1 41 package com.mvnforum.auth; 42 43 import java.sql.Timestamp ; 44 45 import javax.servlet.http.HttpServletRequest ; 46 import javax.servlet.http.HttpServletResponse ; 47 48 import com.mvnforum.*; 49 import com.mvnforum.db.*; 50 import net.myvietnam.mvncore.exception.*; 51 import net.myvietnam.mvncore.security.Encoder; 52 import net.myvietnam.mvncore.util.DateUtil; 53 import net.myvietnam.mvncore.web.GenericRequest; 54 import net.myvietnam.mvncore.web.GenericResponse; 55 import net.myvietnam.mvncore.web.impl.GenericRequestServletImpl; 56 import org.apache.commons.logging.Log; 57 import org.apache.commons.logging.LogFactory; 58 59 public class OnlineUserFactoryImpl implements OnlineUserFactory { 60 61 private static Log log = LogFactory.getLog(OnlineUserFactoryImpl.class); 62 63 public OnlineUserFactoryImpl() { 64 } 65 66 public OnlineUser getAuthenticatedUser(HttpServletRequest request, 67 HttpServletResponse response, 68 String loginName, String password, 69 boolean isEncodedPassword) 70 throws AuthenticationException, DatabaseException, AssertionException { 71 72 GenericRequest req = new GenericRequestServletImpl(request); 73 74 return getAuthenticatedUser(req, null, loginName, password, isEncodedPassword); 75 } 76 77 public OnlineUser getAuthenticatedUser(GenericRequest request, 78 GenericResponse response, 79 String loginName, String password, 80 boolean isEncodedPassword) 81 throws AuthenticationException, DatabaseException, AssertionException { 82 83 int memberID = 0; 84 double timeZone = 0; 85 boolean invisible = false; 86 String localeName = ""; 87 Timestamp lastLogon = null; 88 String lastLogonIP = null; 89 int postsPerPage = 10; 90 91 try { 92 memberID = DAOFactory.getMemberDAO().getMemberIDFromMemberName(loginName); 93 } catch (ObjectNotFoundException e) { 94 throw new AuthenticationException(NotLoginException.WRONG_NAME); 95 } catch (Exception e) { 96 log.error("Unexpected error validating user", e); 97 98 throw new AuthenticationException(NotLoginException.NOT_LOGIN); 99 } 100 101 try { 102 MemberBean memberBean = DAOFactory.getMemberDAO().getMember_forViewCurrentMember(memberID); 103 104 if (memberBean.getMemberStatus() != MemberBean.MEMBER_STATUS_ENABLE) { 105 if (memberID != MVNForumConstant.MEMBER_ID_OF_ADMIN) { throw new AuthenticationException(NotLoginException.ACCOUNT_DISABLED); 107 } 108 } 109 boolean disablePortlet = !MVNForumConfig.getEnablePortlet(); 110 if (disablePortlet) { 111 112 if (DAOFactory.getMemberDAO().getActivateCode(memberID).equals(MemberBean.MEMBER_ACTIVATECODE_ACTIVATED) == false) { 113 if (MVNForumConfig.getRequireActivation()) { 115 if (memberID != MVNForumConstant.MEMBER_ID_OF_ADMIN) { throw new AuthenticationException(NotLoginException.NOT_ACTIVATED); 117 } 118 } 119 } 120 121 if (validatePassword(loginName, password, isEncodedPassword) == false) { 122 if ((MVNForumConfig.getEnablePasswordlessAuth() == false) || (password.length() > 0)) { 123 throw new AuthenticationException(NotLoginException.WRONG_PASSWORD); 124 } 125 } 126 127 Timestamp now = DateUtil.getCurrentGMTTimestamp(); 129 130 DAOFactory.getMemberDAO().updateLastLogon(memberID, now, request.getRemoteAddr()); 131 } 132 timeZone = memberBean.getMemberTimeZone(); 133 localeName = memberBean.getMemberLanguage(); 134 lastLogon = memberBean.getMemberLastLogon(); 135 postsPerPage = memberBean.getMemberPostsPerPage(); 136 lastLogonIP = memberBean.getMemberLastIP(); 137 invisible = memberBean.isInvisible(); 138 139 String memberName = memberBean.getMemberName(); 143 144 OnlineUserImpl authenticatedUser = new OnlineUserImpl(request, false); 145 authenticatedUser.setMemberID(memberID); 146 authenticatedUser.setMemberName(memberName); 147 authenticatedUser.setInvisible(invisible); 148 authenticatedUser.setTimeZone(timeZone); 149 MVNForumPermission permission = MVNForumPermissionFactory.getAuthenticatedPermission(memberID); 153 authenticatedUser.setPermission(permission); 154 authenticatedUser.setLocaleName(localeName); 155 authenticatedUser.setLastLogonTimestamp(lastLogon); 156 authenticatedUser.setLastLogonIP(lastLogonIP); 157 authenticatedUser.setGender(memberBean.getMemberGender() != 0); 158 authenticatedUser.setPostsPerPage(postsPerPage); 159 160 if (MVNForumConfig.getEnableCompany()) { 161 try { 162 int companyID = DAOFactory.getMemberCompanyDAO().getCompanyIDFromMemberID(memberID); 163 CompanyBean companyBean = DAOFactory.getCompanyDAO().getCompany(companyID); 164 165 String cssPath = MyUtil.getCompanyCssPath(companyBean, request.getContextPath()); 167 authenticatedUser.setCssPath(cssPath); 168 169 String logoPath = MyUtil.getCompanyLogoPath(companyBean, request.getContextPath()); 171 authenticatedUser.setLogoPath(logoPath); 172 } catch (ObjectNotFoundException ex) { 173 } 175 } 176 177 return authenticatedUser; 178 } catch (ObjectNotFoundException e) { 179 throw new AuthenticationException(NotLoginException.WRONG_NAME); } catch (DatabaseException e) { 181 log.error("Unexpected error validating user", e); 182 throw new AuthenticationException(NotLoginException.NOT_LOGIN); } 184 } 185 186 public OnlineUser getAnonymousUser(HttpServletRequest req) 187 throws DatabaseException, AssertionException { 188 189 GenericRequest request = new GenericRequestServletImpl(req); 190 return this.getAnonymousUser(request); 191 } 192 193 public OnlineUser getAnonymousUser(GenericRequest request) 194 throws DatabaseException, AssertionException { 195 196 int memberID = MVNForumConstant.MEMBER_ID_OF_GUEST; 197 String memberName = MVNForumConfig.getDefaultGuestName(); 198 double timeZone = MVNForumConfig.getDefaultGuestTimeZone(); 199 String localeName = ""; 200 Timestamp lastLogon = null; 201 String lastLogonIP = null; 202 int postsPerPage = MVNForumConfig.getRowsPerPage(); 203 204 try { 205 MemberBean memberBean = DAOFactory.getMemberDAO().getMember_forViewCurrentMember(memberID); 206 if (memberBean.getMemberStatus() != MemberBean.MEMBER_STATUS_ENABLE) { 207 } 209 memberName = memberBean.getMemberName(); 210 timeZone = memberBean.getMemberTimeZone(); 211 localeName = memberBean.getMemberLanguage(); 212 lastLogon = memberBean.getMemberLastLogon(); 213 postsPerPage = memberBean.getMemberPostsPerPage(); 214 lastLogonIP = memberBean.getMemberLastIP(); 215 216 Timestamp now = DateUtil.getCurrentGMTTimestamp(); 218 DAOFactory.getMemberDAO().updateLastLogon(memberID, now, request.getRemoteAddr()); 220 221 OnlineUserImpl anonymousUser = new OnlineUserImpl(request, true); 222 anonymousUser.setMemberID(memberID); 223 anonymousUser.setMemberName(memberName); 224 anonymousUser.setTimeZone(timeZone); 225 MVNForumPermission permission = MVNForumPermissionFactory.getAnonymousPermission(); 226 anonymousUser.setPermission(permission); 227 anonymousUser.setLocaleName(localeName); 228 anonymousUser.setLastLogonTimestamp(lastLogon); 229 anonymousUser.setLastLogonIP(lastLogonIP); 230 anonymousUser.setPostsPerPage(postsPerPage); 232 return anonymousUser; 233 } catch (ObjectNotFoundException e) { 234 OnlineUserImpl anonymousUser = new OnlineUserImpl(request, true); 235 MVNForumPermission permission = MVNForumPermissionFactory.getAnonymousPermission(); 238 anonymousUser.setPermission(permission); 239 anonymousUser.setLocaleName(""); 240 anonymousUser.setLastLogonTimestamp(new Timestamp (0)); 241 anonymousUser.setPostsPerPage(postsPerPage); 242 anonymousUser.setTimeZone(timeZone); 243 return anonymousUser; 244 } catch (DatabaseException e) { 245 OnlineUserImpl anonymousUser = new OnlineUserImpl(request, true); 246 MVNForumPermission permission = MVNForumPermissionFactory.getAnonymousPermission(); 249 anonymousUser.setPermission(permission); 250 anonymousUser.setLocaleName(""); 251 anonymousUser.setLastLogonTimestamp(new Timestamp (0)); 252 anonymousUser.setPostsPerPage(postsPerPage); 253 anonymousUser.setTimeZone(timeZone); 254 return anonymousUser; 255 } 256 } 257 258 public void postLogin(HttpServletRequest request, HttpServletResponse response, OnlineUser onlineUser) 259 throws DatabaseException { 260 261 int folderOption = 0; 263 int folderType = 0; 264 int folderStatus = 0; 265 Timestamp now = DateUtil.getCurrentGMTTimestamp(); 266 try { 267 try { 268 DAOFactory.getMessageFolderDAO().create(MVNForumConstant.MESSAGE_FOLDER_INBOX, onlineUser.getMemberID(), 269 0, folderStatus, folderOption, folderType, now, now); 270 } catch (DuplicateKeyException ex) { 271 } 273 274 try { 275 DAOFactory.getMessageFolderDAO().create(MVNForumConstant.MESSAGE_FOLDER_DRAFT, onlineUser.getMemberID(), 276 1, folderStatus, folderOption, folderType, now, now); 277 } catch (DuplicateKeyException ex) { 278 } 280 281 try { 282 DAOFactory.getMessageFolderDAO().create(MVNForumConstant.MESSAGE_FOLDER_SENT, onlineUser.getMemberID(), 283 2, folderStatus, folderOption, folderType, now, now); 284 } catch (DuplicateKeyException ex) { 285 } 287 288 try { 289 DAOFactory.getMessageFolderDAO().create(MVNForumConstant.MESSAGE_FOLDER_TRASH, onlineUser.getMemberID(), 290 3, folderStatus, folderOption, folderType, now, now); 291 } catch (DuplicateKeyException ex) { 292 } 294 } catch (CreateException ce) { 295 throw new DatabaseException("Cannot created Message Folder."); 296 } catch (ForeignKeyNotFoundException fe) { 297 throw new DatabaseException("Cannot created Message Folder because the foreign key is not existed."); 298 } 299 } 300 301 public void logout(HttpServletRequest request, HttpServletResponse response) { 302 } 304 305 public void logout(GenericRequest request, GenericResponse response) { 306 } 308 309 public String getEncodedPassword(String loginName, String password) { 310 return Encoder.getMD5_Base64(password); 311 } 312 313 public boolean validatePassword(String loginName, String password, boolean isEncodedPassword) 314 throws AuthenticationException { 315 316 try { 317 int memberId = DAOFactory.getMemberDAO().getMemberIDFromMemberName(loginName); 318 if ((memberId == 0) || (memberId == MVNForumConstant.MEMBER_ID_OF_GUEST)) { 319 return true; 320 } 321 322 String encodedPassword; 323 if (isEncodedPassword) { 324 encodedPassword = password; 325 } else { 326 encodedPassword = getEncodedPassword(loginName, password); 327 } 328 329 if (isEncodedPassword && password.equals(OnlineUserManager.PASSWORD_OF_METHOD_REALM)) { 330 if (MVNForumConfig.getEnableLoginInfoInRealm()) { 331 return true; 332 } 333 } 334 if (isEncodedPassword && password.equals(OnlineUserManager.PASSWORD_OF_METHOD_CUSTOMIZATION)) { 335 if (MVNForumConfig.getEnableLoginInfoInCustomization()) { 336 return true; 337 } 338 } 339 return encodedPassword.equals(DAOFactory.getMemberDAO().getPassword(memberId)); 340 } catch (ObjectNotFoundException e) { 341 throw new AuthenticationException(NotLoginException.WRONG_NAME); 342 } catch (Exception e) { 343 344 throw new AuthenticationException(NotLoginException.NOT_LOGIN); 345 } 346 } 347 348 public void ensureCorrectPassword(String loginName, String password, boolean isEncodedPassword) 349 throws AuthenticationException { 350 351 boolean isCorrectPassword = validatePassword(loginName, password, isEncodedPassword); 352 if (isCorrectPassword == false) { 353 throw new AuthenticationException(NotLoginException.WRONG_PASSWORD); 354 } 355 } 356 } 357 | Popular Tags |