Z-Archive » Maybank Projects » M2U UPASS Project

/**

 * Copyright (M) 2010 Penril Datability (M) Sdn Bhd All rights reserved.

 *

 * This software is copyrighted. Under the copyright laws, this software

 * may not be copied, in whole or in part, without prior written consent

 * of Penril Datability (M) Sdn Bhd or its assignees. This software is

 * provided under the terms of a license between Penril Datability (M)

 * Sdn Bhd and the recipient, and its use is subject to the terms of that

 * license.

 */

package my.com.upass;

import java.text.ParseException;

import java.text.SimpleDateFormat;

import java.util.Date;

import java.util.HashMap;

import my.com.upass.factory.UPassFactory;

import my.com.upass.services.ActivateUserService;

import my.com.upass.services.AssignTokenService;

import my.com.upass.services.ChangeStaticPasswordService;

import my.com.upass.services.CheckPasswordReusedService;

import my.com.upass.services.DeleteTokenService;

import my.com.upass.services.DisableTacService;

import my.com.upass.services.DisableTokenService;

import my.com.upass.services.GenerateSecurityCodeService;

import my.com.upass.services.GenerateTacService;

import my.com.upass.services.LoadTokenService;

import my.com.upass.services.LockUserService;

import my.com.upass.services.QueryInfoService;

import my.com.upass.services.ResetTacService;

import my.com.upass.services.ResetTokenService;

import my.com.upass.services.SynchronizeTokenService;

import my.com.upass.services.VerifyPasswordComplexityService;

import my.com.upass.services.VerifySecurityCodeService;

import my.com.upass.services.VerifyTacService;

import my.com.upass.services.VerifyTokenService;

import my.com.upass.services.DeleteUserService;

/**

 * PROGRAMMER: Danniell

 * CHANGE-NO:

 * TASK-NO:

 * DATE CREATED: Oct 8, 2011

 * TAG AS:

 * REASON(S):

 * MODIFICATION:

 */

/**

 * Data Access Object version of UPASS Controller

 */

/**

 * @author Enson

 *

 */

public class UPassControllerV2 extends MinimalUPassControllerV2

{

        private ChangeStaticPasswordService changeStaticPasswordService = new ChangeStaticPasswordService(this);

        private CheckPasswordReusedService checkPasswordReusedService = new CheckPasswordReusedService(this);

        private GenerateTacService generateTacService = new GenerateTacService(this);

        private VerifyTacService verifyTacService = new VerifyTacService(this);

        private ResetTacService resetTacService = new ResetTacService(this);

        private GenerateSecurityCodeService generateSecurityCodeService = new GenerateSecurityCodeService(this);

        private VerifySecurityCodeService verifySecurityCodeService = new VerifySecurityCodeService(this);

        private DisableTacService disableTacService = new DisableTacService(this);

        private ActivateUserService activateUserService = new ActivateUserService();

        private QueryInfoService queryInfoService = new QueryInfoService();

        private LockUserService lockUserService = new LockUserService();

        private VerifyTokenService verifyTokenService = new VerifyTokenService();

        private LoadTokenService loadTokenService = new LoadTokenService();

        private ResetTokenService resetTokenService = new ResetTokenService();

        private DeleteTokenService deleteTokenService = new DeleteTokenService();

        private AssignTokenService assignTokenService = new AssignTokenService();

        private DisableTokenService disableTokenService = new DisableTokenService();

        private SynchronizeTokenService synchronizeTokenService = new SynchronizeTokenService();

        private VerifyPasswordComplexityService verifyPasswordComplexityService = new VerifyPasswordComplexityService(this);

        private DeleteUserService DeleteUserService = new DeleteUserService();

        public UPassControllerV2()

        {

                initializeConfigurations();

        }

        // ////////////////////////////////////////////////////////////////////////////////////////

        // Static Password Methods

        // /////////////////////////////////////////////////////////////////////////////////////////

        /**

         * This method verify static password generated using SP_ChangeStaticPassword()

         * and also check for user dormant status

         *

         * @param userAlias

         * @param password

         * @return ERR_code defined in the Constants.<br/>

         *         ERR_SUCCESS<br/>

         *         ERR_SYSTEM_NOT_READY<br/>

         *         ERR_USERALIAS_NOT_FOUND <br/>

         *         ERR_INVALID_STATE - user not active or temporary suspended.<br/>

         *         ERR_APP_SERV_NOT_PERMITTED - for operation not allowed for the user type.<br/>

         *         ERR_EXCEED_MAX_TRIES - used ModifyUser to reset password.<br/>

         *         ERR_INVALID_CREDENTIAL<br/>

         *         ERR_PASSWD_EXPIRED - password is valid but expired, suggest to change new password.<br/>

         */

        public int SP_Login(String userAlias, String password)

        {

                int rc = verifyStaticPasswordService.login(userAlias, password, false, 0);

                logger.info("SP_Login - user alias: [" + userAlias + "] Return: " + rc);

                return rc;

        }

        /**

         * This method generate static password and to be using SP_VerifyStaticPassword()

         *

         * @param userAlias

         * @param newPassword

         * @param oldPassword

         * @return ERR_code defined in the Constants<br/>

         *         ERR_SUCCESS<br/>

         *         ERR_SYSTEM_NOT_READY<br/>

         *         ERR_USERALIAS_NOT_FOUND<br/>

         *         ERR_INVALID_STATE - user not active or temporary suspended.<br/>

         *         ERR_APP_SERV_NOT_PERMITTED - for operation not allowed for the user type.<br/>

         *         ERR_EXCEED_MAX_TRIES - used ModifyUser to reset password.<br/>

         *         ERR_INVALID_CREDENTIAL<br/>

         *         ERR_REUSED_PASSWD - reuse previous generated password.<br/>

         */

        public int SP_ChangeStaticPassword(String userAlias, String newPassword, String oldPassword)

        {

                int rc = changeStaticPasswordService.changeStaticPassword(userAlias, newPassword, oldPassword, true);

                logger.info("SP_ChangeStaticPassword - user alias: [" + userAlias + "] Return: " + rc);

                return rc;

        }

        public int SP_ForceChangeStaticPassword(String userAlias, String newPassword, String oldPassword)

        {

                int rc = changeStaticPasswordService.changeStaticPassword(userAlias, newPassword, oldPassword, false);

                logger.info("SP_ChangeStaticPassword - user alias: [" + userAlias + "] Return: " + rc);

                return rc;

        }

        public int UA_CheckPasswordReused(String userAlias, String password)

        {

                int rc = checkPasswordReusedService.CheckPasswordReused(userAlias, password);

                logger.info("UA_CheckPasswordReused - user alias: [" + userAlias + "] Return: " + rc);

                return rc;

        }

        // /////////////////////////////////////////////////////////////////////////////////////////

        // TAC Methods ...

        // /////////////////////////////////////////////////////////////////////////////////////////

        /**

         * This method to Generate 6-digit TAC.

         *

         * @param userAlias

         * @param appId

         *            TODO

         * @return 6-digit TAC or Error code with prefix *** <br/>

         *         ***98 ERR_SYSTEM_NOT_READY<br/>

         *         ***6 ERR_USERALIAS_NOT_FOUND<br/>

         *         ***12 ERR_TAC_ALREADY_EXIST - Repeated request within allowed period<br/>

         */

        public String GenerateTAC(String userAlias, int appId) {

                String tac = generateTacService.generateTAC(userAlias, null, null, appId);

                logger.info(userAlias + " Return=" + tac.substring(2));

                return tac;

        }

        /**

         * This method to Generate 6-digit TAC with SessionID verification.

         *

         * @param userAlias

         * @param sessionID

         *            16-Characters SessionID

         * @param appId

         *            TODO

         * @return 6-digit TAC or Error code with prefix *** <br/>

         *         ***98 ERR_SYSTEM_NOT_READY<br/>

         *         ***6 ERR_USERALIAS_NOT_FOUND<br/>

         *         ***12 ERR_TAC_ALREADY_EXIST - Repeated request within allowed period<br/>

         */

        public String GenerateTAC(String userAlias, String sessionID, int appId) {

                String tac = generateTacService.generateTAC(userAlias, sessionID, null, appId);

                logger.info(userAlias + " SessionID=" + sessionID + " Return=" + tac.substring(2));

                return tac;

        }

        /**

         * This method to Generate 6-digit TAC with SessionID verification.

         *

         * @param userAlias

         * @param sessionID

         *            16-Characters SessionID

         * @param nonce

         *            Additional nonce value

         * @param appId

         *            TODO

         * @return 6-digit TAC or Error code with prefix *** <br/>

         *         ***98 ERR_SYSTEM_NOT_READY<br/>

         *         ***6 ERR_USERALIAS_NOT_FOUND<br/>

         *         ***12 ERR_TAC_ALREADY_EXIST - Repeated request within allowed period<br/>

         */

        public String GenerateTAC(String userAlias, String sessionID, String nonce, int appId) {

                String tac = generateTacService.generateTAC(userAlias, sessionID, nonce, appId);

                logger.info(userAlias + " SessionID=" + sessionID + " Return=" + tac.substring(2));

                return tac;

        }

        /**

         * This method to verify 6-digit TAC generated by GenerateTAC()

         *

         * @param userAlias

         * @param inTac

         *            User inputs TAC

         * @param appId

         *            TODO

         * @return ERR_code defined in the Constants<br/>

         *         ERR_SUCCESS<br/>

         *         ERR_SYSTEM_NOT_READY<br/>

         *         ERR_USERALIAS_NOT_FOUND<br/>

         *         ERR_INVALID_STATE - Verify method call before generation; TAC disabled.<br/>

         *         ERR_EXCEED_MAX_TRIES<br/>

         *         ERR_INVALID_CREDENTIAL<br/>

         *         ERR_PASSWD_EXPIRED - TAC expired.<br/>

         */

        public int VerifyTAC(String userAlias, String inTac, int appId) {

                int rc = verifyTacService.verifyTAC(userAlias, inTac, null, appId);

                logger.info("VerifyTAC - user alias: [" + userAlias + "] Return: " + rc);

                return rc;

        }

        /**

         * This method to verify 6-digit TAC generated by GenerateTAC() with SessionID verification

         *

         * @param userAlias

         * @param inTac

         *            User inputs TAC

         * @param sessionID

         *            16-Characters SessionID

         * @param appId

         *            TODO

         * @return ERR_code defined in the Constants<br/>

         *         ERR_SUCCESS<br/>

         *         ERR_SYSTEM_NOT_READY<br/>

         *         ERR_USERALIAS_NOT_FOUND<br/>

         *         ERR_INVALID_STATE - Verify method call before generation; TAC disabled.<br/>

         *         ERR_EXCEED_MAX_TRIES<br/>

         *         ERR_INVALID_CREDENTIAL<br/>

         *         ERR_PASSWD_EXPIRED - TAC expired.<br/>

         *         ERR_INVALID_SESSION<br/>

         */

        public int VerifyTAC(String userAlias, String inTac, String sessionID, int appId) {

                return VerifyTAC(userAlias, inTac, sessionID, null, appId);

        }

        /**

         * This method to verify 6-digit TAC generated by GenerateTAC() with SessionID verification

         *

         * @param userAlias

         * @param inTac

         *            User inputs TAC

         * @param sessionID

         *            16-Characters SessionID

         * @param nonce

         *            Additional nonce value

         * @param appId

         *            TODO

         * @return ERR_code defined in the Constants<br/>

         *         ERR_SUCCESS<br/>

         *         ERR_SYSTEM_NOT_READY<br/>

         *         ERR_USERALIAS_NOT_FOUND<br/>

         *         ERR_INVALID_STATE - Verify method call before generation; TAC disabled.<br/>

         *         ERR_EXCEED_MAX_TRIES<br/>

         *         ERR_INVALID_CREDENTIAL<br/>

         *         ERR_PASSWD_EXPIRED - TAC expired.<br/>

         *         ERR_INVALID_SESSION<br/>

         */

        public int VerifyTAC(String userAlias, String inTac, String sessionID, String nonce, int appId) {

                int rc = verifyTacService.verifyTAC(userAlias, inTac, sessionID, nonce, appId);

                logger.info("VerifyTAC - user alias: [" + userAlias + "] SessID: [" + sessionID + "] Return: " + rc);

                return rc;

        }

        /**

         * This method is to reset Error Count to Zero and set state to PASSWD_STATUS_ENABLE

         *

         * @param adminUserAlias

         * @param adminUserPassword

         * @param userAlias

         * @return ERR_code defined in the Constants<br/>

         *         ERR_SUCCESS<br/>

         *         ERR_SYSTEM_NOT_READY<br/>

         *         ERR_USERALIAS_NOT_FOUND <br/>

         *         ERR_INVALID_STATE - admin not active or temporary suspended.<br/>

         *         ERR_APP_SERV_NOT_PERMITTED - for operation not allowed for the user type.<br/>

         *         ERR_EXCEED_MAX_TRIES<br/>

         *         ERR_INVALID_CREDENTIAL<br/>

         *         ERR_UNKNOWN<br/>

         */

        public int ResetTAC(String adminUserAlias, String adminUserPassword, String userAlias) {

                int rc = verifyStaticPasswordService.verifyStaticPassword(

                                adminUserAlias, adminUserPassword, true, Constants.UTYPE_STATE_ADMIN);

                if (rc != Constants.ERR_SUCCESS) {

                        return rc;

                }

                rc = resetTacService.resetTAC(userAlias);

                logger.info("ResetTAC - user alias: [" + userAlias + "] Return: " + rc);

                return rc;

        }

        /**

         * This method is to set state to PASSWD_STATUS_DISABLE

         *

         * @param adminUserAlias

         * @param adminUserPassword

         * @param userAlias

         * @return ERR_code defined in the Constants<br/>

         *         ERR_SUCCESS<br/>

         *         ERR_SYSTEM_NOT_READY<br/>

         *         ERR_USERALIAS_NOT_FOUND <br/>

         *         ERR_INVALID_STATE - admin not active or temporary suspended.<br/>

         *         ERR_APP_SERV_NOT_PERMITTED - for operation not allowed for the user type.<br/>

         *         ERR_EXCEED_MAX_TRIES<br/>

         *         ERR_INVALID_CREDENTIAL<br/>

         *         ERR_UNKNOWN<br/>

         */

        public int DisableTAC(String adminUserAlias, String adminUserPassword, String userAlias) {

                int rc = verifyStaticPasswordService.verifyStaticPassword(

                                adminUserAlias, adminUserPassword, true, Constants.UTYPE_STATE_ADMIN);

                if (rc != Constants.ERR_SUCCESS) {

                        return rc;

                }

                rc = disableTacService.disableTAC(userAlias);

                logger.info("DisableTAC - user alias: [" + userAlias + "] Return: " + rc);

                return rc;

        }

        // /////////////////////////////////////////////////////////////////////////////////////////

        // User Administration methods.

        // /////////////////////////////////////////////////////////////////////////////////////////

        /**

         * This method to modify admin users to the system

         *

         * @param rootAlias

         * @param rootPassword

         * @param adminUserAlias

         * @param adminDesc

         *            - can be null - Null denotes no description will be modified.

         * @param adminUserPassword

         *            - can be null - Null denotes no password will be modified.

         * @return ERR_code defined in the Constants.<br/>

         *         ERR_SUCCESS<br/>

         *         ERR_SYSTEM_NOT_READY<br/>

         *         ERR_USERALIAS_NOT_FOUND <br/>

         *         ERR_INVALID_STATE - root not active or temporary suspended.<br/>

         *         ERR_APP_SERV_NOT_PERMITTED - for operation not allowed for the user type.<br/>

         *         ERR_EXCEED_MAX_TRIES<br/>

         *         ERR_INVALID_CREDENTIAL<br/>

         *         ERR_INVALID_INPUT - internal error.<br/>

         *         ERR_USERALIAS_NOT_FOUND<br/>

         *         ERR_REUSED_PASSWD - the password entered was used previously.<br/>

         *         ERR_PASSWD_WEAK - the password entered is too weak.<br/>

         *         ERR_INVALID_USERALIAS - User alias does not match with defined pattern <br/>

         *         ERR_PASSWORD_SAMEAS_USERALIAS - password is same is user name error <br/>

         */

        public int AD_ModifyUser(String rootAlias, String rootPassword,

                        String adminUserAlias, String adminDesc, String adminUserPassword)

        {

                // check if password is similar to user alias

                if (rootAlias.equalsIgnoreCase(rootPassword)) {

                        return Constants.ERR_PASSWORD_SAMEAS_USERALIAS;

                }

                int rc = verifyStaticPasswordService.verifyStaticPassword(

                                rootAlias, rootPassword, true, Constants.UTYPE_STATE_ROOT);

                if (rc != Constants.ERR_SUCCESS)

                {

                        return rc;

                }

                rc = modifyUserService.modifyUser(adminUserAlias,

                                Constants.UTYPE_STATE_ADMIN, adminDesc, adminUserPassword,

                                Constants.UID_STATE_ACTIVE);

                logger.info("AD_ModifyUser - admin user alias: [" + adminUserAlias

                                + "] Return: " + rc);

                return rc;

        }

        /**

         * This method to change online users state to ACTIVE status.

         *

         * @param adminUserAlias

         * @param adminUserPassword

         * @param userAlias

         * @return ERR_code defined in the Constants.<br/>

         *         ERR_SUCCESS<br/>

         *         ERR_SYSTEM_NOT_READY<br/>

         *         ERR_USERALIAS_NOT_FOUND <br/>

         *         ERR_INVALID_STATE - admin not active or temporary suspended.<br/>

         *         ERR_APP_SERV_NOT_PERMITTED - for operation not allowed for the user type.<br/>

         *         ERR_EXCEED_MAX_TRIES<br/>

         *         ERR_INVALID_CREDENTIAL<br/>

         *         ERR_USERALIAS_NOT_FOUND<br/>

         *         ERR_UNKNOWN <br/>

         */

        public int UA_ActivateUser(String adminUserAlias, String adminUserPassword, String userAlias)

        {

                int rc = verifyStaticPasswordService.verifyStaticPassword(

                                adminUserAlias, adminUserPassword, true,

                                Constants.UTYPE_STATE_ADMIN);

                if (rc != Constants.ERR_SUCCESS)

                {

                        return rc;

                }

                rc = activateUserService.activateUser(userAlias);

                logger.info("UA_ActivateUser - user alias: [" + userAlias

                                + "] Return: " + rc);

                return rc;

        }

        /**

         * This method to change admin users state to ACTIVE status.

         *

         * @param rootAlias

         * @param rootPassword

         * @param adminUserAlias

         * @return ERR_code defined in the Constants.<br/>

         *         ERR_SUCCESS<br/>

         *         ERR_SYSTEM_NOT_READY<br/>

         *         ERR_USERALIAS_NOT_FOUND <br/>

         *         ERR_INVALID_STATE - root not active or temporary suspended.<br/>

         *         ERR_APP_SERV_NOT_PERMITTED - for operation not allowed for the user type.<br/>

         *         ERR_EXCEED_MAX_TRIES<br/>

         *         ERR_INVALID_CREDENTIAL<br/>

         *         ERR_USERALIAS_NOT_FOUND<br/>

         *         ERR_UNKNOWN<br/>

         */

        public int AD_ActivateUser(String rootAlias, String rootPassword,

                        String adminUserAlias)

        {

                int rc = verifyStaticPasswordService.verifyStaticPassword(

                                rootAlias, rootPassword, true, Constants.UTYPE_STATE_ROOT);

                if (rc != Constants.ERR_SUCCESS)

                {

                        return rc;

                }

                rc = activateUserService.activateUser(adminUserAlias);

                logger.info("AD_ActivateUser - admin user alias: [" + adminUserAlias

                                + "] Return: " + rc);

                return rc;

        }

        /**

         * This method is to check whether the user alias exist in the system.

         *

         * @param userAlias

         * @return ERR_code defined in the Constants.<br/>

         *         ERR_SUCCESS 0 - found<br/>

         *         ERR_USERALIAS_NOT_FOUND 6<br/>

         *         ERR_SYSTEM_NOT_READY 98<br/>

         */

        public int UA_IsUserExist(String userAlias)

        {

                return queryInfoService.checkUserExistence(userAlias);

        }

        /**

         * This method is to get user type. Valid return is [0-root user | 1-admin user | 2-Ordinary User]

         *

         * @param userAlias

         * @return <br/>

         *         UTYPE_STATE_ROOT = 0<br/>

         *         UTYPE_STATE_ADMIN = 1<br/>

         *         UTYPE_STATE_USER = 2<br/>

         *         ERR_USERALIAS_NOT_FOUND = 6<br/>

         *         ERR_SYSTEM_NOT_READY = 98<br/>

         */

        public int UA_GetUserType(String userAlias)

        {

                return queryInfoService.getUserType(userAlias);

        }

        /**

         * This method is to get attributes associated to user. Return type is HashMap<String,String>

         * The object keys is as below:<br/>

         * RC - Return Code [always present]<br/>

         * RT - Return Code in Text [always present]<br/>

         * <br/>

         * The following data present only with the return is ERR_SUCCESS<br/>

         * Type - User Type [0-Root User] [1-Admin User] [2-Ordinary User][9-SysControl]<br/>

         * State - User State [0-Active] [1-Temporary Locked] [2-Locked] [3-Inactive] [4-Deleted]<br/>

         * Description - User Description<br/>

         * UseCount - Number of time the record being access<br/>

         * DateCreated - Created date<br/>

         * DateLastUsed - Last access of the record<br/>

         * DateLastActivated - Last activation of the record<br/>

         * DateLastLocked - Last date the user being locked<br/>

         * DateLockedFrom - last date the user being locked from<br/>

         * DateLockedTo - last date the user being locked to<br/>

         *

         * @param userAlias

         * @return HashMap

         */

        public HashMap<String, String> UA_GetUserData(String userAlias)

        {

                return queryInfoService.getUserData(userAlias);

        }

        /**

         * This method is to get attributes associated to password. Return type is HashMap<String,String>

         * The object keys is as below:<br/>

         * RC - Return Code [always present]<br/>

         * RT - Return Code in Text [always present]<br/>

         * <br/>

         * The following data present only with the return is ERR_SUCCESS<br/>

         * State - Password State [0-Enable] [1-Disable] [2-OneTime Use]<br/>

         * ExpiryStatus - Expiry Status [0-Will Expired][1-Never Expired]

         * UseCount - Number of time the record being access<br/>

         * ErrorCount - Number of time the password verified error<br/>

         * DateCreated - Created date<br/>

         * DateFirstUsed - First access of the password<br/>

         * DateLastUsed - Last access of the password<br/>

         * DatePasswdExpired - Expiry date of the password<br/>

         *

         * @param userAlias

         * @return HashMap

         */

        public HashMap<String, String> QueryPassword(String userAlias)

        {

                return queryInfoService.queryPassword(userAlias);

        }

        /**

         * This method is to get attributes associated to TAC. Return type is HashMap<String,String>

         * The object keys is as below:<br/>

         * RC - Return Code [always present]<br/>

         * RT - Return Code in Text [always present]<br/>

         * <br/>

         * The following data present only with the return is ERR_SUCCESS<br/>

         * State - User State [0-Enable] [1-Disable]<br/>

         * UseCount - Number of time the record being access<br/>

         * ErrorCount - Number of time the TAC verified error<br/>

         * DateCreated - TAC Created date<br/>

         * DateFirstUsed - First access of the TAC<br/>

         * DateLastUsed - Last access of the TAC<br/>

         *

         * @param userAlias

         * @param appId TODO

         * @return HashMap

         */

        public HashMap<String, String> QueryTAC(String userAlias, int appId)

        {

                return queryInfoService.queryTAC(userAlias, appId);

        }

        /**

         * This method is to change online user state to LOCKED status.

         *

         * @param adminUserAlias

         * @param adminUserPassword

         * @param userAlias

         * @return ERR_code defined in the Constants.<br/>

         *         ERR_SUCCESS<br/>

         *         ERR_SYSTEM_NOT_READY<br/>

         *         ERR_USERALIAS_NOT_FOUND <br/>

         *         ERR_INVALID_STATE - admin not active or temporary suspended.<br/>

         *         ERR_APP_SERV_NOT_PERMITTED - for operation not allowed for the user type.<br/>

         *         ERR_EXCEED_MAX_TRIES<br/>

         *         ERR_INVALID_CREDENTIAL<br/>

         *         ERR_UNKNOWN<br/>

         */

        public int UA_LockUser(String adminUserAlias, String adminUserPassword,

                        String userAlias)

        {

                int rc = verifyStaticPasswordService.verifyStaticPassword(

                                adminUserAlias, adminUserPassword, true,

                                Constants.UTYPE_STATE_ADMIN);

                if (rc != Constants.ERR_SUCCESS)

                {

                        return rc;

                }

                rc = lockUserService.lockUser(userAlias);

                logger.info("UA_LockUser - user alias: [" + userAlias + "] Return:"

                                + rc);

                return rc;

        }

        /**

         * This method is to change admin user state to LOCKED status.

         *

         * @param rootAlias

         * @param rootPassword

         * @param adminUserAlias

         * @return ERR_code defined in the Constants.<br/>

         *         ERR_SUCCESS<br/>

         *         ERR_SYSTEM_NOT_READY<br/>

         *         ERR_USERALIAS_NOT_FOUND <br/>

         *         ERR_INVALID_STATE - root not active or temporary suspended.<br/>

         *         ERR_APP_SERV_NOT_PERMITTED - for operation not allowed for the user type.<br/>

         *         ERR_EXCEED_MAX_TRIES<br/>

         *         ERR_INVALID_CREDENTIAL<br/>

         *         ERR_UNKNOWN<br/>

         */

        public int AD_LockUser(String rootAlias, String rootPassword,

                        String adminUserAlias)

        {

                int rc = verifyStaticPasswordService.verifyStaticPassword(

                                rootAlias, rootPassword, true, Constants.UTYPE_STATE_ROOT);

                if (rc != Constants.ERR_SUCCESS)

                {

                        return rc;

                }

                rc = lockUserService.lockUser(adminUserAlias);

                logger.info("AD_LockUser - admin user alias: [" + adminUserAlias

                                + "] Return: " + rc);

                return rc;

        }

        /**

         * This method is to suspend online user from when for how many Minutes

         *

         * @param adminUserAlias

         * @param adminUserPassword

         * @param userAlias

         * @param fromDate

         *            - from when

         * @param nMinutes

         *            - Suspend for how many minutes

         * @return ERR_code defined in the Constants.<br/>

         *         ERR_SUCCESS<br/>

         *         ERR_SYSTEM_NOT_READY<br/>

         *         ERR_USERALIAS_NOT_FOUND <br/>

         *         ERR_INVALID_STATE - admin not active or temporary suspended.<br/>

         *         ERR_APP_SERV_NOT_PERMITTED - for operation not allowed for the user type.<br/>

         *         ERR_EXCEED_MAX_TRIES<br/>

         *         ERR_INVALID_CREDENTIAL<br/>

         *         ERR_UNKNOWN<br/>

         */

        public int UA_SuspendUser(String adminUserAlias, String adminUserPassword,

                        String userAlias, String strFromDate, int nMinutes)

        {

                Date fromDate = StringToDate(strFromDate);

                int rc = verifyStaticPasswordService.verifyStaticPassword(

                                adminUserAlias, adminUserPassword, true,

                                Constants.UTYPE_STATE_ADMIN);

                if (rc != Constants.ERR_SUCCESS)

                {

                        return rc;

                }

                rc = lockUserService.lockUser(userAlias,

                                Constants.UID_STATE_TMP_LOCKED, fromDate, nMinutes);

                logger.info("UA_SuspendUser - admin user alias: [" + adminUserAlias

                                + "] user alias: [" + userAlias + "] From: [" + fromDate

                                + " for " + nMinutes + "min] Return: " + rc);

                return rc;

        }

        /**

         * This method is to suspend admin user from when for how many Minutes

         *

         * @param rootAlias

         * @param rootPassword

         * @param adminUserAlias

         * @param fromDate

         *            - from when

         * @param nMinutes

         *            - Suspend for how many Minutes

         * @return ERR_code defined in the Constants.<br/>

         *         ERR_SUCCESS<br/>

         *         ERR_SYSTEM_NOT_READY<br/>

         *         ERR_USERALIAS_NOT_FOUND <br/>

         *         ERR_INVALID_STATE - root not active or temporary suspended.<br/>

         *         ERR_APP_SERV_NOT_PERMITTED - for operation not allowed for the user type.<br/>

         *         ERR_EXCEED_MAX_TRIES<br/>

         *         ERR_INVALID_CREDENTIAL<br/>

         *         ERR_UNKNOWN<br/>

         */

        public int AD_SuspendUser(String rootAlias, String rootPassword,

                        String adminUserAlias, String strFromDate, int nMinutes)

        {

                Date fromDate = StringToDate(strFromDate);

                int rc = verifyStaticPasswordService.verifyStaticPassword(

                                rootAlias, rootPassword, true, Constants.UTYPE_STATE_ROOT);

                if (rc != Constants.ERR_SUCCESS)

                {

                        return rc;

                }

                rc = lockUserService.lockUser(adminUserAlias,

                                Constants.UID_STATE_TMP_LOCKED, fromDate, nMinutes);

                logger.info("AD_SuspendUser - admin user alias: [" + adminUserAlias

                                + "] Return: " + rc);

                return rc;

        }

        /**

         * This method is to concate existing user alias to allow re use user after deleted.

         *

         * @param rootAlias

         * @param rootPassword

         * @param adminUserAlias

         * @param fromDate

         *            - from when

         * @param nMinutes

         *            - Suspend for how many Minutes

         * @return ERR_code defined in the Constants.<br/>

         *         ERR_SUCCESS<br/>

         *         ERR_SYSTEM_NOT_READY<br/>

         *         ERR_USERALIAS_NOT_FOUND <br/>

         *         ERR_INVALID_STATE - root not active or temporary suspended.<br/>

         *         ERR_APP_SERV_NOT_PERMITTED - for operation not allowed for the user type.<br/>

         *         ERR_EXCEED_MAX_TRIES<br/>

         *         ERR_INVALID_CREDENTIAL<br/>

         *         ERR_UNKNOWN<br/>

         */

        public int UA_DeleteUser(String adminUserAlias, String adminUserPassword, String userAlias)

        {

                int rc = verifyStaticPasswordService.verifyStaticPassword(

                                adminUserAlias, adminUserPassword, true,

                                Constants.UTYPE_STATE_ADMIN);

                if (rc != Constants.ERR_SUCCESS)

                {

                        return rc;

                }

                rc = DeleteUserService.deleteUser(userAlias);

                logger.info("AD_SuspendUser - admin user alias: [" + userAlias

                                + "] Return: " + rc);

                return rc;

        }

        // ///////////////////////////////////////////////////////////////////////////////

        // token area

        // ///////////////////////////////////////////////////////////////////////////////

        /**

         * This method is to verify token password

         *

         * @param userAlias

         * @param inPassword

         * @return ERR_code defined in the Constants<br/>

         *         ERR_SUCCESS<br/>

         *         ERR_SYSTEM_NOT_READY<br/>

         *         ERR_USERALIAS_NOT_FOUND<br/>

         *         ERR_INVALID_STATE<br/>

         *         ERR_EXCEED_MAX_TRIES<br/>

         *         ERR_INVALID_CREDENTIAL<br/>

         *         ERR_PASSWD_EXPIRED<br/>

         *         ERR_REUSED_PASSWD<br/>

         */

        public int VerifyToken(String userAlias, String inPassword)

        {

                int rc = verifyTokenService.verifyToken(userAlias, inPassword);

                logger.info("VerifyToken - user alias: [" + userAlias + "] Return: "

                                + rc);

                return rc;

        }

        /**

         * This method is to reset user token <br/>

         *

         * @param adminUserAlias

         * @param adminUserPassword

         * @param userAlias

         * @return ERR_code defined in the Constants<br/>

         *         ERR_SUCCESS<br/>

         *         ERR_SYSTEM_NOT_READY<br/>

         *         ERR_USERALIAS_NOT_FOUND<br/>

         *         ERR_INVALID_STATE<br/>

         *         ERR_EXCEED_MAX_TRIES<br/>

         *         ERR_INVALID_CREDENTIAL<br/>

         */

        public int ResetToken(String adminUserAlias, String adminUserPassword,

                        String userAlias)

        {

                int rc = verifyStaticPasswordService.verifyStaticPassword(

                                adminUserAlias, adminUserPassword, true,

                                Constants.UTYPE_STATE_ADMIN);

                if (rc != Constants.ERR_SUCCESS)

                {

                        return rc;

                }

                rc = resetTokenService.resetToken(userAlias);

                logger.info("ResetToken - user alias: [" + userAlias + "] Return: "

                                + rc);

                return rc;

        }

        /**

         * This method is to query token information, Return type is HashMap<String,String>

         * RC - Return Code [always present]<br/>

         * RT - Return Code in Text [always present]<br/>

         * <br/>

         * The following data present only with the return is ERR_SUCCESS<br/>

         * SerailNo - The serial number of token<br/>

         * State - Token State, [0-UNASSIGNED], [1-ASSIGNED], [2-DISABLE], [3-LOCKED], [4-DELETED]<br/>

         * UseCount - number of time of password authentication <br/>

         * ErrorCount - number of time error encountered of password authentication<br/>

         * DateAssigned - date of assignment to user<br/>

         * DateFirstUsed - date of 1st time use<br/>

         * DateLastUsed - date of last time used<br/>

         * BatchID - the ID used for loading the token into data store<br/>

         * <br/>

         *

         * Data retrieved from token BLOB<br/>

         * TOKEN_MODEL<br/>

         * USE_COUNT<br/>

         * ERROR_COUNT<br/>

         * LAST_TIME_USED<br/>

         * CODE_WORD<br/>

         * TRIPLE_DES<br/>

         * MAX_INPUT_FIELDS<br/>

         * RESPONSE_LENGTH<br/>

         * RESPONSE_TYPE<br/>

         * RESPONSE_CHECKSUM<br/>

         * TIME_STEP_USED<br/>

         *

         * @param userAlias

         * @return HashMap

         */

        public HashMap<String, String> QueryToken(String userAlias)

        {

                return queryInfoService.queryToken(userAlias);

        }

        public int DeleteTokenFromStore(String adminUserAlias,

                        String adminUserPassword, String serialNumber)

        {

                int rc = verifyStaticPasswordService.verifyStaticPassword(

                                adminUserAlias, adminUserPassword, true,

                                Constants.UTYPE_STATE_ADMIN);

                if (rc != Constants.ERR_SUCCESS)

                {

                        return rc;

                }

                rc = deleteTokenService.deleteTokenFromStore(serialNumber);

                logger.info("DeleteTokenFromStore - serial number: [" + serialNumber

                                + "] Return: " + rc);

                return rc;

        }

        /**

         * This method is to assign token to user<br/>

         *

         * @param serialNumber

         * @param userAlias

         * @return ERR_code defined in the Constants<br/>

         *         ERR_SUCCESS<br/>

         *         ERR_SYSTEM_NOT_READY<br/>

         *         ERR_USERALIAS_NOT_FOUND<br/>

         *         ERR_INVALID_STATE<br/>

         */

        public int AssignTokenToUser(String adminUserAlias,

                        String adminUserPassword, String serialNumber, String userAlias)

        {

                int rc = verifyStaticPasswordService.verifyStaticPassword(

                                adminUserAlias, adminUserPassword, true,

                                Constants.UTYPE_STATE_ADMIN);

                if (rc != Constants.ERR_SUCCESS)

                {

                        return rc;

                }

                rc = assignTokenService.assignToken(serialNumber, userAlias,

                                Constants.TKN_STATE_ASSIGNED);

                logger.info("AssignTokenToUser - serial number: [" + serialNumber

                                + "] user alias: [" + userAlias + "] Return: " + rc);

                return rc;

        }

        /**

         * This method is to return Token to store; Reset the Token.<br/>

         * The token is ready to re-assign to other user.<br/>

         *

         * @param adminUserAlias

         * @param adminUserPassword

         * @param userAlias

         * @return ERR_code defined in the Constants<br/>

         *         ERR_SUCCESS<br/>

         *         ERR_SYSTEM_NOT_READY<br/>

         *         ERR_USERALIAS_NOT_FOUND<br/>

         *         ERR_INVALID_STATE<br/>

         */

        public int UnassignTokenFromUser(String adminUserAlias,

                        String adminUserPassword, String userAlias)

        {

                int rc = verifyStaticPasswordService.verifyStaticPassword(

                                adminUserAlias, adminUserPassword, true,

                                Constants.UTYPE_STATE_ADMIN);

                if (rc != Constants.ERR_SUCCESS)

                {

                        return rc;

                }

                rc = assignTokenService.assignToken(null, userAlias,

                                Constants.TKN_STATE_UNASSIGNED);

                logger.info("UnassignTokenFromUser - user alias: [" + userAlias

                                + "] Return: " + rc);

                return rc;

        }

        /**

         * This method is to disable the token<br/>

         *

         * @param adminUserAlias

         * @param adminUserPassword

         * @param userAlias

         * @return ERR_code defined in the Constants<br/>

         *         ERR_SUCCESS<br/>

         *         ERR_SYSTEM_NOT_READY<br/>

         *         ERR_USERALIAS_NOT_FOUND<br/>

         *         ERR_INVALID_STATE<br/>

         */

        public int DisableToken(String adminUserAlias, String adminUserPassword,

                        String userAlias)