001: package org.manentia.kasai.services;
002:
003: import java.sql.Connection;
004: import java.sql.DriverManager;
005: import java.sql.ResultSet;
006: import java.sql.SQLException;
007: import java.sql.Statement;
008: import java.util.ResourceBundle;
009:
010: import org.apache.commons.dbcp.DriverManagerConnectionFactory;
011: import org.apache.commons.dbcp.PoolableConnectionFactory;
012: import org.apache.commons.dbcp.PoolingDriver;
013: import org.apache.commons.lang.RandomStringUtils;
014: import org.apache.commons.lang.StringUtils;
015: import org.apache.commons.pool.impl.GenericObjectPool;
016: import org.jasypt.util.password.BasicPasswordEncryptor;
017: import org.jasypt.util.password.StrongPasswordEncryptor;
018: import org.manentia.kasai.Constants;
019: import org.manentia.kasai.exceptions.InvalidPasswordException;
020: import org.manentia.kasai.exceptions.ServiceException;
021:
022: import com.manentia.commons.log.Log;
023: import com.manentia.commons.security.EncryptionUtil;
024:
025: /**
026: *
027: * @author rzuasti
028: */
029: public class RDBMSAuthService implements AuthService {
030:
031: public static final String ENCRYPTOR_STRENGTH_CLEARTEXT = "cleartext";
032: public static final String ENCRYPTOR_STRENGTH_BASIC = "basic";
033: public static final String ENCRYPTOR_STRENGTH_STRONG = "strong";
034:
035: private static Connection getConnection() throws SQLException {
036: Connection con = null;
037:
038: Log.write("Enter", Log.INFO, "getConnection",
039: RDBMSAuthService.class);
040:
041: try {
042: con = DriverManager
043: .getConnection("jdbc:apache:commons:dbcp:lyptusAuth");
044: } catch (Exception e) {
045: initPool();
046: con = DriverManager
047: .getConnection("jdbc:apache:commons:dbcp:lyptusAuth");
048: }
049:
050: Log.write("Exit", Log.INFO, "getConnection",
051: RDBMSAuthService.class);
052:
053: return con;
054: }
055:
056: private static void initPool() {
057: try {
058: ResourceBundle res = ResourceBundle
059: .getBundle(Constants.CONFIG_PROPERTY_FILE);
060:
061: Class.forName(res.getString("kasai.rdbms.driver"))
062: .newInstance();
063:
064: GenericObjectPool connPool = new GenericObjectPool(null);
065: DriverManagerConnectionFactory connFactory = new DriverManagerConnectionFactory(
066: res.getString("kasai.rdbms.url"), res
067: .getString("kasai.rdbms.user"), res
068: .getString("kasai.rdbms.password"));
069:
070: PoolableConnectionFactory poolableConnFactory = new PoolableConnectionFactory(
071: connFactory, connPool, null, null, false, true);
072: PoolingDriver driver = new PoolingDriver();
073:
074: driver.registerPool("lyptusAuth", connPool);
075: } catch (Exception e) {
076: Log
077: .write(
078: "Something really bad happened while initializing db connection pool",
079: e, Log.ERROR, "initPool",
080: RDBMSAuthService.class);
081: }
082: }
083:
084: public int checkPassword(String userName, String password)
085: throws ServiceException {
086: Connection con = null;
087: Statement stmt = null;
088: ResultSet rs = null;
089: int result = AUTH_BAD_USERNAME;
090:
091: try {
092: ResourceBundle res = ResourceBundle
093: .getBundle(Constants.CONFIG_PROPERTY_FILE);
094: con = getConnection();
095:
096: stmt = con.createStatement();
097: rs = stmt.executeQuery("SELECT "
098: + res.getString("kasai.rdbms.passwordField")
099: + " FROM "
100: + res.getString("kasai.rdbms.table")
101: + " WHERE "
102: + res.getString("kasai.rdbms.usernameField")
103: + "='"
104: + org.apache.commons.lang.StringEscapeUtils
105: .escapeSql(userName) + "'");
106:
107: if (rs.next()) {
108: // Just to make sure no nulls are handled
109: String storedPassword = StringUtils.defaultString(rs
110: .getString(1));
111: password = StringUtils.defaultString(password);
112:
113: result = AUTH_BAD_PASSWORD;
114:
115: if (StringUtils.isEmpty(storedPassword)
116: && StringUtils.isEmpty(password)) {
117: result = AUTH_OK;
118: } else {
119: if (res
120: .getString("kasai.rdbms.encryptorStrength")
121: .equals(
122: RDBMSAuthService.ENCRYPTOR_STRENGTH_BASIC)) {
123: BasicPasswordEncryptor passwordEncryptor = new BasicPasswordEncryptor();
124:
125: if (passwordEncryptor.checkPassword(password,
126: storedPassword)) {
127: result = AUTH_OK;
128: }
129: } else if (res.getString(
130: "kasai.rdbms.encryptorStrength").equals(
131: RDBMSAuthService.ENCRYPTOR_STRENGTH_STRONG)) {
132: StrongPasswordEncryptor passwordEncryptor = new StrongPasswordEncryptor();
133:
134: if (passwordEncryptor.checkPassword(password,
135: storedPassword)) {
136: result = AUTH_OK;
137: }
138: } else if (res
139: .getString("kasai.rdbms.encryptorStrength")
140: .equals(
141: RDBMSAuthService.ENCRYPTOR_STRENGTH_CLEARTEXT)) {
142: if (storedPassword.equals(password)) {
143: result = AUTH_OK;
144: }
145: }
146: }
147: }
148:
149: } catch (SQLException e) {
150: Log.write("Can't retrieve password from database", e,
151: Log.ERROR, "checkPassword", RDBMSAuthService.class);
152: throw new ServiceException(e);
153: } catch (Exception e) {
154: Log.write("Unknow error", e, Log.ERROR, "checkPassword",
155: RDBMSAuthService.class);
156:
157: throw new ServiceException(e);
158: } finally {
159: try {
160: rs.close();
161: } catch (Exception e) {
162: }
163: try {
164: stmt.close();
165: } catch (Exception e) {
166: }
167: try {
168: con.close();
169: } catch (Exception e) {
170: }
171: }
172:
173: return result;
174: }
175:
176: public void changePassword(String userName, String oldPassword,
177: String newPassword) throws ServiceException,
178: InvalidPasswordException {
179:
180: Connection con = null;
181: Statement stmt = null;
182: String sql = null;
183:
184: try {
185: ResourceBundle res = ResourceBundle
186: .getBundle(Constants.CONFIG_PROPERTY_FILE);
187:
188: oldPassword = StringUtils.defaultString(oldPassword);
189: newPassword = StringUtils.defaultString(newPassword);
190: String encryptedPassword = null;
191:
192: if (checkPassword(userName, oldPassword) != AUTH_OK) {
193: throw new InvalidPasswordException("Invalid password");
194: }
195:
196: if (res.getString("kasai.rdbms.encryptorStrength").equals(
197: RDBMSAuthService.ENCRYPTOR_STRENGTH_BASIC)) {
198: BasicPasswordEncryptor passwordEncryptor = new BasicPasswordEncryptor();
199:
200: encryptedPassword = passwordEncryptor
201: .encryptPassword(newPassword);
202: } else if (res.getString("kasai.rdbms.encryptorStrength")
203: .equals(RDBMSAuthService.ENCRYPTOR_STRENGTH_STRONG)) {
204: StrongPasswordEncryptor passwordEncryptor = new StrongPasswordEncryptor();
205:
206: encryptedPassword = passwordEncryptor
207: .encryptPassword(newPassword);
208: } else if (res
209: .getString("kasai.rdbms.encryptorStrength")
210: .equals(
211: RDBMSAuthService.ENCRYPTOR_STRENGTH_CLEARTEXT)) {
212: encryptedPassword = newPassword;
213: }
214:
215: con = getConnection();
216:
217: stmt = con.createStatement();
218:
219: sql = "UPDATE "
220: + res.getString("kasai.rdbms.table")
221: + " SET "
222: + res.getString("kasai.rdbms.passwordField")
223: + "='"
224: + encryptedPassword
225: + "' WHERE "
226: + res.getString("kasai.rdbms.usernameField")
227: + "='"
228: + org.apache.commons.lang.StringEscapeUtils
229: .escapeSql(userName) + "'";
230:
231: stmt.executeUpdate(sql);
232:
233: } catch (SQLException e) {
234: Log.write("SQL Error", e, Log.ERROR, "changePassword",
235: RDBMSAuthService.class);
236:
237: throw new ServiceException(e);
238: } finally {
239: try {
240: stmt.close();
241: } catch (Exception e) {
242: }
243: try {
244: con.close();
245: } catch (Exception e) {
246: }
247: }
248:
249: }
250:
251: public void setPassword(String userName, String password)
252: throws ServiceException, InvalidPasswordException {
253:
254: Connection con = null;
255: Statement stmt = null;
256: String sql = null;
257:
258: try {
259: // We dont like null passwords
260: password = StringUtils.defaultString(password);
261:
262: ResourceBundle res = ResourceBundle
263: .getBundle(Constants.CONFIG_PROPERTY_FILE);
264:
265: String encryptedPassword = null;
266:
267: if (res.getString("kasai.rdbms.encryptorStrength").equals(
268: RDBMSAuthService.ENCRYPTOR_STRENGTH_BASIC)) {
269: BasicPasswordEncryptor passwordEncryptor = new BasicPasswordEncryptor();
270:
271: encryptedPassword = passwordEncryptor
272: .encryptPassword(password);
273: } else if (res.getString("kasai.rdbms.encryptorStrength")
274: .equals(RDBMSAuthService.ENCRYPTOR_STRENGTH_STRONG)) {
275: StrongPasswordEncryptor passwordEncryptor = new StrongPasswordEncryptor();
276:
277: encryptedPassword = passwordEncryptor
278: .encryptPassword(password);
279: } else if (res
280: .getString("kasai.rdbms.encryptorStrength")
281: .equals(
282: RDBMSAuthService.ENCRYPTOR_STRENGTH_CLEARTEXT)) {
283: encryptedPassword = password;
284: }
285:
286: con = getConnection();
287:
288: stmt = con.createStatement();
289:
290: sql = "UPDATE "
291: + res.getString("kasai.rdbms.table")
292: + " SET "
293: + res.getString("kasai.rdbms.passwordField")
294: + "='"
295: + encryptedPassword
296: + "' WHERE "
297: + res.getString("kasai.rdbms.usernameField")
298: + "='"
299: + org.apache.commons.lang.StringEscapeUtils
300: .escapeSql(userName) + "'";
301:
302: stmt.executeUpdate(sql);
303:
304: } catch (SQLException e) {
305: Log.write("SQL Error", e, Log.ERROR, "setPassword",
306: RDBMSAuthService.class);
307:
308: throw new ServiceException(e);
309: } finally {
310: try {
311: stmt.close();
312: } catch (Exception e) {
313: }
314: try {
315: con.close();
316: } catch (Exception e) {
317: }
318: }
319:
320: }
321:
322: public String resetPassword(String userName)
323: throws ServiceException {
324:
325: Connection con = null;
326: Statement stmt = null;
327: String password = null;
328: String sql = null;
329:
330: try {
331: ResourceBundle res = ResourceBundle
332: .getBundle(Constants.CONFIG_PROPERTY_FILE);
333: con = getConnection();
334:
335: password = RandomStringUtils
336: .randomAlphanumeric(Integer
337: .parseInt(res
338: .getString("kasai.rdbms.randomPassword.length")));
339: String encryptedPassword = null;
340:
341: if (res.getString("kasai.rdbms.encryptorStrength").equals(
342: RDBMSAuthService.ENCRYPTOR_STRENGTH_BASIC)) {
343: BasicPasswordEncryptor passwordEncryptor = new BasicPasswordEncryptor();
344:
345: encryptedPassword = passwordEncryptor
346: .encryptPassword(password);
347: } else if (res.getString("kasai.rdbms.encryptorStrength")
348: .equals(RDBMSAuthService.ENCRYPTOR_STRENGTH_STRONG)) {
349: StrongPasswordEncryptor passwordEncryptor = new StrongPasswordEncryptor();
350:
351: encryptedPassword = passwordEncryptor
352: .encryptPassword(password);
353: } else if (res
354: .getString("kasai.rdbms.encryptorStrength")
355: .equals(
356: RDBMSAuthService.ENCRYPTOR_STRENGTH_CLEARTEXT)) {
357: encryptedPassword = password;
358: }
359:
360: stmt = con.createStatement();
361:
362: sql = "UPDATE "
363: + res.getString("kasai.rdbms.table")
364: + " SET "
365: + res.getString("kasai.rdbms.passwordField")
366: + "='"
367: + encryptedPassword
368: + "' WHERE "
369: + res.getString("kasai.rdbms.usernameField")
370: + "='"
371: + org.apache.commons.lang.StringEscapeUtils
372: .escapeSql(userName) + "'";
373:
374: stmt.executeUpdate(sql);
375:
376: } catch (SQLException e) {
377: Log.write("SQL Error", e, Log.ERROR, "resetPassword",
378: RDBMSAuthService.class);
379:
380: throw new ServiceException(e);
381: } finally {
382: try {
383: stmt.close();
384: } catch (Exception e) {
385: }
386: try {
387: con.close();
388: } catch (Exception e) {
389: }
390: }
391:
392: return password;
393: }
394: }
|