1 19 package org.openharmonise.dav.server.webservice; 20 21 import java.rmi.RemoteException ; 22 import java.util.logging.*; 23 24 import org.openharmonise.rm.DataAccessException; 25 import org.openharmonise.rm.resources.lifecycle.*; 26 import org.openharmonise.rm.resources.users.User; 27 import org.openharmonise.rm.security.authentication.*; 28 29 30 37 public class UserConfigService { 38 39 42 public static final int CODE_SUCCESS = 200; 43 44 47 public static final int CODE_AUTHENTICATION_FAIL = 402; 48 49 52 public static final int CODE_INVALID_LENGTH = 403; 53 54 57 public static final int CODE_NO_ALPHA_CHAR = 404; 58 59 62 public static final int CODE_NO_NUM_CHAR = 405; 63 64 67 public static final int CODE_NO_CASE_MIX = 406; 68 69 72 public static final int CODE_INVALID_USER_STATE = 407; 73 74 77 public static final int CODE_PWD_REPEAT = 408; 78 79 82 private static final Logger m_logger = Logger.getLogger(UserConfigService.class.getName()); 83 84 87 public UserConfigService() { 88 super(); 89 } 90 91 101 static public int setPassword(String sCurrUserName,String sCurrUserPwd,String sChangeUserName, String sChangeNewPwd) { 102 int nSuccess = CODE_SUCCESS; 103 104 try { 105 UserAuthenticator auth = UserAuthenticatorFactory.getAuthenticator(); 106 107 User currUser = auth.getUser(sCurrUserName, sCurrUserPwd); 108 User changeUser = auth.getUser(sChangeUserName); 109 110 int nCode = auth.setPassword(currUser, changeUser, sCurrUserPwd, sChangeNewPwd); 111 112 if(nCode != UserAuthenticatorImpl.PWD_OK) { 113 if(nCode == UserAuthenticatorImpl.AUTHENTICATION_FAIL) { 114 nSuccess = CODE_AUTHENTICATION_FAIL; 115 } else if(nCode == UserAuthenticatorImpl.INVALID_PWD_LENGTH) { 116 nSuccess = CODE_INVALID_LENGTH; 117 } else if(nCode == UserAuthenticatorImpl.INVALID_PWD_NO_ALPHA) { 118 nSuccess = CODE_NO_ALPHA_CHAR; 119 } else if(nCode == UserAuthenticatorImpl.INVALID_PWD_NO_CASE_MIX) { 120 nSuccess = CODE_NO_CASE_MIX; 121 } else if(nCode == UserAuthenticatorImpl.INVALID_PWD_NO_NUM) { 122 nSuccess = CODE_NO_NUM_CHAR; 123 } else if(nCode == UserAuthenticatorImpl.INVALID_USER_STATE) { 124 nSuccess = CODE_INVALID_USER_STATE; 125 } else if(nCode == UserAuthenticatorImpl.INVALID_PWD_REPEAT) { 126 nSuccess = CODE_PWD_REPEAT; 127 } 128 } 129 130 } catch (UserAuthenticationException e) { 131 m_logger.log(Level.WARNING, e.getLocalizedMessage(), e); 132 } 133 134 return nSuccess; 135 } 136 137 146 static public boolean hasPasswordExpired(String sUserName, String sPwd) throws RemoteException { 147 boolean bExpired = false; 148 149 try { 150 UserAuthenticator auth = UserAuthenticatorFactory.getAuthenticator(); 151 152 User usr = auth.getUser(sUserName,sPwd); 153 154 if(usr != null) { 155 bExpired = auth.hasPasswordExpired(usr); 156 } 157 158 } catch (Exception e) { 159 throw new RemoteException (e.getLocalizedMessage(),e); 160 } 161 162 return bExpired; 163 } 164 165 174 static public boolean isSuperUser(String sUserName, String sPwd) throws RemoteException { 175 boolean bIsSuper = false; 176 177 UserAuthenticator auth = UserAuthenticatorFactory.getAuthenticator(); 178 179 try { 180 User usr = auth.getUser(sUserName, sPwd); 181 182 bIsSuper = usr.isSuper(); 183 } catch (UserAuthenticationException e) { 184 throw new RemoteException (e.getLocalizedMessage(),e); 185 } catch (DataAccessException e) { 186 throw new RemoteException (e.getLocalizedMessage(),e); 187 } 188 189 return bIsSuper; 190 } 191 200 static public boolean isSuperUser(String sUserName, String sPwd, String sCheckUser) throws RemoteException { 201 boolean bIsSuper = false; 202 203 UserAuthenticator auth = UserAuthenticatorFactory.getAuthenticator(); 204 205 try { 206 User usr = auth.getUser(sUserName, sPwd); 207 User chkUsr = auth.getUser(sCheckUser); 208 209 if(chkUsr.isSuper() == true) { 210 bIsSuper = true; 211 } 212 } catch (UserAuthenticationException e) { 213 throw new RemoteException (e.getLocalizedMessage(),e); 214 } catch (DataAccessException e) { 215 throw new RemoteException (e.getLocalizedMessage(),e); 216 } 217 218 return bIsSuper; 219 } 220 221 234 static public void setIsSuperUser(String sCurrUserName, String sPwd, String sChangeUser, boolean bIsSuper) throws RemoteException { 235 236 if(sCurrUserName.equals(sChangeUser) == true) { 237 throw new RemoteException ("User can not change their own user status"); 238 } 239 UserAuthenticator auth = UserAuthenticatorFactory.getAuthenticator(); 240 241 try { 242 User currUsr = auth.getUser(sCurrUserName, sPwd); 243 244 if(currUsr == null) { 245 throw new UserAuthenticationException("Current user details are not valid"); 246 } 247 248 if(currUsr.isSuper() == true) { 249 User newSuper = auth.getUser(sChangeUser); 250 251 if(newSuper == null) { 252 throw new UserAuthenticationException("Details of user to change are invalid"); 253 } 254 255 if((newSuper.isPendingVersion() == true && newSuper.getLiveVersion() != null) || newSuper.getPendingVersions().size() > 0) { 256 throw new RemoteException ("Invalid operation when there is a pending version"); 257 } else { 258 newSuper.setIsSuper(bIsSuper); 259 260 newSuper = (User) newSuper.save(); 261 262 newSuper.changeStatus(Status.APPROVED); 263 } 264 } else { 265 throw new UserAuthenticationException("Current user not allowed to changed super user settings"); 266 } 267 } catch (UserAuthenticationException e) { 268 throw new RemoteException (e.getLocalizedMessage(),e); 269 } catch (DataAccessException e) { 270 throw new RemoteException (e.getLocalizedMessage(),e); 271 } catch (EditException e) { 272 throw new RemoteException (e.getLocalizedMessage(),e); 273 } 274 275 } 276 277 285 static public boolean isUserLockedOut(String sUserName) { 286 boolean bIsLockedOut = false; 287 288 UserAuthenticator auth = UserAuthenticatorFactory.getAuthenticator(); 289 290 try { 291 bIsLockedOut = auth.isUserLockedOut(sUserName); 292 } catch (UserAuthenticationException e) { 293 m_logger.log(Level.WARNING, e.getLocalizedMessage(), e); 294 } 295 296 return bIsLockedOut; 297 } 298 299 } 300 | Popular Tags |