001: /*
002: * Copyright (c) 2001 - 2005 ivata limited.
003: * All rights reserved.
004: * -----------------------------------------------------------------------------
005: * ivata groupware may be redistributed under the GNU General Public
006: * License as published by the Free Software Foundation;
007: * version 2 of the License.
008: *
009: * These programs are free software; you can redistribute them and/or
010: * modify them under the terms of the GNU General Public License
011: * as published by the Free Software Foundation; version 2 of the License.
012: *
013: * These programs are distributed in the hope that they will be useful,
014: * but WITHOUT ANY WARRANTY; without even the implied warranty of
015: * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
016: *
017: * See the GNU General Public License in the file LICENSE.txt for more
018: * details.
019: *
020: * If you would like a copy of the GNU General Public License write to
021: *
022: * Free Software Foundation, Inc.
023: * 59 Temple Place - Suite 330
024: * Boston, MA 02111-1307, USA.
025: *
026: *
027: * To arrange commercial support and licensing, contact ivata at
028: * http://www.ivata.com/contact.jsp
029: * -----------------------------------------------------------------------------
030: * $Log: SecurityImpl.java,v $
031: * Revision 1.8 2005/10/14 14:01:46 colinmacleod
032: * Changed password checking routines to return boolean, rather than throwing
033: * an exception.
034: *
035: * Revision 1.7 2005/10/11 18:56:19 colinmacleod
036: * Fixed some checkstyle and javadoc issues.
037: *
038: * Revision 1.6 2005/10/02 14:08:57 colinmacleod
039: * Added/improved log4j logging.
040: *
041: * Revision 1.5 2005/09/29 14:17:04 colinmacleod
042: * Split UserGroupDO off from GroupDO.
043: * Moved UserGroupDO, Right classes to security subproject (from
044: * addressbook).
045: * Centralized user right handling into Rights and RightsImpl.
046: *
047: * Revision 1.4 2005/09/14 16:10:22 colinmacleod
048: * Removed unused local and class variables.
049: * Added serialVersionUID.
050: *
051: * Revision 1.3 2005/04/10 19:42:41 colinmacleod
052: * *** empty log message ***
053: *
054: * Revision 1.2 2005/04/09 17:19:56 colinmacleod
055: * Changed copyright text to GPL v2 explicitly.
056: *
057: * Revision 1.1.1.1 2005/03/10 17:51:40 colinmacleod
058: * Restructured ivata op around Hibernate/PicoContainer.
059: * Renamed ivata groupware.
060: *
061: * Revision 1.4 2004/11/12 18:16:07 colinmacleod
062: * Ordered imports.
063: *
064: * Revision 1.3 2004/11/12 15:57:18 colinmacleod
065: * Removed dependencies on SSLEXT.
066: * Moved Persistence classes to ivata masks.
067: *
068: * Revision 1.2 2004/11/03 16:07:19 colinmacleod
069: * Many bugfixes.
070: * Added new addUser method.
071: *
072: * Revision 1.1 2004/09/30 15:15:58 colinmacleod
073: * Split off addressbook elements into security subproject.
074: *
075: * Revision 1.2 2004/07/18 21:59:09 colinmacleod
076: * Removed Person from User - now you need to use addressbook/persistence
077: * manager to find the person (makes the app run faster.)
078: *
079: * Revision 1.1 2004/07/13 19:41:11 colinmacleod
080: * Moved project to POJOs from EJBs.
081: * Applied PicoContainer to services layer (replacing session EJBs).
082: * Applied Hibernate to persistence layer (replacing entity EJBs).
083: * -----------------------------------------------------------------------------
084: */
085: package com.ivata.groupware.admin.security;
086:
087: import org.apache.log4j.Logger;
088:
089: import com.ivata.groupware.admin.security.server.SecurityServer;
090: import com.ivata.groupware.admin.security.server.SecuritySession;
091: import com.ivata.groupware.admin.security.user.UserDO;
092: import com.ivata.groupware.business.BusinessLogic;
093: import com.ivata.mask.Mask;
094: import com.ivata.mask.MaskFactory;
095: import com.ivata.mask.persistence.FinderException;
096: import com.ivata.mask.persistence.PersistenceSession;
097: import com.ivata.mask.persistence.QueryPersistenceManager;
098: import com.ivata.mask.util.SystemException;
099: import com.ivata.mask.validation.ValidationError;
100: import com.ivata.mask.validation.ValidationException;
101:
102: /**
103: * <copyDoc>Refer to {@link Security}.</copyDoc>
104: *
105: * @author Colin MacLeod
106: * <a href='mailto:colin.macleod@ivata.com'>colin.macleod@ivata.com</a>
107: * @since ivata groupware 0.9 (2002-09-08)
108: * @version $Revision: 1.8 $
109: */
110: public class SecurityImpl extends BusinessLogic implements Security {
111: /**
112: * Logger for this class.
113: */
114: private static final Logger logger = Logger
115: .getLogger(SecurityImpl.class);
116:
117: /**
118: * Serialization version (for <code>Serializable</code> interface).
119: */
120: private static final long serialVersionUID = 1L;
121:
122: /**
123: * All security features are disabled in demo mode. This is determined
124: * by the system setting <code>demoVersion</code>.
125: */
126: private boolean demoVersion;
127:
128: /**
129: * <copyDoc>Refer to {@link SecurityImpl#SecurityImpl}.</copyDoc>
130: */
131: private MaskFactory maskFactory;
132:
133: /**
134: * Persistence manger used to store/retrieve data objects, or retrieve a
135: * new persistence session.
136: */
137: private QueryPersistenceManager persistenceManager;
138:
139: /**
140: * Security server - used for logging in users.
141: */
142: private SecurityServer securityServer;
143:
144: /**
145: * Constructor. Normally called by <code>PicoContainer</code>.
146: *
147: * @param persistenceManagerParam Used to store and retrieve users.
148: * @param securityServerParam Used to log users in and add system users.
149: * @param maskFactoryParam Used in validation.
150: * @param demoVersionParam If <code>true</code>, users will not be added to
151: * the system.
152: */
153: public SecurityImpl(
154: final QueryPersistenceManager persistenceManagerParam,
155: final SecurityServer securityServerParam,
156: final MaskFactory maskFactoryParam,
157: final Boolean demoVersionParam) {
158: this .persistenceManager = persistenceManagerParam;
159: this .securityServer = securityServerParam;
160: this .maskFactory = maskFactoryParam;
161: this .demoVersion = demoVersionParam.booleanValue();
162: }
163:
164: /**
165: * {@inheritDoc}
166: *
167: * @param securitySession {@inheritDoc}
168: * @param user {@inheritDoc}
169: * @return {@inheritDoc}
170: * @throws SystemException {@inheritDoc}
171: */
172: public UserDO addUser(final SecuritySession securitySession,
173: final UserDO user) throws SystemException {
174: if (logger.isDebugEnabled()) {
175: logger.debug("addUser(SecuritySession securitySession = "
176: + securitySession + ", UserDO user = " + user
177: + ") - start");
178: }
179:
180: // not in demo mode!
181: if (demoVersion) {
182: if (logger.isDebugEnabled()) {
183: logger.debug("addUser - end - return value = " + user);
184: }
185: return user;
186: }
187:
188: PersistenceSession persistenceSession = persistenceManager
189: .openSession(securitySession);
190: Mask mask = maskFactory.getMask(UserDO.class);
191:
192: // if the user is deleted, it is naturally also disabled!
193: if (user.isDeleted()) {
194: user.setEnabled(false);
195: }
196: // first check this user name is not already taken
197: if (isUser(securitySession, user.getName())) {
198: throw new ValidationException(new ValidationError("user",
199: Security.BUNDLE_PATH, mask.getField("name"),
200: "errors.unique"));
201: }
202:
203: try {
204: persistenceManager.add(persistenceSession, user);
205: // if the user is enabled, add it to the security server
206: if (user.isEnabled()) {
207: securityServer.addUser(securitySession, user.getName(),
208: getRealName(persistenceSession, user));
209: }
210: } catch (Exception e) {
211: logger.error("addUser(SecuritySession, UserDO)", e);
212:
213: persistenceSession.cancel();
214: throw new SystemException(e);
215: } finally {
216: persistenceSession.close();
217: }
218:
219: if (logger.isDebugEnabled()) {
220: logger.debug("addUser - end - return value = " + user);
221: }
222: return user;
223: }
224:
225: /**
226: * {@inheritDoc}
227: *
228: * @param securitySession {@inheritDoc}
229: * @param user {@inheritDoc}
230: * @throws SystemException {@inheritDoc}
231: */
232: public void amendUser(final SecuritySession securitySession,
233: final UserDO user) throws SystemException {
234: if (logger.isDebugEnabled()) {
235: logger.debug("amendUser(SecuritySession securitySession = "
236: + securitySession + ", UserDO user = " + user
237: + ") - start");
238: }
239:
240: if (demoVersion) {
241: if (logger.isDebugEnabled()) {
242: logger
243: .debug("amendUser(SecuritySession, UserDO) - end");
244: }
245: return;
246: }
247: Mask mask = maskFactory.getMask(UserDO.class);
248: // check we have field values
249: PersistenceSession persistenceSession = persistenceManager
250: .openSession(securitySession);
251: UserDO oldUser = null;
252:
253: try {
254: oldUser = (UserDO) persistenceManager.findByPrimaryKey(
255: persistenceSession, UserDO.class, user.getId());
256: } catch (Exception e) {
257: logger.error("amendUser(SecuritySession, UserDO)", e);
258:
259: persistenceSession.cancel();
260: throw new SystemException(e);
261: } finally {
262: persistenceSession.close();
263: }
264: persistenceSession = persistenceManager
265: .openSession(securitySession);
266: try {
267:
268: // if the user is deleted, it is naturally also disabled!
269: if (user.isDeleted()) {
270: user.setEnabled(false);
271: }
272:
273: // remove the user name from the mail system -
274: // only if the old user is enabled
275: if (!user.isEnabled()) {
276: if (oldUser.isEnabled()) {
277: securityServer.removeUser(securitySession, oldUser
278: .getName());
279: }
280: } else {
281: // likewise if the old user is disabled and it is now enabled,
282: // recreate the user
283: if (!oldUser.isEnabled()) {
284: securityServer.addUser(securitySession, user
285: .getName(), user.getDisplayName());
286: }
287: if (!oldUser.getName().equals(user.getName())) {
288: try {
289: persistenceManager.findInstance(
290: persistenceSession,
291: "securityUserByName",
292: new Object[] { user.getName() });
293: throw new ValidationException(
294: new ValidationError("user",
295: Security.BUNDLE_PATH, mask
296: .getField("name"),
297: "errors.unique"));
298: } catch (FinderException thatsGood) {
299: logger.error(
300: "amendUser(SecuritySession, UserDO)",
301: thatsGood);
302: // that's good!
303: persistenceManager.amend(persistenceSession,
304: user);
305:
306: // if the name changed, there are special
307: // considerations...
308: onAmendUserName(securitySession,
309: persistenceSession, user, oldUser
310: .getName());
311: }
312: } else {
313: persistenceManager.amend(persistenceSession, user);
314: }
315: }
316: } catch (Exception e) {
317: logger.error("amendUser(SecuritySession, UserDO)", e);
318:
319: persistenceSession.cancel();
320: throw new SystemException(e);
321: } finally {
322: persistenceSession.close();
323: }
324:
325: if (logger.isDebugEnabled()) {
326: logger.debug("amendUser(SecuritySession, UserDO) - end");
327: }
328: }
329:
330: /**
331: * {@inheritDoc}
332: *
333: * @param securitySession {@inheritDoc}
334: * @param password {@inheritDoc}
335: * @throws SystemException {@inheritDoc}
336: * @return {@inheritDoc}
337: */
338: public boolean checkPassword(final SecuritySession securitySession,
339: final String password) throws SystemException {
340: if (logger.isDebugEnabled()) {
341: logger
342: .debug("checkPassword(SecuritySession securitySession = "
343: + securitySession
344: + ", String password = "
345: + password + ") - start");
346: }
347:
348: if (demoVersion) {
349: if (logger.isDebugEnabled()) {
350: logger
351: .debug("checkPassword(SecuritySession, String) - end");
352: }
353: return false;
354: }
355: UserDO user = securitySession.getUser();
356:
357: // check the password is correct
358: boolean returnValue = securityServer.checkPassword(
359: securitySession, user.getName(), password);
360: if (logger.isDebugEnabled()) {
361: logger.debug("checkPassword() - end - return value = "
362: + returnValue);
363: }
364: return returnValue;
365: }
366:
367: /**
368: * <p>Enable/disable a user from logging into the system.</p>
369: *
370: * @param securitySession Used to authenticate the user currently using the
371: * system.
372: * @param userNameEnable the name of the user to enable or disable.
373: * @param enable set to <code>true</code> if the user should be allowed to
374: * log into the system, otherwise <code>false</code>.
375: * @throws SystemException if any of the parameters are
376: * <code>null</code>, or the user cannot be enabled for any reason.
377: */
378: public void enableUser(final SecuritySession securitySession,
379: final String userNameEnable, final boolean enable)
380: throws SystemException {
381: if (logger.isDebugEnabled()) {
382: logger
383: .debug("enableUser(SecuritySession securitySession = "
384: + securitySession
385: + ", String userNameEnable = "
386: + userNameEnable
387: + ", boolean enable = "
388: + enable + ") - start");
389: }
390:
391: if (demoVersion) {
392: if (logger.isDebugEnabled()) {
393: logger.debug("enableUser - end");
394: }
395: return;
396: }
397: Mask mask = maskFactory.getMask(UserDO.class);
398: // check we have field values
399: PersistenceSession persistenceSession = persistenceManager
400: .openSession(securitySession);
401: try {
402: if (userNameEnable == null) {
403: throw new ValidationException(new ValidationError(
404: "user", Security.BUNDLE_PATH, mask
405: .getField("name"), "errors.required"));
406: }
407:
408: // find the user
409: UserDO user = (UserDO) persistenceManager.findInstance(
410: persistenceSession, "securityUserByName",
411: new Object[] { userNameEnable });
412: user.setEnabled(enable);
413: amendUser(securitySession, user);
414: } catch (Exception e) {
415: logger.error(
416: "enableUser(SecuritySession, String, boolean)", e);
417:
418: persistenceSession.cancel();
419: throw new SystemException(e);
420: } finally {
421: persistenceSession.close();
422: }
423: if (logger.isDebugEnabled()) {
424: logger
425: .debug("enableUser(SecuritySession, String, boolean) - end");
426: }
427: }
428:
429: /**
430: * {@inheritDoc}
431: *
432: * @param securitySession {@inheritDoc}
433: * @param userName {@inheritDoc}
434: * @return {@inheritDoc}
435: * @throws SystemException {@inheritDoc}
436: */
437: public UserDO findUserByName(final SecuritySession securitySession,
438: final String userName) throws SystemException {
439: if (logger.isDebugEnabled()) {
440: logger
441: .debug("findUserByName(SecuritySession securitySession = "
442: + securitySession
443: + ", String userName = "
444: + userName + ") - start");
445: }
446:
447: PersistenceSession persistenceSession = persistenceManager
448: .openSession(securitySession);
449: try {
450: UserDO returnUserDO = (UserDO) persistenceManager
451: .findInstance(persistenceSession,
452: "securityUserByName",
453: new Object[] { userName });
454: if (logger.isDebugEnabled()) {
455: logger.debug("findUserByName - end - return value = "
456: + returnUserDO);
457: }
458: return returnUserDO;
459: } catch (Exception e) {
460: logger.error("findUserByName(SecuritySession, String)", e);
461:
462: persistenceSession.cancel();
463: if (e instanceof SystemException) {
464: throw (SystemException) e;
465: } else {
466: throw new SystemException(e);
467: }
468: } finally {
469: persistenceSession.close();
470: }
471: }
472:
473: /**
474: * <p>
475: * Override this to provide a better string as the 'real' user name. This
476: * is usually a name such as "Paul Smith". The default implementation just
477: * returns the user name.
478: * </p>
479: *
480: * @param persistenceSession Valid persistence session.
481: * @param user The user for whom to return the name.
482: * @return Real-life name for this user.
483: * @throws SystemException If the user's real name cannot be obtained for
484: * any reason.
485: */
486: protected String getRealName(
487: final PersistenceSession persistenceSession,
488: final UserDO user) throws SystemException {
489: if (logger.isDebugEnabled()) {
490: logger
491: .debug("getRealName(PersistenceSession persistenceSession = "
492: + persistenceSession
493: + ", UserDO user = "
494: + user + ") - start");
495: }
496:
497: String returnString = user.getName();
498: if (logger.isDebugEnabled()) {
499: logger.debug("getRealName - end - return value = "
500: + returnString);
501: }
502: return returnString;
503: }
504:
505: /**
506: * {@inheritDoc}
507: *
508: * @param securitySession {@inheritDoc}
509: * @param userName {@inheritDoc}
510: * @return {@inheritDoc}
511: */
512: public final String getSystemUserName(
513: final SecuritySession securitySession, final String userName) {
514: if (logger.isDebugEnabled()) {
515: logger
516: .debug("getSystemUserName(SecuritySession securitySession = "
517: + securitySession
518: + ", String userName = "
519: + userName + ") - start");
520: }
521:
522: String returnString = securityServer.getSystemUserName(
523: securitySession, userName);
524: if (logger.isDebugEnabled()) {
525: logger.debug("getSystemUserName - end - return value = "
526: + returnString);
527: }
528: return returnString;
529: }
530:
531: /**
532: * {@inheritDoc}
533: *
534: * @param securitySession {@inheritDoc}
535: * @param systemUserName {@inheritDoc}
536: * @return {@inheritDoc}
537: */
538: public final String getUserNameFromSystemUserName(
539: final SecuritySession securitySession,
540: final String systemUserName) {
541: if (logger.isDebugEnabled()) {
542: logger.debug("getUserNameFromSystemUserName("
543: + "SecuritySession securitySession = "
544: + securitySession + ", String systemUserName = "
545: + systemUserName + ") - start");
546: }
547:
548: String returnString = securityServer
549: .getUserNameFromSystemUserName(securitySession,
550: systemUserName);
551: if (logger.isDebugEnabled()) {
552: logger
553: .debug("getUserNameFromSystemUserName - end - return value = "
554: + returnString);
555: }
556: return returnString;
557: }
558:
559: /**
560: * Find out whether or not the system is in demo mode.
561: *
562: * <p>
563: * All security features are disabled in demo mode. This is determined
564: * by the system setting <code>demoVersion</code>.
565: * </p>
566: *
567: * @return Returns <code>true</code> if the system is currently in demo
568: * mode.
569: */
570: protected boolean isDemoVersion() {
571: return demoVersion;
572: }
573:
574: /**
575: * {@inheritDoc}
576: *
577: * @param securitySession {@inheritDoc}
578: * @param userNameParam {@inheritDoc}
579: * @return {@inheritDoc}
580: * @throws SystemException {@inheritDoc}
581: */
582: public boolean isUser(final SecuritySession securitySession,
583: final String userNameParam) throws SystemException {
584: if (logger.isDebugEnabled()) {
585: logger.debug("isUser(SecuritySession securitySession = "
586: + securitySession + ", String userNameParam = "
587: + userNameParam + ") - start");
588: }
589:
590: boolean returnboolean = securityServer.isUser(securitySession,
591: userNameParam);
592: if (logger.isDebugEnabled()) {
593: logger.debug("isUser - end - return value = "
594: + returnboolean);
595: }
596: return returnboolean;
597: }
598:
599: /**
600: * {@inheritDoc}
601: *
602: * @param securitySession {@inheritDoc}
603: * @param userName {@inheritDoc}
604: * @return {@inheritDoc}
605: * @throws SystemException {@inheritDoc}
606: */
607: public boolean isUserEnabled(final SecuritySession securitySession,
608: final String userName) throws SystemException {
609: if (logger.isDebugEnabled()) {
610: logger
611: .debug("isUserEnabled(SecuritySession securitySession = "
612: + securitySession
613: + ", String userName = "
614: + userName + ") - start");
615: }
616:
617: if (demoVersion) {
618: if (logger.isDebugEnabled()) {
619: logger
620: .debug("isUserEnabled - end - return value = " + false);
621: }
622: return false;
623: }
624: assert (userName != null);
625:
626: // check we have field values
627: PersistenceSession persistenceSession = persistenceManager
628: .openSession(securitySession);
629: try {
630:
631: // find the user
632: UserDO user = (UserDO) persistenceManager.findInstance(
633: persistenceSession, "securityUserByName",
634: new Object[] { userName });
635: boolean returnboolean = user.isEnabled();
636: if (logger.isDebugEnabled()) {
637: logger.debug("isUserEnabled - end - return value = "
638: + returnboolean);
639: }
640: return returnboolean;
641: } catch (Exception e) {
642: logger.error("isUserEnabled(SecuritySession, String)", e);
643:
644: persistenceSession.cancel();
645: throw new SystemException(e);
646: } finally {
647: persistenceSession.close();
648: }
649: }
650:
651: /**
652: * {@inheritDoc}
653: *
654: * @param user {@inheritDoc}
655: * @param password {@inheritDoc}
656: * @return {@inheritDoc}
657: * @throws SystemException {@inheritDoc}
658: */
659: public SecuritySession login(final UserDO user,
660: final String password) throws SystemException {
661: if (logger.isDebugEnabled()) {
662: logger.debug("login(UserDO user = " + user
663: + ", String password = " + password + ") - start");
664: }
665:
666: SecuritySession session;
667: session = securityServer.login(user, password);
668:
669: if (logger.isDebugEnabled()) {
670: logger
671: .debug("login(UserDO, String) - end - return value = "
672: + session);
673: }
674: return session;
675: }
676:
677: /**
678: * {@inheritDoc}
679: *
680: * @return {@inheritDoc}
681: * @throws SystemException {@inheritDoc}
682: */
683: public SecuritySession loginGuest() throws SystemException {
684: if (logger.isDebugEnabled()) {
685: logger.debug("loginGuest() - start");
686: }
687:
688: SecuritySession session;
689:
690: session = securityServer.loginGuest();
691:
692: if (logger.isDebugEnabled()) {
693: logger.debug("loginGuest() - end - return value = "
694: + session);
695: }
696: return session;
697: }
698:
699: /**
700: * Called when the user name is changed, so it can be overridden to change
701: * address book groups accordingly.
702: *
703: * @param securitySession Used to authenticate the current system user.
704: * @param persistenceSession valid, open session for the current data store
705: * transaction.
706: * @param user user with the new name set.
707: * @param oldName user name before the change.
708: *
709: * @throws SystemException if the name cannot be changed for any reason
710: */
711: protected void onAmendUserName(
712: final SecuritySession securitySession,
713: final PersistenceSession persistenceSession,
714: final UserDO user, final String oldName)
715: throws SystemException {
716: if (logger.isDebugEnabled()) {
717: logger
718: .debug("onAmendUserName(SecuritySession securitySession = "
719: + securitySession
720: + ", PersistenceSession persistenceSession = "
721: + persistenceSession
722: + ", UserDO user = "
723: + user
724: + ", String oldName = "
725: + oldName
726: + ") - start");
727: }
728:
729: if (demoVersion) {
730: if (logger.isDebugEnabled()) {
731: logger.debug("onAmendUserName - end");
732: }
733: return;
734: }
735: Mask mask = maskFactory.getMask(UserDO.class);
736: // if the user names have changed, remove the old user
737: // from the system and add the new one
738: // find the user
739: // check the new username is not already taken
740: if (securityServer.isUser(securitySession, user.getName())) {
741: throw new ValidationException(new ValidationError("user",
742: Security.BUNDLE_PATH, mask.getField("name"),
743: "errors.unique"));
744: }
745: securityServer.removeUser(securitySession, oldName);
746: securityServer.addUser(securitySession, user.getName(),
747: getRealName(persistenceSession, user));
748:
749: if (logger.isDebugEnabled()) {
750: logger.debug("onAmendUserName - end");
751: }
752: }
753:
754: /**
755: * {@inheritDoc}
756: *
757: * @param securitySession {@inheritDoc}
758: * @param userNameRemove {@inheritDoc}
759: * @throws SystemException {@inheritDoc}
760: */
761: public void removeUser(final SecuritySession securitySession,
762: final String userNameRemove) throws SystemException {
763: if (logger.isDebugEnabled()) {
764: logger
765: .debug("removeUser(SecuritySession securitySession = "
766: + securitySession
767: + ", String userNameRemove = "
768: + userNameRemove + ") - start");
769: }
770:
771: if (demoVersion) {
772: if (logger.isDebugEnabled()) {
773: logger
774: .debug("removeUser(SecuritySession, String) - end");
775: }
776: return;
777: }
778: // check we have field values
779: Mask mask = maskFactory.getMask(UserDO.class);
780: PersistenceSession persistenceSession = persistenceManager
781: .openSession(securitySession);
782:
783: try {
784: if (userNameRemove == null) {
785: throw new ValidationException(new ValidationError(
786: "user", Security.BUNDLE_PATH, mask
787: .getField("name"), "errors.required"));
788: }
789:
790: // find the user
791: UserDO user = (UserDO) persistenceManager.findInstance(
792: persistenceSession, "securityUserByName",
793: new Object[] { userNameRemove });
794: // now mark the entity as deleted
795: user.setDeleted(true);
796: amendUser(securitySession, user);
797: } catch (Exception e) {
798: logger.error("removeUser(SecuritySession, String)", e);
799:
800: persistenceSession.cancel();
801: throw new SystemException(e);
802: } finally {
803: persistenceSession.close();
804: }
805:
806: if (logger.isDebugEnabled()) {
807: logger.debug("removeUser(SecuritySession, String) - end");
808: }
809: }
810:
811: /**
812: * {@inheritDoc}
813: *
814: * @param securitySession {@inheritDoc}
815: * @param userNamePassword {@inheritDoc}
816: * @param password {@inheritDoc}
817: * @throws SystemException {@inheritDoc}
818: */
819: public final void setPassword(
820: final SecuritySession securitySession,
821: final String userNamePassword, final String password)
822: throws SystemException {
823: if (logger.isDebugEnabled()) {
824: logger
825: .debug("setPassword(SecuritySession securitySession = "
826: + securitySession
827: + ", String userNamePassword = "
828: + userNamePassword
829: + ", String password = "
830: + password + ") - start");
831: }
832:
833: if (demoVersion) {
834: if (logger.isDebugEnabled()) {
835: logger.debug("setPassword - end");
836: }
837: return;
838: }
839: // check we have field values
840: Mask mask = maskFactory.getMask(UserDO.class);
841: PersistenceSession persistenceSession = persistenceManager
842: .openSession(securitySession);
843: try {
844: if (userNamePassword == null) {
845: throw new ValidationException(new ValidationError(
846: "user", Security.BUNDLE_PATH, mask
847: .getField("name"), "errors.required"));
848: }
849:
850: // find the user
851: UserDO user = (UserDO) persistenceManager.findInstance(
852: persistenceSession, "securityUserByName",
853: new Object[] { userNamePassword });
854:
855: // set password on mailserver
856: securityServer.setPassword(securitySession, user.getName(),
857: password);
858: } catch (Exception e) {
859: logger.error(
860: "setPassword(SecuritySession, String, String)", e);
861:
862: persistenceSession.cancel();
863: throw new SystemException(e);
864: } finally {
865: persistenceSession.close();
866: }
867:
868: if (logger.isDebugEnabled()) {
869: logger
870: .debug("setPassword(SecuritySession, String, String) - end");
871: }
872: }
873: }
|