m2u-upass-core / src / my / com / upass / UPassControllerV2.java @ 2:dcd717e1bcae
History | View | Annotate | Download (47.6 KB)
1 |
/**
|
---|---|
2 |
* Copyright (M) 2010 Penril Datability (M) Sdn Bhd All rights reserved.
|
3 |
*
|
4 |
* This software is copyrighted. Under the copyright laws, this software
|
5 |
* may not be copied, in whole or in part, without prior written consent
|
6 |
* of Penril Datability (M) Sdn Bhd or its assignees. This software is
|
7 |
* provided under the terms of a license between Penril Datability (M)
|
8 |
* Sdn Bhd and the recipient, and its use is subject to the terms of that
|
9 |
* license.
|
10 |
*/
|
11 |
package my.com.upass; |
12 |
|
13 |
import java.text.ParseException; |
14 |
import java.text.SimpleDateFormat; |
15 |
import java.util.Date; |
16 |
import java.util.HashMap; |
17 |
import java.util.Iterator; |
18 |
import java.util.List; |
19 |
import java.util.Map; |
20 |
import java.util.Set; |
21 |
|
22 |
import my.com.upass.dao.ConfigurationDAO; |
23 |
import my.com.upass.dao.DAOFactoryProvider; |
24 |
import my.com.upass.factory.UPassFactory; |
25 |
import my.com.upass.pojo.ConfigurationBean; |
26 |
import my.com.upass.services.ActivateUserService; |
27 |
import my.com.upass.services.AssignTokenService; |
28 |
import my.com.upass.services.ChangeStaticPasswordService; |
29 |
import my.com.upass.services.CheckPasswordReusedService; |
30 |
import my.com.upass.services.CreateUserService; |
31 |
import my.com.upass.services.DeleteTokenService; |
32 |
import my.com.upass.services.DisableTacService; |
33 |
import my.com.upass.services.DisableTokenService; |
34 |
import my.com.upass.services.GenerateSecurityCodeService; |
35 |
import my.com.upass.services.GenerateTacService; |
36 |
import my.com.upass.services.LoadTokenService; |
37 |
import my.com.upass.services.LockUserService; |
38 |
import my.com.upass.services.ModifyUserService; |
39 |
import my.com.upass.services.QueryInfoService; |
40 |
import my.com.upass.services.ResetTacService; |
41 |
import my.com.upass.services.ResetTokenService; |
42 |
import my.com.upass.services.SynchronizeTokenService; |
43 |
import my.com.upass.services.VerifyPasswordComplexityService; |
44 |
import my.com.upass.services.VerifySecurityCodeService; |
45 |
import my.com.upass.services.VerifyStaticPasswordService; |
46 |
import my.com.upass.services.VerifyTacService; |
47 |
import my.com.upass.services.VerifyTokenService; |
48 |
import my.com.upass.services.DeleteUserService; |
49 |
|
50 |
import org.apache.log4j.Logger; |
51 |
|
52 |
/**
|
53 |
* PROGRAMMER: Danniell
|
54 |
* CHANGE-NO:
|
55 |
* TASK-NO:
|
56 |
* DATE CREATED: Oct 8, 2011
|
57 |
* TAG AS:
|
58 |
* REASON(S):
|
59 |
* MODIFICATION:
|
60 |
*/
|
61 |
|
62 |
/**
|
63 |
* Data Access Object version of UPASS Controller
|
64 |
*/
|
65 |
/**
|
66 |
* @author Enson
|
67 |
*
|
68 |
*/
|
69 |
public class UPassControllerV2 |
70 |
{ |
71 |
private static Logger logger = Logger.getLogger(UPassControllerV2.class); |
72 |
private static Map<Integer, ConfigBean> configurationMap = new HashMap<Integer, ConfigBean>(); |
73 |
|
74 |
private VerifyStaticPasswordService verifyStaticPasswordService = new VerifyStaticPasswordService(this); |
75 |
private ChangeStaticPasswordService changeStaticPasswordService = new ChangeStaticPasswordService(this); |
76 |
private CheckPasswordReusedService checkPasswordReusedService = new CheckPasswordReusedService(this); |
77 |
private GenerateTacService generateTacService = new GenerateTacService(this); |
78 |
private VerifyTacService verifyTacService = new VerifyTacService(this); |
79 |
private ResetTacService resetTacService = new ResetTacService(this); |
80 |
private GenerateSecurityCodeService generateSecurityCodeService = new GenerateSecurityCodeService(this); |
81 |
private VerifySecurityCodeService verifySecurityCodeService = new VerifySecurityCodeService(this); |
82 |
private DisableTacService disableTacService = new DisableTacService(this); |
83 |
private CreateUserService createUserService = new CreateUserService(this); |
84 |
private ModifyUserService modifyUserService = new ModifyUserService(this); |
85 |
private ActivateUserService activateUserService = new ActivateUserService(); |
86 |
private QueryInfoService queryInfoService = new QueryInfoService(); |
87 |
private LockUserService lockUserService = new LockUserService(); |
88 |
private VerifyTokenService verifyTokenService = new VerifyTokenService(); |
89 |
private LoadTokenService loadTokenService = new LoadTokenService(); |
90 |
private ResetTokenService resetTokenService = new ResetTokenService(); |
91 |
private DeleteTokenService deleteTokenService = new DeleteTokenService(); |
92 |
private AssignTokenService assignTokenService = new AssignTokenService(); |
93 |
private DisableTokenService disableTokenService = new DisableTokenService(); |
94 |
private SynchronizeTokenService synchronizeTokenService = new SynchronizeTokenService(); |
95 |
private VerifyPasswordComplexityService verifyPasswordComplexityService = new VerifyPasswordComplexityService(this); |
96 |
|
97 |
private DeleteUserService DeleteUserService = new DeleteUserService(this); |
98 |
|
99 |
private static boolean configFirstLoad = true; |
100 |
|
101 |
public UPassControllerV2()
|
102 |
{ |
103 |
initializeConfigurations(); |
104 |
} |
105 |
|
106 |
private void initializeConfigurations() |
107 |
{ |
108 |
try
|
109 |
{ |
110 |
ConfigurationDAO configurationDAO = DAOFactoryProvider.getDAOFactory().getConfigurationDAO(); |
111 |
boolean isConfigChange = configurationDAO.isConfigChanged();
|
112 |
|
113 |
if (configFirstLoad || isConfigChange)
|
114 |
{ |
115 |
logger.info("Refresh Configuration ....");
|
116 |
|
117 |
List<ConfigurationBean> configurations = configurationDAO.getConfigurationsFromStore();
|
118 |
ConfigurationBean configPojo; |
119 |
ConfigBean configBean = null;
|
120 |
|
121 |
int configType;
|
122 |
Iterator<ConfigurationBean> itr = configurations.iterator();
|
123 |
while (itr.hasNext())
|
124 |
{ |
125 |
configPojo = itr.next(); |
126 |
configType = configPojo.getApplicationId(); |
127 |
|
128 |
configBean = configurationMap.get(configType); |
129 |
if (configBean == null) |
130 |
{ |
131 |
configBean = new ConfigBean();
|
132 |
} |
133 |
|
134 |
logger.info("COnfig Type:" + configType + "=config name:" + configPojo.getConfigName() |
135 |
+ "=config Value:" + configPojo.getConfigValue());
|
136 |
configBean.setConfigBean(configPojo.getConfigName(), configPojo.getConfigValue()); |
137 |
|
138 |
configurationMap.put(configType, configBean); |
139 |
|
140 |
configFirstLoad = false; // this value dictate for every instance restart to refresh the map. After |
141 |
// first load, turn it off
|
142 |
} |
143 |
logger.info("Refresh Configuration Done ....");
|
144 |
} |
145 |
} catch (Exception e) |
146 |
{ |
147 |
logger.error(e); |
148 |
} |
149 |
} |
150 |
|
151 |
/**
|
152 |
* @return the configurationsMap
|
153 |
*/
|
154 |
public Map<Integer, ConfigBean> getConfigurationsMap() |
155 |
{ |
156 |
return configurationMap;
|
157 |
} |
158 |
|
159 |
/**
|
160 |
* @return the configurationsMap
|
161 |
*/
|
162 |
public ConfigBean setConfigurationBean(Map<String, String> paramMap) |
163 |
{ |
164 |
ConfigBean configBean = new ConfigBean();
|
165 |
@SuppressWarnings("rawtypes") |
166 |
Set keys = paramMap.keySet();
|
167 |
for (@SuppressWarnings("rawtypes") |
168 |
Iterator i = keys.iterator(); i.hasNext();) {
|
169 |
String configName = (String) i.next(); |
170 |
String configValue = (String) paramMap.get(configName); |
171 |
configBean.setConfigBean(configName, configValue); |
172 |
} |
173 |
|
174 |
return configBean;
|
175 |
} |
176 |
|
177 |
// ////////////////////////////////////////////////////////////////////////////////////////
|
178 |
// Static Password Methods
|
179 |
// /////////////////////////////////////////////////////////////////////////////////////////
|
180 |
/**
|
181 |
* This method verify static password generated using SP_ChangeStaticPassword()
|
182 |
* and also check for user dormant status
|
183 |
*
|
184 |
* @param userAlias
|
185 |
* @param password
|
186 |
* @return ERR_code defined in the Constants.<br/>
|
187 |
* ERR_SUCCESS<br/>
|
188 |
* ERR_SYSTEM_NOT_READY<br/>
|
189 |
* ERR_USERALIAS_NOT_FOUND <br/>
|
190 |
* ERR_INVALID_STATE - user not active or temporary suspended.<br/>
|
191 |
* ERR_APP_SERV_NOT_PERMITTED - for operation not allowed for the user type.<br/>
|
192 |
* ERR_EXCEED_MAX_TRIES - used ModifyUser to reset password.<br/>
|
193 |
* ERR_INVALID_CREDENTIAL<br/>
|
194 |
* ERR_PASSWD_EXPIRED - password is valid but expired, suggest to change new password.<br/>
|
195 |
*/
|
196 |
public int SP_Login(String userAlias, String password) |
197 |
{ |
198 |
int rc = verifyStaticPasswordService.login(userAlias, password, false, 0); |
199 |
logger.info("SP_Login - user alias: [" + userAlias + "] Return: " + rc); |
200 |
return rc;
|
201 |
} |
202 |
|
203 |
/**
|
204 |
* This method verify static password generated using SP_ChangeStaticPassword().
|
205 |
*
|
206 |
* @param userAlias
|
207 |
* @param password
|
208 |
* @return ERR_code defined in the Constants.<br/>
|
209 |
* ERR_SUCCESS<br/>
|
210 |
* ERR_SYSTEM_NOT_READY<br/>
|
211 |
* ERR_USERALIAS_NOT_FOUND <br/>
|
212 |
* ERR_INVALID_STATE - user not active or temporary suspended.<br/>
|
213 |
* ERR_APP_SERV_NOT_PERMITTED - for operation not allowed for the user type.<br/>
|
214 |
* ERR_EXCEED_MAX_TRIES - used ModifyUser to reset password.<br/>
|
215 |
* ERR_INVALID_CREDENTIAL<br/>
|
216 |
* ERR_PASSWD_EXPIRED - password is valid but expired, suggest to change new password.<br/>
|
217 |
*/
|
218 |
public int SP_VerifyStaticPassword(String userAlias, String password) |
219 |
{ |
220 |
int rc = verifyStaticPasswordService.verifyStaticPassword(userAlias, password, false, 0); |
221 |
logger.info("SP_VerifyStaticPassword - user alias: [" + userAlias + "] Return: " + rc); |
222 |
return rc;
|
223 |
} |
224 |
|
225 |
/**
|
226 |
* This method generate static password and to be using SP_VerifyStaticPassword()
|
227 |
*
|
228 |
* @param userAlias
|
229 |
* @param newPassword
|
230 |
* @param oldPassword
|
231 |
* @return ERR_code defined in the Constants<br/>
|
232 |
* ERR_SUCCESS<br/>
|
233 |
* ERR_SYSTEM_NOT_READY<br/>
|
234 |
* ERR_USERALIAS_NOT_FOUND<br/>
|
235 |
* ERR_INVALID_STATE - user not active or temporary suspended.<br/>
|
236 |
* ERR_APP_SERV_NOT_PERMITTED - for operation not allowed for the user type.<br/>
|
237 |
* ERR_EXCEED_MAX_TRIES - used ModifyUser to reset password.<br/>
|
238 |
* ERR_INVALID_CREDENTIAL<br/>
|
239 |
* ERR_REUSED_PASSWD - reuse previous generated password.<br/>
|
240 |
*/
|
241 |
public int SP_ChangeStaticPassword(String userAlias, String newPassword, String oldPassword) |
242 |
{ |
243 |
int rc = changeStaticPasswordService.changeStaticPassword(userAlias, newPassword, oldPassword, true); |
244 |
logger.info("SP_ChangeStaticPassword - user alias: [" + userAlias + "] Return: " + rc); |
245 |
return rc;
|
246 |
} |
247 |
|
248 |
public int SP_ForceChangeStaticPassword(String userAlias, String newPassword, String oldPassword) |
249 |
{ |
250 |
int rc = changeStaticPasswordService.changeStaticPassword(userAlias, newPassword, oldPassword, false); |
251 |
logger.info("SP_ChangeStaticPassword - user alias: [" + userAlias + "] Return: " + rc); |
252 |
return rc;
|
253 |
} |
254 |
|
255 |
public int UA_CheckPasswordReused(String userAlias, String password) |
256 |
{ |
257 |
int rc = checkPasswordReusedService.CheckPasswordReused(userAlias, password);
|
258 |
logger.info("UA_CheckPasswordReused - user alias: [" + userAlias + "] Return: " + rc); |
259 |
return rc;
|
260 |
} |
261 |
|
262 |
// /////////////////////////////////////////////////////////////////////////////////////////
|
263 |
// TAC Methods ...
|
264 |
// /////////////////////////////////////////////////////////////////////////////////////////
|
265 |
|
266 |
/**
|
267 |
* This method to Generate 6-digit TAC.
|
268 |
*
|
269 |
* @param userAlias
|
270 |
* @param appId
|
271 |
* TODO
|
272 |
* @return 6-digit TAC or Error code with prefix *** <br/>
|
273 |
* ***98 ERR_SYSTEM_NOT_READY<br/>
|
274 |
* ***6 ERR_USERALIAS_NOT_FOUND<br/>
|
275 |
* ***12 ERR_TAC_ALREADY_EXIST - Repeated request within allowed period<br/>
|
276 |
*/
|
277 |
public String GenerateTAC(String userAlias, int appId) { |
278 |
|
279 |
String tac = generateTacService.generateTAC(userAlias, null, null, appId); |
280 |
logger.info(userAlias + " Return=" + tac.substring(2)); |
281 |
return tac;
|
282 |
} |
283 |
|
284 |
/**
|
285 |
* This method to Generate 6-digit TAC with SessionID verification.
|
286 |
*
|
287 |
* @param userAlias
|
288 |
* @param sessionID
|
289 |
* 16-Characters SessionID
|
290 |
* @param appId
|
291 |
* TODO
|
292 |
* @return 6-digit TAC or Error code with prefix *** <br/>
|
293 |
* ***98 ERR_SYSTEM_NOT_READY<br/>
|
294 |
* ***6 ERR_USERALIAS_NOT_FOUND<br/>
|
295 |
* ***12 ERR_TAC_ALREADY_EXIST - Repeated request within allowed period<br/>
|
296 |
*/
|
297 |
public String GenerateTAC(String userAlias, String sessionID, int appId) { |
298 |
|
299 |
String tac = generateTacService.generateTAC(userAlias, sessionID, null, appId); |
300 |
logger.info(userAlias + " SessionID=" + sessionID + " Return=" + tac.substring(2)); |
301 |
return tac;
|
302 |
} |
303 |
|
304 |
/**
|
305 |
* This method to Generate 6-digit TAC with SessionID verification.
|
306 |
*
|
307 |
* @param userAlias
|
308 |
* @param sessionID
|
309 |
* 16-Characters SessionID
|
310 |
* @param nonce
|
311 |
* Additional nonce value
|
312 |
* @param appId
|
313 |
* TODO
|
314 |
* @return 6-digit TAC or Error code with prefix *** <br/>
|
315 |
* ***98 ERR_SYSTEM_NOT_READY<br/>
|
316 |
* ***6 ERR_USERALIAS_NOT_FOUND<br/>
|
317 |
* ***12 ERR_TAC_ALREADY_EXIST - Repeated request within allowed period<br/>
|
318 |
*/
|
319 |
public String GenerateTAC(String userAlias, String sessionID, String nonce, int appId) { |
320 |
|
321 |
String tac = generateTacService.generateTAC(userAlias, sessionID, nonce, appId);
|
322 |
logger.info(userAlias + " SessionID=" + sessionID + " Return=" + tac.substring(2)); |
323 |
return tac;
|
324 |
} |
325 |
|
326 |
/**
|
327 |
* This method to verify 6-digit TAC generated by GenerateTAC()
|
328 |
*
|
329 |
* @param userAlias
|
330 |
* @param inTac
|
331 |
* User inputs TAC
|
332 |
* @param appId
|
333 |
* TODO
|
334 |
* @return ERR_code defined in the Constants<br/>
|
335 |
* ERR_SUCCESS<br/>
|
336 |
* ERR_SYSTEM_NOT_READY<br/>
|
337 |
* ERR_USERALIAS_NOT_FOUND<br/>
|
338 |
* ERR_INVALID_STATE - Verify method call before generation; TAC disabled.<br/>
|
339 |
* ERR_EXCEED_MAX_TRIES<br/>
|
340 |
* ERR_INVALID_CREDENTIAL<br/>
|
341 |
* ERR_PASSWD_EXPIRED - TAC expired.<br/>
|
342 |
*/
|
343 |
public int VerifyTAC(String userAlias, String inTac, int appId) { |
344 |
|
345 |
int rc = verifyTacService.verifyTAC(userAlias, inTac, null, appId); |
346 |
logger.info("VerifyTAC - user alias: [" + userAlias + "] Return: " + rc); |
347 |
return rc;
|
348 |
} |
349 |
|
350 |
/**
|
351 |
* This method to verify 6-digit TAC generated by GenerateTAC() with SessionID verification
|
352 |
*
|
353 |
* @param userAlias
|
354 |
* @param inTac
|
355 |
* User inputs TAC
|
356 |
* @param sessionID
|
357 |
* 16-Characters SessionID
|
358 |
* @param appId
|
359 |
* TODO
|
360 |
* @return ERR_code defined in the Constants<br/>
|
361 |
* ERR_SUCCESS<br/>
|
362 |
* ERR_SYSTEM_NOT_READY<br/>
|
363 |
* ERR_USERALIAS_NOT_FOUND<br/>
|
364 |
* ERR_INVALID_STATE - Verify method call before generation; TAC disabled.<br/>
|
365 |
* ERR_EXCEED_MAX_TRIES<br/>
|
366 |
* ERR_INVALID_CREDENTIAL<br/>
|
367 |
* ERR_PASSWD_EXPIRED - TAC expired.<br/>
|
368 |
* ERR_INVALID_SESSION<br/>
|
369 |
*/
|
370 |
public int VerifyTAC(String userAlias, String inTac, String sessionID, int appId) { |
371 |
|
372 |
return VerifyTAC(userAlias, inTac, sessionID, null, appId); |
373 |
} |
374 |
|
375 |
/**
|
376 |
* This method to verify 6-digit TAC generated by GenerateTAC() with SessionID verification
|
377 |
*
|
378 |
* @param userAlias
|
379 |
* @param inTac
|
380 |
* User inputs TAC
|
381 |
* @param sessionID
|
382 |
* 16-Characters SessionID
|
383 |
* @param nonce
|
384 |
* Additional nonce value
|
385 |
* @param appId
|
386 |
* TODO
|
387 |
* @return ERR_code defined in the Constants<br/>
|
388 |
* ERR_SUCCESS<br/>
|
389 |
* ERR_SYSTEM_NOT_READY<br/>
|
390 |
* ERR_USERALIAS_NOT_FOUND<br/>
|
391 |
* ERR_INVALID_STATE - Verify method call before generation; TAC disabled.<br/>
|
392 |
* ERR_EXCEED_MAX_TRIES<br/>
|
393 |
* ERR_INVALID_CREDENTIAL<br/>
|
394 |
* ERR_PASSWD_EXPIRED - TAC expired.<br/>
|
395 |
* ERR_INVALID_SESSION<br/>
|
396 |
*/
|
397 |
public int VerifyTAC(String userAlias, String inTac, String sessionID, String nonce, int appId) { |
398 |
|
399 |
int rc = verifyTacService.verifyTAC(userAlias, inTac, sessionID, nonce, appId);
|
400 |
logger.info("VerifyTAC - user alias: [" + userAlias + "] SessID: [" + sessionID + "] Return: " + rc); |
401 |
return rc;
|
402 |
} |
403 |
|
404 |
/**
|
405 |
* This method is to reset Error Count to Zero and set state to PASSWD_STATUS_ENABLE
|
406 |
*
|
407 |
* @param adminUserAlias
|
408 |
* @param adminUserPassword
|
409 |
* @param userAlias
|
410 |
* @return ERR_code defined in the Constants<br/>
|
411 |
* ERR_SUCCESS<br/>
|
412 |
* ERR_SYSTEM_NOT_READY<br/>
|
413 |
* ERR_USERALIAS_NOT_FOUND <br/>
|
414 |
* ERR_INVALID_STATE - admin not active or temporary suspended.<br/>
|
415 |
* ERR_APP_SERV_NOT_PERMITTED - for operation not allowed for the user type.<br/>
|
416 |
* ERR_EXCEED_MAX_TRIES<br/>
|
417 |
* ERR_INVALID_CREDENTIAL<br/>
|
418 |
* ERR_UNKNOWN<br/>
|
419 |
*/
|
420 |
public int ResetTAC(String adminUserAlias, String adminUserPassword, String userAlias) { |
421 |
|
422 |
int rc = verifyStaticPasswordService.verifyStaticPassword(
|
423 |
adminUserAlias, adminUserPassword, true, Constants.UTYPE_STATE_ADMIN);
|
424 |
|
425 |
if (rc != Constants.ERR_SUCCESS) {
|
426 |
return rc;
|
427 |
} |
428 |
rc = resetTacService.resetTAC(userAlias); |
429 |
logger.info("ResetTAC - user alias: [" + userAlias + "] Return: " + rc); |
430 |
return rc;
|
431 |
} |
432 |
|
433 |
/**
|
434 |
* This method is to set state to PASSWD_STATUS_DISABLE
|
435 |
*
|
436 |
* @param adminUserAlias
|
437 |
* @param adminUserPassword
|
438 |
* @param userAlias
|
439 |
* @return ERR_code defined in the Constants<br/>
|
440 |
* ERR_SUCCESS<br/>
|
441 |
* ERR_SYSTEM_NOT_READY<br/>
|
442 |
* ERR_USERALIAS_NOT_FOUND <br/>
|
443 |
* ERR_INVALID_STATE - admin not active or temporary suspended.<br/>
|
444 |
* ERR_APP_SERV_NOT_PERMITTED - for operation not allowed for the user type.<br/>
|
445 |
* ERR_EXCEED_MAX_TRIES<br/>
|
446 |
* ERR_INVALID_CREDENTIAL<br/>
|
447 |
* ERR_UNKNOWN<br/>
|
448 |
*/
|
449 |
public int DisableTAC(String adminUserAlias, String adminUserPassword, String userAlias) { |
450 |
|
451 |
int rc = verifyStaticPasswordService.verifyStaticPassword(
|
452 |
adminUserAlias, adminUserPassword, true, Constants.UTYPE_STATE_ADMIN);
|
453 |
|
454 |
if (rc != Constants.ERR_SUCCESS) {
|
455 |
return rc;
|
456 |
} |
457 |
rc = disableTacService.disableTAC(userAlias); |
458 |
logger.info("DisableTAC - user alias: [" + userAlias + "] Return: " + rc); |
459 |
return rc;
|
460 |
} |
461 |
|
462 |
// /////////////////////////////////////////////////////////////////////////////////////////
|
463 |
// User Administration methods.
|
464 |
// /////////////////////////////////////////////////////////////////////////////////////////
|
465 |
|
466 |
/**
|
467 |
* This method to add online users to the system
|
468 |
*
|
469 |
* @param adminUserAlias
|
470 |
* @param adminUserPassword
|
471 |
* @param userAlias
|
472 |
* @param userDesc
|
473 |
* @param userPassword
|
474 |
* @param appId
|
475 |
* @return ERR_code defined in the Constants<br/>
|
476 |
* ERR_SUCCESS<br/>
|
477 |
* ERR_SYSTEM_NOT_READY<br/>
|
478 |
* ERR_USERALIAS_NOT_FOUND <br/>
|
479 |
* ERR_INVALID_STATE - admin not active or temporary suspended.<br/>
|
480 |
* ERR_APP_SERV_NOT_PERMITTED - for operation not allowed for the user type.<br/>
|
481 |
* ERR_EXCEED_MAX_TRIES<br/>
|
482 |
* ERR_INVALID_CREDENTIAL<br/>
|
483 |
* ERR_INVALID_INPUT - internal error.<br/>
|
484 |
* ERR_ALREADY_EXIST<br/>
|
485 |
* ERR_INVALID_USERALIAS - User alias does not match with defined pattern <br/>
|
486 |
* ERR_PASSWORD_SAMEAS_USERALIAS - password is same is user name error <br/>
|
487 |
*/
|
488 |
|
489 |
public int UA_AddUser( |
490 |
String adminUserAlias, String adminUserPassword, |
491 |
String userAlias, String userDesc, String userPassword, int appId) { |
492 |
|
493 |
// check if password is similar to user alias
|
494 |
if (userAlias.equalsIgnoreCase(userPassword)) {
|
495 |
return Constants.ERR_PASSWORD_SAMEAS_USERALIAS;
|
496 |
} |
497 |
int rc = verifyStaticPasswordService.verifyStaticPassword(
|
498 |
adminUserAlias, adminUserPassword, true, Constants.UTYPE_STATE_ADMIN);
|
499 |
|
500 |
if (rc != Constants.ERR_SUCCESS) {
|
501 |
return rc;
|
502 |
} |
503 |
rc = createUserService.addUser(userAlias, Constants.UTYPE_STATE_USER, |
504 |
userDesc, userPassword, Constants.UID_STATE_ACTIVE, appId); |
505 |
|
506 |
logger.info("UA_AddUser - user alias: [" + userAlias + "] Return: " + rc); |
507 |
return rc;
|
508 |
} |
509 |
|
510 |
/**
|
511 |
* This method to Modify online users to the system
|
512 |
*
|
513 |
* @param adminUserAlias
|
514 |
* @param adminUserPassword
|
515 |
* @param userAlias
|
516 |
* @param userDesc
|
517 |
* - can be null - Null denotes no description will be modified.
|
518 |
* @param userPassword
|
519 |
* - can be null - Null denotes no password will be modified.
|
520 |
* @return ERR_code defined in the Constants<br/>
|
521 |
* ERR_SUCCESS<br/>
|
522 |
* ERR_SYSTEM_NOT_READY<br/>
|
523 |
* ERR_USERALIAS_NOT_FOUND <br/>
|
524 |
* ERR_INVALID_STATE - admin not active or temporary suspended.<br/>
|
525 |
* ERR_APP_SERV_NOT_PERMITTED - for operation not allowed for the user type.<br/>
|
526 |
* ERR_EXCEED_MAX_TRIES<br/>
|
527 |
* ERR_INVALID_CREDENTIAL<br/>
|
528 |
* ERR_INVALID_INPUT - internal error.<br/>
|
529 |
* ERR_USERALIAS_NOT_FOUND<br/>
|
530 |
* ERR_INVALID_USERALIAS - User alias does not match with defined pattern <br/>
|
531 |
* ERR_REUSED_PASSWD - the password entered was used previously.<br/>
|
532 |
*/
|
533 |
public int UA_ModifyUser(String adminUserAlias, String adminUserPassword, |
534 |
String userAlias, String userDesc, String userPassword) |
535 |
{ |
536 |
// check if password is similar to user alias
|
537 |
if (userAlias.equalsIgnoreCase(userPassword)) {
|
538 |
return Constants.ERR_PASSWORD_SAMEAS_USERALIAS;
|
539 |
} |
540 |
|
541 |
int rc = verifyStaticPasswordService.verifyStaticPassword(
|
542 |
adminUserAlias, adminUserPassword, true,
|
543 |
Constants.UTYPE_STATE_ADMIN); |
544 |
|
545 |
if (rc != Constants.ERR_SUCCESS)
|
546 |
{ |
547 |
return rc;
|
548 |
} |
549 |
|
550 |
rc = modifyUserService.modifyUser(userAlias, |
551 |
Constants.UTYPE_STATE_USER, userDesc, userPassword, |
552 |
Constants.UID_STATE_ACTIVE); |
553 |
|
554 |
logger.info("UA_ModifyUser - user alias: [" + userAlias + "] Return: " |
555 |
+ rc); |
556 |
|
557 |
return rc;
|
558 |
} |
559 |
|
560 |
/**
|
561 |
* This method to add admin users to the system
|
562 |
*
|
563 |
* @param rootAlias
|
564 |
* @param rootPassword
|
565 |
* @param adminUserAlias
|
566 |
* @param adminDesc
|
567 |
* @param adminUserPassword
|
568 |
* @return ERR_code defined in the Constants<br/>
|
569 |
* ERR_SUCCESS<br/>
|
570 |
* ERR_SYSTEM_NOT_READY<br/>
|
571 |
* ERR_USERALIAS_NOT_FOUND <br/>
|
572 |
* ERR_INVALID_STATE - root not active or temporary suspended.<br/>
|
573 |
* ERR_APP_SERV_NOT_PERMITTED - for operation not allowed for the user type.<br/>
|
574 |
* ERR_EXCEED_MAX_TRIES<br/>
|
575 |
* ERR_INVALID_CREDENTIAL<br/>
|
576 |
* ERR_INVALID_INPUT - internal error.<br/>
|
577 |
* ERR_ALREADY_EXIST<br/>
|
578 |
* ERR_INVALID_USERALIAS - User alias does not match with defined pattern <br/>
|
579 |
* ERR_PASSWORD_SAMEAS_USERALIAS - password is same is user name error <br/>
|
580 |
*/
|
581 |
public int AD_AddUser(String rootAlias, String rootPassword, |
582 |
String adminUserAlias, String adminDesc, String adminUserPassword) |
583 |
{ |
584 |
// check if password is similar to user alias
|
585 |
if (rootAlias.equalsIgnoreCase(rootPassword)) {
|
586 |
return Constants.ERR_PASSWORD_SAMEAS_USERALIAS;
|
587 |
} |
588 |
|
589 |
int rc = verifyStaticPasswordService.verifyStaticPassword(
|
590 |
rootAlias, rootPassword, true, Constants.UTYPE_STATE_ROOT);
|
591 |
|
592 |
if (rc != Constants.ERR_SUCCESS)
|
593 |
{ |
594 |
return rc;
|
595 |
} |
596 |
|
597 |
rc = createUserService.addUser(adminUserAlias, |
598 |
Constants.UTYPE_STATE_ADMIN, adminDesc, adminUserPassword, |
599 |
Constants.UID_STATE_ACTIVE, Constants.SYSTEM_ID); |
600 |
|
601 |
logger.info("AD_AddUser - admin user alias: [" + adminUserAlias
|
602 |
+ "] Return: " + rc);
|
603 |
|
604 |
return rc;
|
605 |
} |
606 |
|
607 |
/**
|
608 |
* This method to modify admin users to the system
|
609 |
*
|
610 |
* @param rootAlias
|
611 |
* @param rootPassword
|
612 |
* @param adminUserAlias
|
613 |
* @param adminDesc
|
614 |
* - can be null - Null denotes no description will be modified.
|
615 |
* @param adminUserPassword
|
616 |
* - can be null - Null denotes no password will be modified.
|
617 |
* @return ERR_code defined in the Constants.<br/>
|
618 |
* ERR_SUCCESS<br/>
|
619 |
* ERR_SYSTEM_NOT_READY<br/>
|
620 |
* ERR_USERALIAS_NOT_FOUND <br/>
|
621 |
* ERR_INVALID_STATE - root not active or temporary suspended.<br/>
|
622 |
* ERR_APP_SERV_NOT_PERMITTED - for operation not allowed for the user type.<br/>
|
623 |
* ERR_EXCEED_MAX_TRIES<br/>
|
624 |
* ERR_INVALID_CREDENTIAL<br/>
|
625 |
* ERR_INVALID_INPUT - internal error.<br/>
|
626 |
* ERR_USERALIAS_NOT_FOUND<br/>
|
627 |
* ERR_REUSED_PASSWD - the password entered was used previously.<br/>
|
628 |
* ERR_PASSWD_WEAK - the password entered is too weak.<br/>
|
629 |
* ERR_INVALID_USERALIAS - User alias does not match with defined pattern <br/>
|
630 |
* ERR_PASSWORD_SAMEAS_USERALIAS - password is same is user name error <br/>
|
631 |
*/
|
632 |
public int AD_ModifyUser(String rootAlias, String rootPassword, |
633 |
String adminUserAlias, String adminDesc, String adminUserPassword) |
634 |
{ |
635 |
// check if password is similar to user alias
|
636 |
if (rootAlias.equalsIgnoreCase(rootPassword)) {
|
637 |
return Constants.ERR_PASSWORD_SAMEAS_USERALIAS;
|
638 |
} |
639 |
|
640 |
int rc = verifyStaticPasswordService.verifyStaticPassword(
|
641 |
rootAlias, rootPassword, true, Constants.UTYPE_STATE_ROOT);
|
642 |
|
643 |
if (rc != Constants.ERR_SUCCESS)
|
644 |
{ |
645 |
return rc;
|
646 |
} |
647 |
|
648 |
rc = modifyUserService.modifyUser(adminUserAlias, |
649 |
Constants.UTYPE_STATE_ADMIN, adminDesc, adminUserPassword, |
650 |
Constants.UID_STATE_ACTIVE); |
651 |
|
652 |
logger.info("AD_ModifyUser - admin user alias: [" + adminUserAlias
|
653 |
+ "] Return: " + rc);
|
654 |
|
655 |
return rc;
|
656 |
} |
657 |
|
658 |
/**
|
659 |
* This method to change online users state to ACTIVE status.
|
660 |
*
|
661 |
* @param adminUserAlias
|
662 |
* @param adminUserPassword
|
663 |
* @param userAlias
|
664 |
* @return ERR_code defined in the Constants.<br/>
|
665 |
* ERR_SUCCESS<br/>
|
666 |
* ERR_SYSTEM_NOT_READY<br/>
|
667 |
* ERR_USERALIAS_NOT_FOUND <br/>
|
668 |
* ERR_INVALID_STATE - admin not active or temporary suspended.<br/>
|
669 |
* ERR_APP_SERV_NOT_PERMITTED - for operation not allowed for the user type.<br/>
|
670 |
* ERR_EXCEED_MAX_TRIES<br/>
|
671 |
* ERR_INVALID_CREDENTIAL<br/>
|
672 |
* ERR_USERALIAS_NOT_FOUND<br/>
|
673 |
* ERR_UNKNOWN <br/>
|
674 |
*/
|
675 |
public int UA_ActivateUser(String adminUserAlias, String adminUserPassword, String userAlias) |
676 |
{ |
677 |
int rc = verifyStaticPasswordService.verifyStaticPassword(
|
678 |
adminUserAlias, adminUserPassword, true,
|
679 |
Constants.UTYPE_STATE_ADMIN); |
680 |
|
681 |
if (rc != Constants.ERR_SUCCESS)
|
682 |
{ |
683 |
return rc;
|
684 |
} |
685 |
|
686 |
rc = activateUserService.activateUser(userAlias); |
687 |
|
688 |
logger.info("UA_ActivateUser - user alias: [" + userAlias
|
689 |
+ "] Return: " + rc);
|
690 |
|
691 |
return rc;
|
692 |
} |
693 |
|
694 |
/**
|
695 |
* This method to change admin users state to ACTIVE status.
|
696 |
*
|
697 |
* @param rootAlias
|
698 |
* @param rootPassword
|
699 |
* @param adminUserAlias
|
700 |
* @return ERR_code defined in the Constants.<br/>
|
701 |
* ERR_SUCCESS<br/>
|
702 |
* ERR_SYSTEM_NOT_READY<br/>
|
703 |
* ERR_USERALIAS_NOT_FOUND <br/>
|
704 |
* ERR_INVALID_STATE - root not active or temporary suspended.<br/>
|
705 |
* ERR_APP_SERV_NOT_PERMITTED - for operation not allowed for the user type.<br/>
|
706 |
* ERR_EXCEED_MAX_TRIES<br/>
|
707 |
* ERR_INVALID_CREDENTIAL<br/>
|
708 |
* ERR_USERALIAS_NOT_FOUND<br/>
|
709 |
* ERR_UNKNOWN<br/>
|
710 |
*/
|
711 |
public int AD_ActivateUser(String rootAlias, String rootPassword, |
712 |
String adminUserAlias)
|
713 |
{ |
714 |
int rc = verifyStaticPasswordService.verifyStaticPassword(
|
715 |
rootAlias, rootPassword, true, Constants.UTYPE_STATE_ROOT);
|
716 |
|
717 |
if (rc != Constants.ERR_SUCCESS)
|
718 |
{ |
719 |
return rc;
|
720 |
} |
721 |
|
722 |
rc = activateUserService.activateUser(adminUserAlias); |
723 |
|
724 |
logger.info("AD_ActivateUser - admin user alias: [" + adminUserAlias
|
725 |
+ "] Return: " + rc);
|
726 |
|
727 |
return rc;
|
728 |
} |
729 |
|
730 |
/**
|
731 |
* This method is to check whether the user alias exist in the system.
|
732 |
*
|
733 |
* @param userAlias
|
734 |
* @return ERR_code defined in the Constants.<br/>
|
735 |
* ERR_SUCCESS 0 - found<br/>
|
736 |
* ERR_USERALIAS_NOT_FOUND 6<br/>
|
737 |
* ERR_SYSTEM_NOT_READY 98<br/>
|
738 |
*/
|
739 |
public int UA_IsUserExist(String userAlias) |
740 |
{ |
741 |
return queryInfoService.checkUserExistence(userAlias);
|
742 |
} |
743 |
|
744 |
/**
|
745 |
* This method is to get user type. Valid return is [0-root user | 1-admin user | 2-Ordinary User]
|
746 |
*
|
747 |
* @param userAlias
|
748 |
* @return <br/>
|
749 |
* UTYPE_STATE_ROOT = 0<br/>
|
750 |
* UTYPE_STATE_ADMIN = 1<br/>
|
751 |
* UTYPE_STATE_USER = 2<br/>
|
752 |
* ERR_USERALIAS_NOT_FOUND = 6<br/>
|
753 |
* ERR_SYSTEM_NOT_READY = 98<br/>
|
754 |
*/
|
755 |
|
756 |
public int UA_GetUserType(String userAlias) |
757 |
{ |
758 |
return queryInfoService.getUserType(userAlias);
|
759 |
} |
760 |
|
761 |
/**
|
762 |
* This method is to get attributes associated to user. Return type is HashMap<String,String>
|
763 |
* The object keys is as below:<br/>
|
764 |
* RC - Return Code [always present]<br/>
|
765 |
* RT - Return Code in Text [always present]<br/>
|
766 |
* <br/>
|
767 |
* The following data present only with the return is ERR_SUCCESS<br/>
|
768 |
* Type - User Type [0-Root User] [1-Admin User] [2-Ordinary User][9-SysControl]<br/>
|
769 |
* State - User State [0-Active] [1-Temporary Locked] [2-Locked] [3-Inactive] [4-Deleted]<br/>
|
770 |
* Description - User Description<br/>
|
771 |
* UseCount - Number of time the record being access<br/>
|
772 |
* DateCreated - Created date<br/>
|
773 |
* DateLastUsed - Last access of the record<br/>
|
774 |
* DateLastActivated - Last activation of the record<br/>
|
775 |
* DateLastLocked - Last date the user being locked<br/>
|
776 |
* DateLockedFrom - last date the user being locked from<br/>
|
777 |
* DateLockedTo - last date the user being locked to<br/>
|
778 |
*
|
779 |
* @param userAlias
|
780 |
* @return HashMap
|
781 |
*/
|
782 |
public HashMap<String, String> UA_GetUserData(String userAlias) |
783 |
{ |
784 |
return queryInfoService.getUserData(userAlias);
|
785 |
} |
786 |
|
787 |
/**
|
788 |
* This method is to get attributes associated to password. Return type is HashMap<String,String>
|
789 |
* The object keys is as below:<br/>
|
790 |
* RC - Return Code [always present]<br/>
|
791 |
* RT - Return Code in Text [always present]<br/>
|
792 |
* <br/>
|
793 |
* The following data present only with the return is ERR_SUCCESS<br/>
|
794 |
* State - Password State [0-Enable] [1-Disable] [2-OneTime Use]<br/>
|
795 |
* ExpiryStatus - Expiry Status [0-Will Expired][1-Never Expired]
|
796 |
* UseCount - Number of time the record being access<br/>
|
797 |
* ErrorCount - Number of time the password verified error<br/>
|
798 |
* DateCreated - Created date<br/>
|
799 |
* DateFirstUsed - First access of the password<br/>
|
800 |
* DateLastUsed - Last access of the password<br/>
|
801 |
* DatePasswdExpired - Expiry date of the password<br/>
|
802 |
*
|
803 |
* @param userAlias
|
804 |
* @return HashMap
|
805 |
*/
|
806 |
public HashMap<String, String> QueryPassword(String userAlias) |
807 |
{ |
808 |
return queryInfoService.queryPassword(userAlias);
|
809 |
} |
810 |
|
811 |
/**
|
812 |
* This method is to get attributes associated to TAC. Return type is HashMap<String,String>
|
813 |
* The object keys is as below:<br/>
|
814 |
* RC - Return Code [always present]<br/>
|
815 |
* RT - Return Code in Text [always present]<br/>
|
816 |
* <br/>
|
817 |
* The following data present only with the return is ERR_SUCCESS<br/>
|
818 |
* State - User State [0-Enable] [1-Disable]<br/>
|
819 |
* UseCount - Number of time the record being access<br/>
|
820 |
* ErrorCount - Number of time the TAC verified error<br/>
|
821 |
* DateCreated - TAC Created date<br/>
|
822 |
* DateFirstUsed - First access of the TAC<br/>
|
823 |
* DateLastUsed - Last access of the TAC<br/>
|
824 |
*
|
825 |
* @param userAlias
|
826 |
* @param appId TODO
|
827 |
* @return HashMap
|
828 |
*/
|
829 |
public HashMap<String, String> QueryTAC(String userAlias, int appId) |
830 |
{ |
831 |
return queryInfoService.queryTAC(userAlias, appId);
|
832 |
} |
833 |
|
834 |
/**
|
835 |
* This method is to change online user state to LOCKED status.
|
836 |
*
|
837 |
* @param adminUserAlias
|
838 |
* @param adminUserPassword
|
839 |
* @param userAlias
|
840 |
* @return ERR_code defined in the Constants.<br/>
|
841 |
* ERR_SUCCESS<br/>
|
842 |
* ERR_SYSTEM_NOT_READY<br/>
|
843 |
* ERR_USERALIAS_NOT_FOUND <br/>
|
844 |
* ERR_INVALID_STATE - admin not active or temporary suspended.<br/>
|
845 |
* ERR_APP_SERV_NOT_PERMITTED - for operation not allowed for the user type.<br/>
|
846 |
* ERR_EXCEED_MAX_TRIES<br/>
|
847 |
* ERR_INVALID_CREDENTIAL<br/>
|
848 |
* ERR_UNKNOWN<br/>
|
849 |
*/
|
850 |
public int UA_LockUser(String adminUserAlias, String adminUserPassword, |
851 |
String userAlias)
|
852 |
{ |
853 |
int rc = verifyStaticPasswordService.verifyStaticPassword(
|
854 |
adminUserAlias, adminUserPassword, true,
|
855 |
Constants.UTYPE_STATE_ADMIN); |
856 |
|
857 |
if (rc != Constants.ERR_SUCCESS)
|
858 |
{ |
859 |
return rc;
|
860 |
} |
861 |
|
862 |
rc = lockUserService.lockUser(userAlias); |
863 |
|
864 |
logger.info("UA_LockUser - user alias: [" + userAlias + "] Return:" |
865 |
+ rc); |
866 |
|
867 |
return rc;
|
868 |
} |
869 |
|
870 |
/**
|
871 |
* This method is to change admin user state to LOCKED status.
|
872 |
*
|
873 |
* @param rootAlias
|
874 |
* @param rootPassword
|
875 |
* @param adminUserAlias
|
876 |
* @return ERR_code defined in the Constants.<br/>
|
877 |
* ERR_SUCCESS<br/>
|
878 |
* ERR_SYSTEM_NOT_READY<br/>
|
879 |
* ERR_USERALIAS_NOT_FOUND <br/>
|
880 |
* ERR_INVALID_STATE - root not active or temporary suspended.<br/>
|
881 |
* ERR_APP_SERV_NOT_PERMITTED - for operation not allowed for the user type.<br/>
|
882 |
* ERR_EXCEED_MAX_TRIES<br/>
|
883 |
* ERR_INVALID_CREDENTIAL<br/>
|
884 |
* ERR_UNKNOWN<br/>
|
885 |
*/
|
886 |
public int AD_LockUser(String rootAlias, String rootPassword, |
887 |
String adminUserAlias)
|
888 |
{ |
889 |
int rc = verifyStaticPasswordService.verifyStaticPassword(
|
890 |
rootAlias, rootPassword, true, Constants.UTYPE_STATE_ROOT);
|
891 |
|
892 |
if (rc != Constants.ERR_SUCCESS)
|
893 |
{ |
894 |
return rc;
|
895 |
} |
896 |
|
897 |
rc = lockUserService.lockUser(adminUserAlias); |
898 |
|
899 |
logger.info("AD_LockUser - admin user alias: [" + adminUserAlias
|
900 |
+ "] Return: " + rc);
|
901 |
|
902 |
return rc;
|
903 |
} |
904 |
|
905 |
/**
|
906 |
* This method is to suspend online user from when for how many Minutes
|
907 |
*
|
908 |
* @param adminUserAlias
|
909 |
* @param adminUserPassword
|
910 |
* @param userAlias
|
911 |
* @param fromDate
|
912 |
* - from when
|
913 |
* @param nMinutes
|
914 |
* - Suspend for how many minutes
|
915 |
* @return ERR_code defined in the Constants.<br/>
|
916 |
* ERR_SUCCESS<br/>
|
917 |
* ERR_SYSTEM_NOT_READY<br/>
|
918 |
* ERR_USERALIAS_NOT_FOUND <br/>
|
919 |
* ERR_INVALID_STATE - admin not active or temporary suspended.<br/>
|
920 |
* ERR_APP_SERV_NOT_PERMITTED - for operation not allowed for the user type.<br/>
|
921 |
* ERR_EXCEED_MAX_TRIES<br/>
|
922 |
* ERR_INVALID_CREDENTIAL<br/>
|
923 |
* ERR_UNKNOWN<br/>
|
924 |
*/
|
925 |
public int UA_SuspendUser(String adminUserAlias, String adminUserPassword, |
926 |
String userAlias, String strFromDate, int nMinutes) |
927 |
{ |
928 |
Date fromDate = StringToDate(strFromDate);
|
929 |
int rc = verifyStaticPasswordService.verifyStaticPassword(
|
930 |
adminUserAlias, adminUserPassword, true,
|
931 |
Constants.UTYPE_STATE_ADMIN); |
932 |
|
933 |
if (rc != Constants.ERR_SUCCESS)
|
934 |
{ |
935 |
return rc;
|
936 |
} |
937 |
|
938 |
rc = lockUserService.lockUser(userAlias, |
939 |
Constants.UID_STATE_TMP_LOCKED, fromDate, nMinutes); |
940 |
|
941 |
logger.info("UA_SuspendUser - admin user alias: [" + adminUserAlias
|
942 |
+ "] user alias: [" + userAlias + "] From: [" + fromDate |
943 |
+ " for " + nMinutes + "min] Return: " + rc); |
944 |
|
945 |
return rc;
|
946 |
} |
947 |
|
948 |
/**
|
949 |
* This method is to suspend admin user from when for how many Minutes
|
950 |
*
|
951 |
* @param rootAlias
|
952 |
* @param rootPassword
|
953 |
* @param adminUserAlias
|
954 |
* @param fromDate
|
955 |
* - from when
|
956 |
* @param nMinutes
|
957 |
* - Suspend for how many Minutes
|
958 |
* @return ERR_code defined in the Constants.<br/>
|
959 |
* ERR_SUCCESS<br/>
|
960 |
* ERR_SYSTEM_NOT_READY<br/>
|
961 |
* ERR_USERALIAS_NOT_FOUND <br/>
|
962 |
* ERR_INVALID_STATE - root not active or temporary suspended.<br/>
|
963 |
* ERR_APP_SERV_NOT_PERMITTED - for operation not allowed for the user type.<br/>
|
964 |
* ERR_EXCEED_MAX_TRIES<br/>
|
965 |
* ERR_INVALID_CREDENTIAL<br/>
|
966 |
* ERR_UNKNOWN<br/>
|
967 |
*/
|
968 |
public int AD_SuspendUser(String rootAlias, String rootPassword, |
969 |
String adminUserAlias, String strFromDate, int nMinutes) |
970 |
{ |
971 |
Date fromDate = StringToDate(strFromDate);
|
972 |
int rc = verifyStaticPasswordService.verifyStaticPassword(
|
973 |
rootAlias, rootPassword, true, Constants.UTYPE_STATE_ROOT);
|
974 |
|
975 |
if (rc != Constants.ERR_SUCCESS)
|
976 |
{ |
977 |
return rc;
|
978 |
} |
979 |
|
980 |
rc = lockUserService.lockUser(adminUserAlias, |
981 |
Constants.UID_STATE_TMP_LOCKED, fromDate, nMinutes); |
982 |
|
983 |
logger.info("AD_SuspendUser - admin user alias: [" + adminUserAlias
|
984 |
+ "] Return: " + rc);
|
985 |
|
986 |
return rc;
|
987 |
} |
988 |
|
989 |
/**
|
990 |
* This method is to concate existing user alias to allow re use user after deleted.
|
991 |
*
|
992 |
* @param rootAlias
|
993 |
* @param rootPassword
|
994 |
* @param adminUserAlias
|
995 |
* @param fromDate
|
996 |
* - from when
|
997 |
* @param nMinutes
|
998 |
* - Suspend for how many Minutes
|
999 |
* @return ERR_code defined in the Constants.<br/>
|
1000 |
* ERR_SUCCESS<br/>
|
1001 |
* ERR_SYSTEM_NOT_READY<br/>
|
1002 |
* ERR_USERALIAS_NOT_FOUND <br/>
|
1003 |
* ERR_INVALID_STATE - root not active or temporary suspended.<br/>
|
1004 |
* ERR_APP_SERV_NOT_PERMITTED - for operation not allowed for the user type.<br/>
|
1005 |
* ERR_EXCEED_MAX_TRIES<br/>
|
1006 |
* ERR_INVALID_CREDENTIAL<br/>
|
1007 |
* ERR_UNKNOWN<br/>
|
1008 |
*/
|
1009 |
public int UA_DeleteUser(String adminUserAlias, String adminUserPassword, String userAlias) |
1010 |
{ |
1011 |
|
1012 |
int rc = verifyStaticPasswordService.verifyStaticPassword(
|
1013 |
adminUserAlias, adminUserPassword, true,
|
1014 |
Constants.UTYPE_STATE_ADMIN); |
1015 |
|
1016 |
if (rc != Constants.ERR_SUCCESS)
|
1017 |
{ |
1018 |
return rc;
|
1019 |
} |
1020 |
|
1021 |
rc = DeleteUserService.deleteUser(userAlias); |
1022 |
|
1023 |
logger.info("AD_SuspendUser - admin user alias: [" + userAlias
|
1024 |
+ "] Return: " + rc);
|
1025 |
|
1026 |
return rc;
|
1027 |
} |
1028 |
|
1029 |
// ///////////////////////////////////////////////////////////////////////////////
|
1030 |
// token area
|
1031 |
// ///////////////////////////////////////////////////////////////////////////////
|
1032 |
|
1033 |
/**
|
1034 |
* This method is to verify token password
|
1035 |
*
|
1036 |
* @param userAlias
|
1037 |
* @param inPassword
|
1038 |
* @return ERR_code defined in the Constants<br/>
|
1039 |
* ERR_SUCCESS<br/>
|
1040 |
* ERR_SYSTEM_NOT_READY<br/>
|
1041 |
* ERR_USERALIAS_NOT_FOUND<br/>
|
1042 |
* ERR_INVALID_STATE<br/>
|
1043 |
* ERR_EXCEED_MAX_TRIES<br/>
|
1044 |
* ERR_INVALID_CREDENTIAL<br/>
|
1045 |
* ERR_PASSWD_EXPIRED<br/>
|
1046 |
* ERR_REUSED_PASSWD<br/>
|
1047 |
*/
|
1048 |
public int VerifyToken(String userAlias, String inPassword) |
1049 |
{ |
1050 |
int rc = verifyTokenService.verifyToken(userAlias, inPassword);
|
1051 |
|
1052 |
logger.info("VerifyToken - user alias: [" + userAlias + "] Return: " |
1053 |
+ rc); |
1054 |
|
1055 |
return rc;
|
1056 |
} |
1057 |
|
1058 |
/**
|
1059 |
* This method is to reset user token <br/>
|
1060 |
*
|
1061 |
* @param adminUserAlias
|
1062 |
* @param adminUserPassword
|
1063 |
* @param userAlias
|
1064 |
* @return ERR_code defined in the Constants<br/>
|
1065 |
* ERR_SUCCESS<br/>
|
1066 |
* ERR_SYSTEM_NOT_READY<br/>
|
1067 |
* ERR_USERALIAS_NOT_FOUND<br/>
|
1068 |
* ERR_INVALID_STATE<br/>
|
1069 |
* ERR_EXCEED_MAX_TRIES<br/>
|
1070 |
* ERR_INVALID_CREDENTIAL<br/>
|
1071 |
*/
|
1072 |
public int ResetToken(String adminUserAlias, String adminUserPassword, |
1073 |
String userAlias)
|
1074 |
{ |
1075 |
int rc = verifyStaticPasswordService.verifyStaticPassword(
|
1076 |
adminUserAlias, adminUserPassword, true,
|
1077 |
Constants.UTYPE_STATE_ADMIN); |
1078 |
|
1079 |
if (rc != Constants.ERR_SUCCESS)
|
1080 |
{ |
1081 |
return rc;
|
1082 |
} |
1083 |
|
1084 |
rc = resetTokenService.resetToken(userAlias); |
1085 |
logger.info("ResetToken - user alias: [" + userAlias + "] Return: " |
1086 |
+ rc); |
1087 |
return rc;
|
1088 |
} |
1089 |
|
1090 |
/**
|
1091 |
* This method is to query token information, Return type is HashMap<String,String>
|
1092 |
* RC - Return Code [always present]<br/>
|
1093 |
* RT - Return Code in Text [always present]<br/>
|
1094 |
* <br/>
|
1095 |
* The following data present only with the return is ERR_SUCCESS<br/>
|
1096 |
* SerailNo - The serial number of token<br/>
|
1097 |
* State - Token State, [0-UNASSIGNED], [1-ASSIGNED], [2-DISABLE], [3-LOCKED], [4-DELETED]<br/>
|
1098 |
* UseCount - number of time of password authentication <br/>
|
1099 |
* ErrorCount - number of time error encountered of password authentication<br/>
|
1100 |
* DateAssigned - date of assignment to user<br/>
|
1101 |
* DateFirstUsed - date of 1st time use<br/>
|
1102 |
* DateLastUsed - date of last time used<br/>
|
1103 |
* BatchID - the ID used for loading the token into data store<br/>
|
1104 |
* <br/>
|
1105 |
*
|
1106 |
* Data retrieved from token BLOB<br/>
|
1107 |
* TOKEN_MODEL<br/>
|
1108 |
* USE_COUNT<br/>
|
1109 |
* ERROR_COUNT<br/>
|
1110 |
* LAST_TIME_USED<br/>
|
1111 |
* CODE_WORD<br/>
|
1112 |
* TRIPLE_DES<br/>
|
1113 |
* MAX_INPUT_FIELDS<br/>
|
1114 |
* RESPONSE_LENGTH<br/>
|
1115 |
* RESPONSE_TYPE<br/>
|
1116 |
* RESPONSE_CHECKSUM<br/>
|
1117 |
* TIME_STEP_USED<br/>
|
1118 |
*
|
1119 |
* @param userAlias
|
1120 |
* @return HashMap
|
1121 |
*/
|
1122 |
public HashMap<String, String> QueryToken(String userAlias) |
1123 |
{ |
1124 |
return queryInfoService.queryToken(userAlias);
|
1125 |
} |
1126 |
|
1127 |
public int DeleteTokenFromStore(String adminUserAlias, |
1128 |
String adminUserPassword, String serialNumber) |
1129 |
{ |
1130 |
int rc = verifyStaticPasswordService.verifyStaticPassword(
|
1131 |
adminUserAlias, adminUserPassword, true,
|
1132 |
Constants.UTYPE_STATE_ADMIN); |
1133 |
|
1134 |
if (rc != Constants.ERR_SUCCESS)
|
1135 |
{ |
1136 |
return rc;
|
1137 |
} |
1138 |
|
1139 |
rc = deleteTokenService.deleteTokenFromStore(serialNumber); |
1140 |
logger.info("DeleteTokenFromStore - serial number: [" + serialNumber
|
1141 |
+ "] Return: " + rc);
|
1142 |
return rc;
|
1143 |
} |
1144 |
|
1145 |
/**
|
1146 |
* This method is to assign token to user<br/>
|
1147 |
*
|
1148 |
* @param serialNumber
|
1149 |
* @param userAlias
|
1150 |
* @return ERR_code defined in the Constants<br/>
|
1151 |
* ERR_SUCCESS<br/>
|
1152 |
* ERR_SYSTEM_NOT_READY<br/>
|
1153 |
* ERR_USERALIAS_NOT_FOUND<br/>
|
1154 |
* ERR_INVALID_STATE<br/>
|
1155 |
*/
|
1156 |
public int AssignTokenToUser(String adminUserAlias, |
1157 |
String adminUserPassword, String serialNumber, String userAlias) |
1158 |
{ |
1159 |
int rc = verifyStaticPasswordService.verifyStaticPassword(
|
1160 |
adminUserAlias, adminUserPassword, true,
|
1161 |
Constants.UTYPE_STATE_ADMIN); |
1162 |
|
1163 |
if (rc != Constants.ERR_SUCCESS)
|
1164 |
{ |
1165 |
return rc;
|
1166 |
} |
1167 |
|
1168 |
rc = assignTokenService.assignToken(serialNumber, userAlias, |
1169 |
Constants.TKN_STATE_ASSIGNED); |
1170 |
|
1171 |
logger.info("AssignTokenToUser - serial number: [" + serialNumber
|
1172 |
+ "] user alias: [" + userAlias + "] Return: " + rc); |
1173 |
|
1174 |
return rc;
|
1175 |
} |
1176 |
|
1177 |
/**
|
1178 |
* This method is to return Token to store; Reset the Token.<br/>
|
1179 |
* The token is ready to re-assign to other user.<br/>
|
1180 |
*
|
1181 |
* @param adminUserAlias
|
1182 |
* @param adminUserPassword
|
1183 |
* @param userAlias
|
1184 |
* @return ERR_code defined in the Constants<br/>
|
1185 |
* ERR_SUCCESS<br/>
|
1186 |
* ERR_SYSTEM_NOT_READY<br/>
|
1187 |
* ERR_USERALIAS_NOT_FOUND<br/>
|
1188 |
* ERR_INVALID_STATE<br/>
|
1189 |
*/
|
1190 |
public int UnassignTokenFromUser(String adminUserAlias, |
1191 |
String adminUserPassword, String userAlias) |
1192 |
{ |
1193 |
int rc = verifyStaticPasswordService.verifyStaticPassword(
|
1194 |
adminUserAlias, adminUserPassword, true,
|
1195 |
Constants.UTYPE_STATE_ADMIN); |
1196 |
|
1197 |
if (rc != Constants.ERR_SUCCESS)
|
1198 |
{ |
1199 |
return rc;
|
1200 |
} |
1201 |
|
1202 |
rc = assignTokenService.assignToken(null, userAlias,
|
1203 |
Constants.TKN_STATE_UNASSIGNED); |
1204 |
|
1205 |
logger.info("UnassignTokenFromUser - user alias: [" + userAlias
|
1206 |
+ "] Return: " + rc);
|
1207 |
|
1208 |
return rc;
|
1209 |
} |
1210 |
|
1211 |
/**
|
1212 |
* This method is to disable the token<br/>
|
1213 |
*
|
1214 |
* @param adminUserAlias
|
1215 |
* @param adminUserPassword
|
1216 |
* @param userAlias
|
1217 |
* @return ERR_code defined in the Constants<br/>
|
1218 |
* ERR_SUCCESS<br/>
|
1219 |
* ERR_SYSTEM_NOT_READY<br/>
|
1220 |
* ERR_USERALIAS_NOT_FOUND<br/>
|
1221 |
* ERR_INVALID_STATE<br/>
|
1222 |
*/
|
1223 |
public int DisableToken(String adminUserAlias, String adminUserPassword, |
1224 |
String userAlias)
|
1225 |
{ |
1226 |
int rc = verifyStaticPasswordService.verifyStaticPassword(
|
1227 |
adminUserAlias, adminUserPassword, true,
|
1228 |
Constants.UTYPE_STATE_ADMIN); |
1229 |
|
1230 |
if (rc != Constants.ERR_SUCCESS)
|
1231 |
{ |
1232 |
return rc;
|
1233 |
} |
1234 |
|
1235 |
rc = disableTokenService.disableToken(userAlias, true);
|
1236 |
|
1237 |
logger.info("DisableToken - user alias: [" + userAlias + "] Return: " |
1238 |
+ rc); |
1239 |
|
1240 |
return rc;
|
1241 |
} |
1242 |
|
1243 |
/**
|
1244 |
* This method is to enable to token<br/>
|
1245 |
*
|
1246 |
* @param adminUserAlias
|
1247 |
* @param adminUserPassword
|
1248 |
* @param userAlias
|
1249 |
* @return ERR_code defined in the Constants<br/>
|
1250 |
* ERR_SUCCESS<br/>
|
1251 |
* ERR_SYSTEM_NOT_READY<br/>
|
1252 |
* ERR_USERALIAS_NOT_FOUND<br/>
|
1253 |
* ERR_INVALID_STATE<br/>
|
1254 |
*/
|
1255 |
public int EnableToken(String adminUserAlias, String adminUserPassword, |
1256 |
String userAlias)
|
1257 |
{ |
1258 |
int rc = verifyStaticPasswordService.verifyStaticPassword(
|
1259 |
adminUserAlias, adminUserPassword, true,
|
1260 |
Constants.UTYPE_STATE_ADMIN); |
1261 |
|
1262 |
if (rc != Constants.ERR_SUCCESS)
|
1263 |
{ |
1264 |
return rc;
|
1265 |
} |
1266 |
|
1267 |
rc = disableTokenService.disableToken(userAlias, false);
|
1268 |
|
1269 |
logger.info("EnableToken - user alias: [" + userAlias + "] Return: " |
1270 |
+ rc); |
1271 |
|
1272 |
return rc;
|
1273 |
} |
1274 |
|
1275 |
/**
|
1276 |
* This method is to load token from DPX or PSKC file to UPass data store
|
1277 |
* Refer to System Console for additional information.
|
1278 |
*
|
1279 |
* @param adminUserAlias
|
1280 |
* @param adminUserPassword
|
1281 |
* @param requiredField1
|
1282 |
* = fileName
|
1283 |
* @param requiredField2
|
1284 |
* = importKey/ passsphrase / fileName
|
1285 |
* @param requiredField3
|
1286 |
* = batchId/ null
|
1287 |
* @return rc (response code)
|
1288 |
* @throws Exception
|
1289 |
*/
|
1290 |
public int LoadToken(String adminUserAlias, String adminUserPassword, |
1291 |
String requiredField1, String requiredField2, String requiredField3) throws Exception |
1292 |
{ |
1293 |
int rc = Constants.ERR_SYSTEM_NOT_READY;
|
1294 |
|
1295 |
rc = LoadTokenWithStats(adminUserAlias, adminUserPassword, |
1296 |
requiredField1, requiredField2, requiredField3).getResponseCode(); |
1297 |
|
1298 |
return rc;
|
1299 |
} |
1300 |
|
1301 |
/**
|
1302 |
* This method override the existing LoadToken to generate load token statistic
|
1303 |
*
|
1304 |
* @param adminUserAlias
|
1305 |
* @param adminUserPassword
|
1306 |
* @param requiredField1
|
1307 |
* = fileName
|
1308 |
* @param requiredField2
|
1309 |
* = importKey/ passsphrase / fileName
|
1310 |
* @param requiredField3
|
1311 |
* = batchId/ null
|
1312 |
* @return LoadTokenBean
|
1313 |
* @throws Exception
|
1314 |
*/
|
1315 |
public LoadTokenBean LoadTokenWithStats(String adminUserAlias, String adminUserPassword, |
1316 |
String requiredField1, String requiredField2, String requiredField3) throws Exception { |
1317 |
LoadTokenBean loadTokenBean = new LoadTokenBean();
|
1318 |
|
1319 |
// verify supervisor password
|
1320 |
int rc = verifyStaticPasswordService.verifyStaticPassword(
|
1321 |
adminUserAlias, adminUserPassword, true,
|
1322 |
Constants.UTYPE_STATE_ADMIN); |
1323 |
|
1324 |
rc = 0;
|
1325 |
|
1326 |
if (rc != Constants.ERR_SUCCESS) {
|
1327 |
loadTokenBean.setResponseCode(rc); |
1328 |
|
1329 |
} else {
|
1330 |
loadTokenBean = loadTokenService.loadToken(requiredField1, requiredField2, requiredField3, |
1331 |
UPassFactory.getTokenMode()); |
1332 |
} |
1333 |
|
1334 |
return loadTokenBean;
|
1335 |
} |
1336 |
|
1337 |
/**
|
1338 |
* This method override the existing LoadToken to generate load token statistic
|
1339 |
*
|
1340 |
* @param adminUserAlias
|
1341 |
* @param adminUserPassword
|
1342 |
* @param requiredField1
|
1343 |
* = userAlias
|
1344 |
* @param requiredField2
|
1345 |
* = Otp 1
|
1346 |
* @param requiredField3
|
1347 |
* = Otp 2
|
1348 |
* @return LoadTokenBean
|
1349 |
* @throws Exception
|
1350 |
*/
|
1351 |
public int SynchronizeToken(String adminUserAlias, String adminUserPassword, |
1352 |
String userAlias, String otp1, String otp2) { |
1353 |
|
1354 |
// verify supervisor password
|
1355 |
int rc = verifyStaticPasswordService.verifyStaticPassword(
|
1356 |
adminUserAlias, adminUserPassword, true,
|
1357 |
Constants.UTYPE_STATE_ADMIN); |
1358 |
|
1359 |
if (rc != Constants.ERR_SUCCESS)
|
1360 |
{ |
1361 |
return rc;
|
1362 |
} |
1363 |
|
1364 |
rc = synchronizeTokenService.syncToken(userAlias, otp1, otp2); |
1365 |
|
1366 |
logger.info("SyncToken - useralias: [" + userAlias
|
1367 |
+ "] first OTP: [" + otp1 + "] Second OTP: [" + otp2 + "] Return: " + rc); |
1368 |
return rc;
|
1369 |
|
1370 |
} |
1371 |
|
1372 |
/**
|
1373 |
* This method is to get Specified token vendor name in Token Controller
|
1374 |
*
|
1375 |
* @return token Vendor name
|
1376 |
*/
|
1377 |
public String getTokenVendor() { |
1378 |
|
1379 |
return queryInfoService.getTokenVendor();
|
1380 |
|
1381 |
} |
1382 |
|
1383 |
// ///////////////////////////////////////////////////////////////////////////////
|
1384 |
// token area end
|
1385 |
// ///////////////////////////////////////////////////////////////////////////////
|
1386 |
|
1387 |
private Date StringToDate(String dateString) |
1388 |
{ |
1389 |
String DATE_FORMAT = "yyyyMMddHHmmss"; |
1390 |
SimpleDateFormat format = new SimpleDateFormat(DATE_FORMAT); |
1391 |
Date parsedDate = new Date(); |
1392 |
|
1393 |
try
|
1394 |
{ |
1395 |
parsedDate = format.parse(dateString); |
1396 |
} catch (ParseException pe) |
1397 |
{ |
1398 |
logger.info("ERROR: Cannot parse date in String " + dateString);
|
1399 |
} |
1400 |
|
1401 |
return parsedDate;
|
1402 |
} |
1403 |
|
1404 |
// ///////////////////////////////////////////////////////////////////////////////
|
1405 |
// Security code area
|
1406 |
// ///////////////////////////////////////////////////////////////////////////////
|
1407 |
|
1408 |
public String GenerateSecurityCode(String identifier) |
1409 |
{ |
1410 |
String sRc = generateSecurityCodeService
|
1411 |
.generateSecurityCode(identifier); |
1412 |
|
1413 |
logger.info(identifier + " Return=" + sRc.substring(2)); |
1414 |
|
1415 |
return sRc;
|
1416 |
} |
1417 |
|
1418 |
public int VerifySecurityCode(String identifier, String securityCode) |
1419 |
{ |
1420 |
int rc = verifySecurityCodeService.verifySecurityCode(
|
1421 |
identifier, securityCode); |
1422 |
|
1423 |
logger.info("VerifySecurityCode - identifier: [" + identifier
|
1424 |
+ "] Return: " + rc);
|
1425 |
|
1426 |
return rc;
|
1427 |
} |
1428 |
|
1429 |
public int VerifyPasswordComplexity(String password, int applicationId) { |
1430 |
int rc = verifyPasswordComplexityService.verifyPasswordComplexity(password, applicationId);
|
1431 |
|
1432 |
logger.info("VerifyPasswordComplexity: - password[" + password
|
1433 |
+ "] Return: " + rc);
|
1434 |
|
1435 |
return rc;
|
1436 |
} |
1437 |
} |