KickJava   Java API By Example, From Geeks To Geeks.

Java > Open Source Codes > com > sslexplorer > security > PasswordAuthenticationModule


1 /*
2  * SSL-Explorer
3  *
4  * Copyright (C) 2003-2006 3SP LTD. All Rights Reserved
5  *
6  * This program is free software; you can redistribute it and/or
7  * modify it under the terms of the GNU General Public License
8  * as published by the Free Software Foundation; either version 2 of
9  * the License, or (at your option) any later version.
10  * This program is distributed in the hope that it will be useful,
11  * but WITHOUT ANY WARRANTY; without even the implied warranty of
12  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13  * GNU General Public License for more details.
14  *
15  * You should have received a copy of the GNU General Public
16  * License along with this program; if not, write to the Free Software
17  * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
18  */

19             
20 package com.sslexplorer.security;
21
22 import java.util.Calendar JavaDoc;
23 import java.util.GregorianCalendar JavaDoc;
24 import java.util.regex.Pattern JavaDoc;
25
26 import javax.servlet.http.HttpServletRequest JavaDoc;
27 import javax.servlet.http.HttpServletResponse JavaDoc;
28
29 import org.apache.struts.action.Action;
30 import org.apache.struts.action.ActionForward;
31 import org.apache.struts.action.ActionMapping;
32 import org.apache.struts.action.ActionMessage;
33
34 import com.sslexplorer.boot.ReplacementEngine;
35 import com.sslexplorer.core.BundleActionMessage;
36 import com.sslexplorer.core.CoreUtil;
37 import com.sslexplorer.core.PageInterceptException;
38 import com.sslexplorer.core.PageInterceptListener;
39 import com.sslexplorer.core.UserDatabaseManager;
40 import com.sslexplorer.properties.Property;
41 import com.sslexplorer.properties.impl.realms.RealmKey;
42 import com.sslexplorer.security.actions.ChangePasswordAction;
43 import com.sslexplorer.security.actions.ShowChangePasswordAction;
44
45 /**
46  * Implementation of {@link com.sslexplorer.security.AbstractPasswordAuthenticationModule}
47  * that is suitable for logging on via the web interface.
48  *
49  * @author Brett Smith <a HREF="mailto: brett@3sp.com">&lt;brett@3sp.com&gt;</a>
50  */

51 public class PasswordAuthenticationModule extends AbstractPasswordAuthenticationModule {
52
53     /**
54      * The name of this authentication module
55      */

56     public static final String JavaDoc MODULE_NAME = "Password";
57
58     /**
59      * Constructor
60      */

61     public PasswordAuthenticationModule() {
62         super(MODULE_NAME, true);
63     }
64
65     /* (non-Javadoc)
66      * @see com.sslexplorer.security.AuthenticationModule#authenticationComplete()
67      */

68     public void authenticationComplete() throws SecurityErrorException {
69         UserDatabase udb;
70         try {
71             udb = UserDatabaseManager.getInstance().getUserDatabase(scheme.getUser().getRealm());
72         } catch (Exception JavaDoc e1) {
73             throw new SecurityErrorException(SecurityErrorException.INTERNAL_ERROR, e1, "Failed to initialise user database.");
74         }
75
76         if (udb.supportsPasswordChange()) {
77             /* Check that the password matches the current policy, if not then
78             request a new one */

79             Pattern JavaDoc p = null;
80             try {
81                 String JavaDoc pattern = Property.getProperty(new RealmKey("security.password.pattern", scheme.getUser().getRealm()
82                                 .getResourceId()));
83                 p = ReplacementEngine.getPatternPool().getPattern(pattern, false, false);
84                 if (!p.matcher(new String JavaDoc(credentials.getPassword())).matches()) {
85                     scheme.getServletSession().setAttribute(Constants.PASSWORD_CHANGE_REASON_MESSAGE, new ActionMessage("passwordChange.noLongerMatchesPattern"));
86                 }
87             } catch (Exception JavaDoc e) {
88                 throw new SecurityErrorException(SecurityErrorException.INTERNAL_ERROR, e, "Could not check password against current policy.");
89             } finally {
90                 if (p != null) {
91                     ReplacementEngine.getPatternPool().releasePattern(p);
92                 }
93             }
94
95             // Check if the password has expired (or is
96
try {
97                 if (scheme.getUser().getLastPasswordChange() != null) {
98                     GregorianCalendar JavaDoc lastChange = new GregorianCalendar JavaDoc();
99                     lastChange.setTimeInMillis(scheme.getUser().getLastPasswordChange().getTime());
100
101                     GregorianCalendar JavaDoc warningOn = new GregorianCalendar JavaDoc();
102
103                     int warningInDays = Property.getPropertyInt(new RealmKey("security.password.daysBeforeExpiryWarning", scheme.getUser().getRealm()
104                                     .getResourceId()));
105                     warningOn.setTimeInMillis(scheme.getUser().getLastPasswordChange().getTime());
106                     warningOn.add(Calendar.DATE, warningInDays);
107
108                     GregorianCalendar JavaDoc expiresOn = new GregorianCalendar JavaDoc();
109                     expiresOn.setTimeInMillis(scheme.getUser().getLastPasswordChange().getTime());
110
111                     int expiryInDays = Property.getPropertyInt(new RealmKey("security.password.daysBeforeExpiry", scheme.getUser().getRealm()
112                                     .getResourceId()));
113                     expiresOn.add(Calendar.DATE, expiryInDays);
114
115                     GregorianCalendar JavaDoc now = new GregorianCalendar JavaDoc();
116
117                     if (expiresOn.before(now) && expiryInDays > 0) {
118                         scheme.getServletSession().setAttribute(Constants.PASSWORD_CHANGE_REASON_MESSAGE,
119                                         new ActionMessage("passwordChange.expired"));
120                     } else if (warningOn.before(now) && warningInDays > 0) {
121                         long daysToExpiry = ((expiresOn.getTimeInMillis() - now.getTimeInMillis()) + 86399999l) / 86400000l;
122                         CoreUtil.addSingleSessionGlobalWarning(scheme.getServletSession(), new BundleActionMessage("navigation",
123                                         "globalWarning.passwordNearExpiry", new Long JavaDoc(daysToExpiry)));
124
125                     }
126                 } else if (scheme.getUser().requiresPasswordChange()) {
127                     scheme.getServletSession().setAttribute(Constants.PASSWORD_CHANGE_REASON_MESSAGE,
128                                     new ActionMessage("passwordChange.newPassword"));
129                 }
130                 if (scheme.getServletSession().getAttribute(Constants.PASSWORD_CHANGE_REASON_MESSAGE) != null) {
131
132                     CoreUtil.addPageInterceptListener(scheme.getServletSession(), new PageInterceptListener() {
133
134                         public String JavaDoc getId() {
135                             return "changePassword";
136                         }
137
138                         public ActionForward checkForForward(Action action, ActionMapping mapping, HttpServletRequest JavaDoc request,
139                                         HttpServletResponse JavaDoc response) throws PageInterceptException {
140                             if (!(action instanceof ShowChangePasswordAction) && !(action instanceof ChangePasswordAction)) {
141                                 return new ActionForward("/showChangePassword.do?referer=/logoff.do", true);
142                             }
143                             return null;
144                         }
145
146                         public boolean isRedirect() {
147                             return false;
148                         }
149                     });
150                 }
151             } catch (Exception JavaDoc e) {
152                 throw new SecurityErrorException(SecurityErrorException.INTERNAL_ERROR, e, "Could not check password against current policy.");
153             }
154         }
155
156     }
157     
158     /* (non-Javadoc)
159      * @see com.sslexplorer.security.AuthenticationModule#getInclude()
160      */

161     public String JavaDoc getInclude() {
162         return "/WEB-INF/jsp/auth/userPasswordAuth.jspf";
163     }
164 }
165
Popular Tags