||
1107 | * TOKEN_MODEL<br/>
|
||
1108 | * USE_COUNT<br/>
|
||
1109 | * ERROR_COUNT<br/>
|
||
1110 | * LAST_TIME_USED<br/>
|
||
1111 | * CODE_WORD<br/>
|
||
1112 | * TRIPLE_DES<br/>
|
||
1113 | * MAX_INPUT_FIELDS<br/>
|
||
1114 | * RESPONSE_LENGTH<br/>
|
||
1115 | * RESPONSE_TYPE<br/>
|
||
1116 | * RESPONSE_CHECKSUM<br/>
|
||
1117 | * TIME_STEP_USED<br/>
|
||
1118 | *
|
||
1119 | * @param userAlias
|
||
1120 | * @return HashMap
|
||
1121 | */
|
||
1122 | public HashMap<String, String> QueryToken(String userAlias) |
||
1123 | { |
||
1124 | return queryInfoService.queryToken(userAlias);
|
||
1125 | } |
||
1126 | |||
1127 | public int DeleteTokenFromStore(String adminUserAlias, |
||
1128 | String adminUserPassword, String serialNumber) |
||
1129 | { |
||
1130 | int rc = verifyStaticPasswordService.verifyStaticPassword(
|
||
1131 | adminUserAlias, adminUserPassword, true,
|
||
1132 | Constants.UTYPE_STATE_ADMIN); |
||
1133 | |||
1134 | if (rc != Constants.ERR_SUCCESS)
|
||
1135 | { |
||
1136 | return rc;
|
||
1137 | } |
||
1138 | |||
1139 | rc = deleteTokenService.deleteTokenFromStore(serialNumber); |
||
1140 | logger.info("DeleteTokenFromStore - serial number: [" + serialNumber
|
||
1141 | + "] Return: " + rc);
|
||
1142 | return rc;
|
||
1143 | } |
||
1144 | |||
1145 | /**
|
||
1146 | * This method is to assign token to user<br/>
|
||
1147 | *
|
||
1148 | * @param serialNumber
|
||
1149 | * @param userAlias
|
||
1150 | * @return ERR_code defined in the Constants<br/>
|
||
1151 | * ERR_SUCCESS<br/>
|
||
1152 | * ERR_SYSTEM_NOT_READY<br/>
|
||
1153 | * ERR_USERALIAS_NOT_FOUND<br/>
|
||
1154 | * ERR_INVALID_STATE<br/>
|
||
1155 | */
|
||
1156 | public int AssignTokenToUser(String adminUserAlias, |
||
1157 | String adminUserPassword, String serialNumber, String userAlias) |
||
1158 | { |
||
1159 | int rc = verifyStaticPasswordService.verifyStaticPassword(
|
||
1160 | adminUserAlias, adminUserPassword, true,
|
||
1161 | Constants.UTYPE_STATE_ADMIN); |
||
1162 | |||
1163 | if (rc != Constants.ERR_SUCCESS)
|
||
1164 | { |
||
1165 | return rc;
|
||
1166 | } |
||
1167 | |||
1168 | rc = assignTokenService.assignToken(serialNumber, userAlias, |
||
1169 | Constants.TKN_STATE_ASSIGNED); |
||
1170 | |||
1171 | logger.info("AssignTokenToUser - serial number: [" + serialNumber
|
||
1172 | + "] user alias: [" + userAlias + "] Return: " + rc); |
||
1173 | |||
1174 | return rc;
|
||
1175 | } |
||
1176 | |||
1177 | /**
|
||
1178 | * This method is to return Token to store; Reset the Token.<br/>
|
||
1179 | * The token is ready to re-assign to other user.<br/>
|
||
1180 | *
|
||
1181 | * @param adminUserAlias
|
||
1182 | * @param adminUserPassword
|
||
1183 | * @param userAlias
|
||
1184 | * @return ERR_code defined in the Constants<br/>
|
||
1185 | * ERR_SUCCESS<br/>
|
||
1186 | * ERR_SYSTEM_NOT_READY<br/>
|
||
1187 | * ERR_USERALIAS_NOT_FOUND<br/>
|
||
1188 | * ERR_INVALID_STATE<br/>
|
||
1189 | */
|
||
1190 | public int UnassignTokenFromUser(String adminUserAlias, |
||
1191 | String adminUserPassword, String userAlias) |
||
1192 | { |
||
1193 | int rc = verifyStaticPasswordService.verifyStaticPassword(
|
||
1194 | adminUserAlias, adminUserPassword, true,
|
||
1195 | Constants.UTYPE_STATE_ADMIN); |
||
1196 | |||
1197 | if (rc != Constants.ERR_SUCCESS)
|
||
1198 | { |
||
1199 | return rc;
|
||
1200 | } |
||
1201 | |||
1202 | rc = assignTokenService.assignToken(null, userAlias,
|
||
1203 | Constants.TKN_STATE_UNASSIGNED); |
||
1204 | |||
1205 | logger.info("UnassignTokenFromUser - user alias: [" + userAlias
|
||
1206 | + "] Return: " + rc);
|
||
1207 | |||
1208 | return rc;
|
||
1209 | } |
||
1210 | |||
1211 | /**
|
||
1212 | * This method is to disable the token<br/>
|
||
1213 | *
|
||
1214 | * @param adminUserAlias
|
||
1215 | * @param adminUserPassword
|
||
1216 | * @param userAlias
|
||
1217 | * @return ERR_code defined in the Constants<br/>
|
||
1218 | * ERR_SUCCESS<br/>
|
||
1219 | * ERR_SYSTEM_NOT_READY<br/>
|
||
1220 | * ERR_USERALIAS_NOT_FOUND<br/>
|
||
1221 | * ERR_INVALID_STATE<br/>
|
||
1222 | */
|
||
1223 | public int DisableToken(String adminUserAlias, String adminUserPassword, |
||
1224 | String userAlias)
|
||
1225 | { |
||
1226 | int rc = verifyStaticPasswordService.verifyStaticPassword(
|
||
1227 | adminUserAlias, adminUserPassword, true,
|
||
1228 | Constants.UTYPE_STATE_ADMIN); |
||
1229 | |||
1230 | if (rc != Constants.ERR_SUCCESS)
|
||
1231 | { |
||
1232 | return rc;
|
||
1233 | } |
||
1234 | |||
1235 | rc = disableTokenService.disableToken(userAlias, true);
|
||
1236 | |||
1237 | logger.info("DisableToken - user alias: [" + userAlias + "] Return: " |
||
1238 | + rc); |
||
1239 | |||
1240 | return rc;
|
||
1241 | } |
||
1242 | |||
1243 | /**
|
||
1244 | * This method is to enable to token<br/>
|
||
1245 | *
|
||
1246 | * @param adminUserAlias
|
||
1247 | * @param adminUserPassword
|
||
1248 | * @param userAlias
|
||
1249 | * @return ERR_code defined in the Constants<br/>
|
||
1250 | * ERR_SUCCESS<br/>
|
||
1251 | * ERR_SYSTEM_NOT_READY<br/>
|
||
1252 | * ERR_USERALIAS_NOT_FOUND<br/>
|
||
1253 | * ERR_INVALID_STATE<br/>
|
||
1254 | */
|
||
1255 | public int EnableToken(String adminUserAlias, String adminUserPassword, |
||
1256 | String userAlias)
|
||
1257 | { |
||
1258 | int rc = verifyStaticPasswordService.verifyStaticPassword(
|
||
1259 | adminUserAlias, adminUserPassword, true,
|
||
1260 | Constants.UTYPE_STATE_ADMIN); |
||
1261 | |||
1262 | if (rc != Constants.ERR_SUCCESS)
|
||
1263 | { |
||
1264 | return rc;
|
||
1265 | } |
||
1266 | |||
1267 | rc = disableTokenService.disableToken(userAlias, false);
|
||
1268 | |||
1269 | logger.info("EnableToken - user alias: [" + userAlias + "] Return: " |
||
1270 | + rc); |
||
1271 | |||
1272 | return rc;
|
||
1273 | } |
||
1274 | |||
1275 | /**
|
||
1276 | * This method is to load token from DPX or PSKC file to UPass data store
|
||
1277 | * Refer to System Console for additional information.
|
||
1278 | *
|
||
1279 | * @param adminUserAlias
|
||
1280 | * @param adminUserPassword
|
||
1281 | * @param requiredField1
|
||
1282 | * = fileName
|
||
1283 | * @param requiredField2
|
||
1284 | * = importKey/ passsphrase / fileName
|
||
1285 | * @param requiredField3
|
||
1286 | * = batchId/ null
|
||
1287 | * @return rc (response code)
|
||
1288 | * @throws Exception
|
||
1289 | */
|
||
1290 | public int LoadToken(String adminUserAlias, String adminUserPassword, |
||
1291 | String requiredField1, String requiredField2, String requiredField3) throws Exception |
||
1292 | { |
||
1293 | int rc = Constants.ERR_SYSTEM_NOT_READY;
|
||
1294 | |||
1295 | rc = LoadTokenWithStats(adminUserAlias, adminUserPassword, |
||
1296 | requiredField1, requiredField2, requiredField3).getResponseCode(); |
||
1297 | |||
1298 | return rc;
|
||
1299 | } |
||
1300 | |||
1301 | /**
|
||
1302 | * This method override the existing LoadToken to generate load token statistic
|
||
1303 | *
|
||
1304 | * @param adminUserAlias
|
||
1305 | * @param adminUserPassword
|
||
1306 | * @param requiredField1
|
||
1307 | * = fileName
|
||
1308 | * @param requiredField2
|
||
1309 | * = importKey/ passsphrase / fileName
|
||
1310 | * @param requiredField3
|
||
1311 | * = batchId/ null
|
||
1312 | * @return LoadTokenBean
|
||
1313 | * @throws Exception
|
||
1314 | */
|
||
1315 | public LoadTokenBean LoadTokenWithStats(String adminUserAlias, String adminUserPassword, |
||
1316 | String requiredField1, String requiredField2, String requiredField3) throws Exception { |
||
1317 | LoadTokenBean loadTokenBean = new LoadTokenBean();
|
||
1318 | |||
1319 | // verify supervisor password
|
||
1320 | int rc = verifyStaticPasswordService.verifyStaticPassword(
|
||
1321 | adminUserAlias, adminUserPassword, true,
|
||
1322 | Constants.UTYPE_STATE_ADMIN); |
||
1323 | |||
1324 | rc = 0;
|
||
1325 | |||
1326 | if (rc != Constants.ERR_SUCCESS) {
|
||
1327 | loadTokenBean.setResponseCode(rc); |
||
1328 | |||
1329 | } else {
|
||
1330 | loadTokenBean = loadTokenService.loadToken(requiredField1, requiredField2, requiredField3, |
||
1331 | UPassFactory.getTokenMode()); |
||
1332 | } |
||
1333 | |||
1334 | return loadTokenBean;
|
||
1335 | } |
||
1336 | |||
1337 | /**
|
||
1338 | * This method override the existing LoadToken to generate load token statistic
|
||
1339 | *
|
||
1340 | * @param adminUserAlias
|
||
1341 | * @param adminUserPassword
|
||
1342 | * @param requiredField1
|
||
1343 | * = userAlias
|
||
1344 | * @param requiredField2
|
||
1345 | * = Otp 1
|
||
1346 | * @param requiredField3
|
||
1347 | * = Otp 2
|
||
1348 | * @return LoadTokenBean
|
||
1349 | * @throws Exception
|
||
1350 | */
|
||
1351 | public int SynchronizeToken(String adminUserAlias, String adminUserPassword, |
||
1352 | String userAlias, String otp1, String otp2) { |
||
1353 | |||
1354 | // verify supervisor password
|
||
1355 | int rc = verifyStaticPasswordService.verifyStaticPassword(
|
||
1356 | adminUserAlias, adminUserPassword, true,
|
||
1357 | Constants.UTYPE_STATE_ADMIN); |
||
1358 | |||
1359 | if (rc != Constants.ERR_SUCCESS)
|
||
1360 | { |
||
1361 | return rc;
|
||
1362 | } |
||
1363 | |||
1364 | rc = synchronizeTokenService.syncToken(userAlias, otp1, otp2); |
||
1365 | |||
1366 | logger.info("SyncToken - useralias: [" + userAlias
|
||
1367 | + "] first OTP: [" + otp1 + "] Second OTP: [" + otp2 + "] Return: " + rc); |
||
1368 | return rc;
|
||
1369 | |||
1370 | } |
||
1371 | |||
1372 | /**
|
||
1373 | * This method is to get Specified token vendor name in Token Controller
|
||
1374 | *
|
||
1375 | * @return token Vendor name
|
||
1376 | */
|
||
1377 | public String getTokenVendor() { |
||
1378 | |||
1379 | return queryInfoService.getTokenVendor();
|
||
1380 | |||
1381 | } |
||
1382 | |||
1383 | // ///////////////////////////////////////////////////////////////////////////////
|
||
1384 | // token area end
|
||
1385 | // ///////////////////////////////////////////////////////////////////////////////
|
||
1386 | |||
1387 | private Date StringToDate(String dateString) |
||
1388 | { |
||
1389 | String DATE_FORMAT = "yyyyMMddHHmmss"; |
||
1390 | SimpleDateFormat format = new SimpleDateFormat(DATE_FORMAT); |
||
1391 | Date parsedDate = new Date(); |
||
1392 | |||
1393 | try
|
||
1394 | { |
||
1395 | parsedDate = format.parse(dateString); |
||
1396 | } catch (ParseException pe) |
||
1397 | { |
||
1398 | logger.info("ERROR: Cannot parse date in String " + dateString);
|
||
1399 | } |
||
1400 | |||
1401 | return parsedDate;
|
||
1402 | } |
||
1403 | |||
1404 | // ///////////////////////////////////////////////////////////////////////////////
|
||
1405 | // Security code area
|
||
1406 | // ///////////////////////////////////////////////////////////////////////////////
|
||
1407 | |||
1408 | public String GenerateSecurityCode(String identifier) |
||
1409 | { |
||
1410 | String sRc = generateSecurityCodeService
|
||
1411 | .generateSecurityCode(identifier); |
||
1412 | |||
1413 | logger.info(identifier + " Return=" + sRc.substring(2)); |
||
1414 | |||
1415 | return sRc;
|
||
1416 | } |
||
1417 | |||
1418 | public int VerifySecurityCode(String identifier, String securityCode) |
||
1419 | { |
||
1420 | int rc = verifySecurityCodeService.verifySecurityCode(
|
||
1421 | identifier, securityCode); |
||
1422 | |||
1423 | logger.info("VerifySecurityCode - identifier: [" + identifier
|
||
1424 | + "] Return: " + rc);
|
||
1425 | |||
1426 | return rc;
|
||
1427 | } |
||
1428 | |||
1429 | public int VerifyPasswordComplexity(String password, int applicationId) { |
||
1430 | int rc = verifyPasswordComplexityService.verifyPasswordComplexity(password, applicationId);
|
||
1431 | |||
1432 | logger.info("VerifyPasswordComplexity: - password[" + password
|
||
1433 | + "] Return: " + rc);
|
||
1434 | |||
1435 | return rc;
|
||
1436 | } |
||
1437 | } |