Z-Archive » Maybank Projects » M2U UPASS Project

import my.com.upass.services.ChangeStaticPasswordService;

	private ChangeStaticPasswordService changeStaticPasswordService = new ChangeStaticPasswordService(this);

	public UPassControllerV2()

	{

		initializeConfigurations();

	}

	/**

	 * This method generate static password and to be using SP_VerifyStaticPassword()

	 * 

	 * @param userAlias

	 * @param newPassword

	 * @param oldPassword

	 * @return ERR_code defined in the Constants<br/>

	 *         ERR_SUCCESS<br/>

	 *         ERR_SYSTEM_NOT_READY<br/>

	 *         ERR_USERALIAS_NOT_FOUND<br/>

	 *         ERR_INVALID_STATE - user not active or temporary suspended.<br/>

	 *         ERR_APP_SERV_NOT_PERMITTED - for operation not allowed for the user type.<br/>

	 *         ERR_EXCEED_MAX_TRIES - used ModifyUser to reset password.<br/>

	 *         ERR_INVALID_CREDENTIAL<br/>

	 *         ERR_REUSED_PASSWD - reuse previous generated password.<br/>

	 */

	public int SP_ChangeStaticPassword(String userAlias, String newPassword, String oldPassword)

	{

		int rc = changeStaticPasswordService.changeStaticPassword(userAlias, newPassword, oldPassword, true);

		logger.info("SP_ChangeStaticPassword - user alias: [" + userAlias + "] Return: " + rc);

		return rc;

	}

/**

 * Copyright (c) 2010 Penril Datability (M) Sdn Bhd All rights reserved.

 *

 * This software is copyrighted. Under the copyright laws, this software

 * may not be copied, in whole or in part, without prior written consent

 * of Penril Datability (M) Sdn Bhd or its assignees. This software is

 * provided under the terms of a license between Penril Datability (M)

 * Sdn Bhd and the recipient, and its use is subject to the terms of that

 * license.

 */

package my.com.upass.services;

import my.com.upass.Constants;

import my.com.upass.UPassControllerV2;

import my.com.upass.dao.DAOFactoryProvider;

import my.com.upass.dao.UserDAO;

import my.com.upass.factory.UPassFactory;

import my.com.upass.pojo.MinimalUserBean;

import my.com.upass.spassword.PasswordController;

/**

 * PROGRAMMER: Danniell

 * CHANGE-NO:

 * TASK-NO:

 * DATE CREATED: Dec 28, 2011

 * TAG AS:

 * REASON(S):

 * MODIFICATION:

 */

/**

 * <Class description>

 */

public class ChangeStaticPasswordService

{

	private UPassControllerV2 upc;

	public ChangeStaticPasswordService(UPassControllerV2 upc)

	{

		this.upc = upc;

	}

	public int changeStaticPassword(String userAlias, String newPassword, String oldPassword, boolean checkChangeInterval) 

	{

		int rc = Constants.ERR_SYSTEM_NOT_READY;

		try

		{

			UserDAO userDao = DAOFactoryProvider.getDAOFactory ().getUserDAO ();

			MinimalUserBean userBean = userDao.getUserFromStore(userAlias, null);

			if (userBean == null) 

			{

				return Constants.ERR_USERALIAS_NOT_FOUND;

			}

			userBean.getPdateCreated();

			// verify user

			PasswordController pc = UPassFactory.getPasswordController(userBean, upc.getConfigurationsMap ());

			if (checkChangeInterval == true)

			{

				rc = pc.checkRegeneratePassword();

				if (rc == Constants.ERR_PASSWD_CHANGE_INTERVAL ) 

				{

					return Constants.ERR_PASSWD_CHANGE_INTERVAL;

				}

			}

			rc = pc.VerifyPassword(oldPassword);

			if (rc == Constants.ERR_SUCCESS || 

					rc == Constants.ERR_PASSWD_EXPIRED || 

					rc == Constants.ERR_PASSWD_EXPIRED_NOTIFICATION) 

			{

				rc = pc.GeneratePassword(newPassword, true);

			}

			userBean = (MinimalUserBean) pc.getUpdatedObject();

			// update database

			boolean lrc = userDao.updateUserToStore(userBean, null);

			if (!lrc) 

			{

				rc = Constants.ERR_SYSTEM_NOT_READY;

			}

		}

		catch(Exception e)

		{

			e.printStackTrace ();

		}

		return rc;

	}

}

/**

 * Copyright (c) 2010 Penril Datability (M) Sdn Bhd All rights reserved.

 *

 * This software is copyrighted. Under the copyright laws, this software

 * may not be copied, in whole or in part, without prior written consent

 * of Penril Datability (M) Sdn Bhd or its assignees. This software is

 * provided under the terms of a license between Penril Datability (M)

 * Sdn Bhd and the recipient, and its use is subject to the terms of that

 * license.

 */

package my.com.upass.services;

import java.util.Date;

import java.util.StringTokenizer;

import my.com.upass.Constants;

import my.com.upass.UPassControllerV2;

import my.com.upass.dao.DAOFactoryProvider;

import my.com.upass.dao.UserDAO;

import my.com.upass.factory.UPassFactory;

import my.com.upass.pojo.MinimalUserBean;

import my.com.upass.spassword.PasswordController;

/**

 * PROGRAMMER: Danniell

 * CHANGE-NO:

 * TASK-NO:

 * DATE CREATED: Dec 29, 2011

 * TAG AS:

 * REASON(S):

 * MODIFICATION:

 */

/**

 * <Class description>

 */

public class CheckPasswordReusedService

{

	private UPassControllerV2 upc;

	public CheckPasswordReusedService(UPassControllerV2 upc)

	{

		this.upc = upc;

	}

	public int CheckPasswordReused (String userAlias, String password)

	{

		String token;

		if (userAlias == null || password == null)

		{

			return Constants.ERR_INVALID_INPUT;

		}

		try

		{

			UserDAO userDao = DAOFactoryProvider.getDAOFactory ().getUserDAO ();

			MinimalUserBean userBean = userDao.getUserFromStore (userAlias, null);

			if (userBean == null)

			{

				return Constants.ERR_USERALIAS_NOT_FOUND;

			}

			// verify user state, must be active (not inactive|locked|deleted)

			switch (userBean.getUstate ())

			{

				case (Constants.UID_STATE_ACTIVE):

					break;

				case (Constants.UID_STATE_TMP_LOCKED):

					Date now = new Date ();

					if (userBean.getUdateLockedTo ().after (now))

					{

						return Constants.ERR_INVALID_STATE;

					}

					break;

				default:

					return Constants.ERR_INVALID_STATE;

			}

			PasswordController pc = UPassFactory.getPasswordController (

					userBean, upc.getConfigurationsMap ());

			String cipherText = pc.SHA256 (userBean.getUserAlias(), password);

			if (userBean.getPhistoryList () != null)

			{

				StringTokenizer stz = new StringTokenizer (

						userBean.getPhistoryList (), ":");

				while (stz.hasMoreTokens ())

				{

					token = stz.nextToken ();

					if (cipherText.equals (token))

					{

						return Constants.ERR_REUSED_PASSWD;

					}

				}

			}

			return Constants.ERR_SUCCESS;

		}

		catch (Exception e)

		{

			e.printStackTrace ();

			return Constants.ERR_SYSTEM_NOT_READY;

		}

	}

}

package my.com.upass.services;

import my.com.upass.ConfigBean;

import my.com.upass.Constants;

import my.com.upass.UPassControllerV2;

import my.com.upass.pojo.UserBean;

import my.com.upass.spassword.PasswordController;

public class VerifyPasswordComplexityService {

	private UPassControllerV2 upc;

	public VerifyPasswordComplexityService(UPassControllerV2 upc)

	{

		this.upc = upc;

	}

	public int verifyPasswordComplexity(String userPassword, int applicationId){

		int rc = Constants.ERR_SYSTEM_NOT_READY;

		try {

			UserBean ub = new UserBean();

			ub.setApplicationId(applicationId);

			PasswordController pc = new PasswordController(ub, upc.getConfigurationsMap());

			ConfigBean configBean = pc.getConfigBean ();

			if (pc.patternValidator(userPassword, configBean.getPasswordAcceptPattern()))

			{

				rc = Constants.ERR_SUCCESS;

			}

			else

			{

				rc = Constants.ERR_PASSWD_WEAK;

			}

		} catch (Exception e) {

			e.printStackTrace();

		}

		return rc;

	}

}