UserConfigService


1   /*
2    * The contents of this file are subject to the 
3    * Mozilla Public License Version 1.1 (the "License"); 
4    * you may not use this file except in compliance with the License. 
5    * You may obtain a copy of the License at http://www.mozilla.org/MPL/
6    *
7    * Software distributed under the License is distributed on an "AS IS"
8    * basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. 
9    * See the License for the specific language governing rights and 
10   * limitations under the License.
11   *
12   * The Initial Developer of the Original Code is Simulacra Media Ltd.
13   * Portions created by Simulacra Media Ltd are Copyright (C) Simulacra Media Ltd, 2004.
14   *
15   * All Rights Reserved.
16   *
17   * Contributor(s):
18   */
19  package org.openharmonise.dav.server.webservice;
20  
21  import java.rmi.RemoteException  ;
22  import java.util.logging.*;
23  
24  import org.openharmonise.rm.DataAccessException;
25  import org.openharmonise.rm.resources.lifecycle.*;
26  import org.openharmonise.rm.resources.users.User;
27  import org.openharmonise.rm.security.authentication.*;
28  
29  
30  /**
31   * This class provides configuration operations for users.
32   * 
33   * @author Michael Bell
34   * @version $Revision: 1.2 $
35   *
36   */
37  public class UserConfigService {
38  
39      /**
40       * Success code
41       */
42      public static final int CODE_SUCCESS = 200;
43      
44      /**
45       * Authentication failure code
46       */
47      public static final int CODE_AUTHENTICATION_FAIL = 402;
48      
49      /**
50       * Invalid password length code
51       */
52      public static final int CODE_INVALID_LENGTH = 403;
53      
54      /**
55       * No alpha characters code
56       */
57      public static final int CODE_NO_ALPHA_CHAR = 404;
58      
59      /**
60       * No numeric characters code
61       */
62      public static final int CODE_NO_NUM_CHAR = 405;
63      
64      /**
65       * No case mix of characters code
66       */
67      public static final int CODE_NO_CASE_MIX = 406;
68      
69      /**
70       * Invalid user state code
71       */
72      public static final int CODE_INVALID_USER_STATE = 407;
73      
74      /**
75       * Repeated password code
76       */
77      public static final int CODE_PWD_REPEAT = 408;
78      
79      /**
80       * Logger for this class
81       */
82      private static final Logger m_logger = Logger.getLogger(UserConfigService.class.getName());
83  
84      /**
85       * Constructs an instance of this class
86       */
87      public UserConfigService() {
88          super();
89      }
90      
91      /**
92       * Sets the password on the user with the user name <code>sChangeUserName</code> using
93       * the user with user name <code>sCurrUserName</code>.
94       * 
95       * @param sCurrUserName the current user name
96       * @param sCurrUserPwd the current user password
97       * @param sChangeUserName the user name of the user to be changed
98       * @param sChangeNewPwd the new password of the user to be changed
99       * @return the success code
100      */
101     static public int setPassword(String   sCurrUserName,String   sCurrUserPwd,String   sChangeUserName, String   sChangeNewPwd) {
102         int nSuccess = CODE_SUCCESS;
103         
104         try {
105             UserAuthenticator auth = UserAuthenticatorFactory.getAuthenticator();
106             
107             User currUser = auth.getUser(sCurrUserName, sCurrUserPwd);
108             User changeUser = auth.getUser(sChangeUserName);
109             
110             int nCode = auth.setPassword(currUser, changeUser, sCurrUserPwd, sChangeNewPwd);
111         
112             if(nCode != UserAuthenticatorImpl.PWD_OK) {
113                 if(nCode == UserAuthenticatorImpl.AUTHENTICATION_FAIL) {
114                     nSuccess = CODE_AUTHENTICATION_FAIL;
115                 } else if(nCode == UserAuthenticatorImpl.INVALID_PWD_LENGTH) {
116                     nSuccess = CODE_INVALID_LENGTH;
117                 } else if(nCode == UserAuthenticatorImpl.INVALID_PWD_NO_ALPHA) {
118                     nSuccess = CODE_NO_ALPHA_CHAR;
119                 } else if(nCode == UserAuthenticatorImpl.INVALID_PWD_NO_CASE_MIX) {
120                     nSuccess = CODE_NO_CASE_MIX;
121                 } else if(nCode == UserAuthenticatorImpl.INVALID_PWD_NO_NUM) {
122                     nSuccess = CODE_NO_NUM_CHAR;
123                 } else if(nCode == UserAuthenticatorImpl.INVALID_USER_STATE) {
124                     nSuccess = CODE_INVALID_USER_STATE;
125                 } else if(nCode == UserAuthenticatorImpl.INVALID_PWD_REPEAT) {
126                     nSuccess = CODE_PWD_REPEAT;
127                 }
128             }
129             
130         } catch (UserAuthenticationException e) {
131             m_logger.log(Level.WARNING, e.getLocalizedMessage(), e);
132         }
133         
134         return nSuccess;
135     }
136     
137     /**
138      * Returns <code>true</code> if the password for the user with the 
139      * specified user name and password has expired.
140      * 
141      * @param sUserName the user name
142      * @param sPwd the password
143      * @return <code>true</code> if the password for the user with the 
144      * specified user name and password has expired
145      */
146     static public boolean hasPasswordExpired(String   sUserName, String   sPwd) throws RemoteException   {
147         boolean bExpired = false;
148         
149         try {
150             UserAuthenticator auth = UserAuthenticatorFactory.getAuthenticator();
151             
152             User usr = auth.getUser(sUserName,sPwd);
153             
154             if(usr != null) {
155                 bExpired = auth.hasPasswordExpired(usr);
156             }
157             
158         } catch (Exception   e) {
159             throw new RemoteException  (e.getLocalizedMessage(),e);
160         }
161         
162         return bExpired;
163     }
164     
165     /**
166      * Returns <code>true</code> if the user with the specified user name 
167      * and password is a super user.
168      * 
169      * @param sUserName the user name
170      * @param sPwd the password
171      * @return <code>true</code> if the user with the specified user name 
172      * and password is a super user
173      */
174     static public boolean isSuperUser(String   sUserName, String   sPwd) throws RemoteException   {
175         boolean bIsSuper = false;
176         
177         UserAuthenticator auth = UserAuthenticatorFactory.getAuthenticator();
178         
179         try {
180             User usr = auth.getUser(sUserName, sPwd);
181             
182             bIsSuper = usr.isSuper();
183         } catch (UserAuthenticationException e) {
184             throw new RemoteException  (e.getLocalizedMessage(),e);
185         } catch (DataAccessException e) {
186             throw new RemoteException  (e.getLocalizedMessage(),e);
187         } 
188         
189         return bIsSuper;
190     }
191     /**
192      * Returns <code>true</code> if the user with the specified user name 
193      * and password is a super user.
194      * 
195      * @param sUserName the user name
196      * @param sPwd the password
197      * @return <code>true</code> if the user with the specified user name 
198      * and password is a super user
199      */
200     static public boolean isSuperUser(String   sUserName, String   sPwd, String   sCheckUser) throws RemoteException   {
201         boolean bIsSuper = false;
202         
203         UserAuthenticator auth = UserAuthenticatorFactory.getAuthenticator();
204         
205         try {
206             User usr = auth.getUser(sUserName, sPwd);
207             User chkUsr = auth.getUser(sCheckUser);
208             
209             if(chkUsr.isSuper() == true) {
210                 bIsSuper = true;
211             }
212         } catch (UserAuthenticationException e) {
213             throw new RemoteException  (e.getLocalizedMessage(),e);
214         } catch (DataAccessException e) {
215             throw new RemoteException  (e.getLocalizedMessage(),e);
216         } 
217         
218         return bIsSuper;
219     }
220     
221     /**
222      * Sets the super user status on the user of the name 
223      * <code>sChangeUser</code> using the authority of the user identified
224      * by the user name <code>sCurrUserName</code> and password <code>sPwd</code>
225      * 
226      * @param sCurrUserName the user name of the user making the change
227      * @param sPwd the password of the user making the change
228      * @param sNewSuperUser the user name of the user to be changed
229      * @param bIsSuper <code>true</code> if the user to be changed is to be a super user, otherwise <code>false</code>
230      * @throws RemoteException if the current user is not allowed to make the change, 
231      * there is a pending version of the user to be changed or a general 
232      * error occurs
233      */
234     static public void setIsSuperUser(String   sCurrUserName, String   sPwd, String   sChangeUser, boolean bIsSuper) throws RemoteException   {
235         
236         if(sCurrUserName.equals(sChangeUser) == true) {
237             throw new RemoteException  ("User can not change their own user status");
238         }
239         UserAuthenticator auth = UserAuthenticatorFactory.getAuthenticator();
240         
241         try {
242             User currUsr = auth.getUser(sCurrUserName, sPwd);
243             
244             if(currUsr == null) {
245                 throw new UserAuthenticationException("Current user details are not valid");
246             }
247             
248             if(currUsr.isSuper() == true) {
249                 User newSuper = auth.getUser(sChangeUser);
250                 
251                 if(newSuper == null) {
252                     throw new UserAuthenticationException("Details of user to change are invalid");
253                 }
254                 
255                 if((newSuper.isPendingVersion() == true && newSuper.getLiveVersion() != null) || newSuper.getPendingVersions().size() > 0) {
256                     throw new RemoteException  ("Invalid operation when there is a pending version");
257                 } else {
258                     newSuper.setIsSuper(bIsSuper);
259                     
260                     newSuper = (User) newSuper.save();
261                     
262                     newSuper.changeStatus(Status.APPROVED);
263                 }
264             } else {
265                 throw new UserAuthenticationException("Current user not allowed to changed super user settings");
266             }
267         } catch (UserAuthenticationException e) {
268             throw new RemoteException  (e.getLocalizedMessage(),e);
269         } catch (DataAccessException e) {
270             throw new RemoteException  (e.getLocalizedMessage(),e);
271         } catch (EditException e) {
272             throw new RemoteException  (e.getLocalizedMessage(),e);
273         }
274         
275     }
276     
277     /**
278      * Returns <code>true</code> if the user of the given user name has been 
279      * locked out of the system due to too many attempts to log in.
280      * 
281      * @param sUserName the user name
282      * @return <code>true</code> if the user of the given user name has been 
283      * locked out
284      */
285     static public boolean isUserLockedOut(String   sUserName) {
286         boolean bIsLockedOut = false;
287         
288         UserAuthenticator auth = UserAuthenticatorFactory.getAuthenticator();
289         
290         try {
291             bIsLockedOut = auth.isUserLockedOut(sUserName);
292         } catch (UserAuthenticationException e) {
293             m_logger.log(Level.WARNING, e.getLocalizedMessage(), e);
294         }
295         
296         return bIsLockedOut;
297     }
298 
299 }
300
A to Z: JavaDoc & Examples Daily Java News & Articles Open Source Projects Open Source Codes Free Computer Books Remove Frame
Popular Tags