001: /*
002: * The contents of this file are subject to the
003: * Mozilla Public License Version 1.1 (the "License");
004: * you may not use this file except in compliance with the License.
005: * You may obtain a copy of the License at http://www.mozilla.org/MPL/
006: *
007: * Software distributed under the License is distributed on an "AS IS"
008: * basis, WITHOUT WARRANTY OF ANY KIND, either express or implied.
009: * See the License for the specific language governing rights and
010: * limitations under the License.
011: *
012: * The Initial Developer of the Original Code is Simulacra Media Ltd.
013: * Portions created by Simulacra Media Ltd are Copyright (C) Simulacra Media Ltd, 2004.
014: *
015: * All Rights Reserved.
016: *
017: * Contributor(s):
018: */
019: package org.openharmonise.dav.server.webservice;
020:
021: import java.rmi.RemoteException;
022: import java.util.logging.*;
023:
024: import org.openharmonise.rm.DataAccessException;
025: import org.openharmonise.rm.resources.lifecycle.*;
026: import org.openharmonise.rm.resources.users.User;
027: import org.openharmonise.rm.security.authentication.*;
028:
029: /**
030: * This class provides configuration operations for users.
031: *
032: * @author Michael Bell
033: * @version $Revision: 1.2 $
034: *
035: */
036: public class UserConfigService {
037:
038: /**
039: * Success code
040: */
041: public static final int CODE_SUCCESS = 200;
042:
043: /**
044: * Authentication failure code
045: */
046: public static final int CODE_AUTHENTICATION_FAIL = 402;
047:
048: /**
049: * Invalid password length code
050: */
051: public static final int CODE_INVALID_LENGTH = 403;
052:
053: /**
054: * No alpha characters code
055: */
056: public static final int CODE_NO_ALPHA_CHAR = 404;
057:
058: /**
059: * No numeric characters code
060: */
061: public static final int CODE_NO_NUM_CHAR = 405;
062:
063: /**
064: * No case mix of characters code
065: */
066: public static final int CODE_NO_CASE_MIX = 406;
067:
068: /**
069: * Invalid user state code
070: */
071: public static final int CODE_INVALID_USER_STATE = 407;
072:
073: /**
074: * Repeated password code
075: */
076: public static final int CODE_PWD_REPEAT = 408;
077:
078: /**
079: * Logger for this class
080: */
081: private static final Logger m_logger = Logger
082: .getLogger(UserConfigService.class.getName());
083:
084: /**
085: * Constructs an instance of this class
086: */
087: public UserConfigService() {
088: super ();
089: }
090:
091: /**
092: * Sets the password on the user with the user name <code>sChangeUserName</code> using
093: * the user with user name <code>sCurrUserName</code>.
094: *
095: * @param sCurrUserName the current user name
096: * @param sCurrUserPwd the current user password
097: * @param sChangeUserName the user name of the user to be changed
098: * @param sChangeNewPwd the new password of the user to be changed
099: * @return the success code
100: */
101: static public int setPassword(String sCurrUserName,
102: String sCurrUserPwd, String sChangeUserName,
103: String sChangeNewPwd) {
104: int nSuccess = CODE_SUCCESS;
105:
106: try {
107: UserAuthenticator auth = UserAuthenticatorFactory
108: .getAuthenticator();
109:
110: User currUser = auth.getUser(sCurrUserName, sCurrUserPwd);
111: User changeUser = auth.getUser(sChangeUserName);
112:
113: int nCode = auth.setPassword(currUser, changeUser,
114: sCurrUserPwd, sChangeNewPwd);
115:
116: if (nCode != UserAuthenticatorImpl.PWD_OK) {
117: if (nCode == UserAuthenticatorImpl.AUTHENTICATION_FAIL) {
118: nSuccess = CODE_AUTHENTICATION_FAIL;
119: } else if (nCode == UserAuthenticatorImpl.INVALID_PWD_LENGTH) {
120: nSuccess = CODE_INVALID_LENGTH;
121: } else if (nCode == UserAuthenticatorImpl.INVALID_PWD_NO_ALPHA) {
122: nSuccess = CODE_NO_ALPHA_CHAR;
123: } else if (nCode == UserAuthenticatorImpl.INVALID_PWD_NO_CASE_MIX) {
124: nSuccess = CODE_NO_CASE_MIX;
125: } else if (nCode == UserAuthenticatorImpl.INVALID_PWD_NO_NUM) {
126: nSuccess = CODE_NO_NUM_CHAR;
127: } else if (nCode == UserAuthenticatorImpl.INVALID_USER_STATE) {
128: nSuccess = CODE_INVALID_USER_STATE;
129: } else if (nCode == UserAuthenticatorImpl.INVALID_PWD_REPEAT) {
130: nSuccess = CODE_PWD_REPEAT;
131: }
132: }
133:
134: } catch (UserAuthenticationException e) {
135: m_logger.log(Level.WARNING, e.getLocalizedMessage(), e);
136: }
137:
138: return nSuccess;
139: }
140:
141: /**
142: * Returns <code>true</code> if the password for the user with the
143: * specified user name and password has expired.
144: *
145: * @param sUserName the user name
146: * @param sPwd the password
147: * @return <code>true</code> if the password for the user with the
148: * specified user name and password has expired
149: */
150: static public boolean hasPasswordExpired(String sUserName,
151: String sPwd) throws RemoteException {
152: boolean bExpired = false;
153:
154: try {
155: UserAuthenticator auth = UserAuthenticatorFactory
156: .getAuthenticator();
157:
158: User usr = auth.getUser(sUserName, sPwd);
159:
160: if (usr != null) {
161: bExpired = auth.hasPasswordExpired(usr);
162: }
163:
164: } catch (Exception e) {
165: throw new RemoteException(e.getLocalizedMessage(), e);
166: }
167:
168: return bExpired;
169: }
170:
171: /**
172: * Returns <code>true</code> if the user with the specified user name
173: * and password is a super user.
174: *
175: * @param sUserName the user name
176: * @param sPwd the password
177: * @return <code>true</code> if the user with the specified user name
178: * and password is a super user
179: */
180: static public boolean isSuperUser(String sUserName, String sPwd)
181: throws RemoteException {
182: boolean bIsSuper = false;
183:
184: UserAuthenticator auth = UserAuthenticatorFactory
185: .getAuthenticator();
186:
187: try {
188: User usr = auth.getUser(sUserName, sPwd);
189:
190: bIsSuper = usr.isSuper();
191: } catch (UserAuthenticationException e) {
192: throw new RemoteException(e.getLocalizedMessage(), e);
193: } catch (DataAccessException e) {
194: throw new RemoteException(e.getLocalizedMessage(), e);
195: }
196:
197: return bIsSuper;
198: }
199:
200: /**
201: * Returns <code>true</code> if the user with the specified user name
202: * and password is a super user.
203: *
204: * @param sUserName the user name
205: * @param sPwd the password
206: * @return <code>true</code> if the user with the specified user name
207: * and password is a super user
208: */
209: static public boolean isSuperUser(String sUserName, String sPwd,
210: String sCheckUser) throws RemoteException {
211: boolean bIsSuper = false;
212:
213: UserAuthenticator auth = UserAuthenticatorFactory
214: .getAuthenticator();
215:
216: try {
217: User usr = auth.getUser(sUserName, sPwd);
218: User chkUsr = auth.getUser(sCheckUser);
219:
220: if (chkUsr.isSuper() == true) {
221: bIsSuper = true;
222: }
223: } catch (UserAuthenticationException e) {
224: throw new RemoteException(e.getLocalizedMessage(), e);
225: } catch (DataAccessException e) {
226: throw new RemoteException(e.getLocalizedMessage(), e);
227: }
228:
229: return bIsSuper;
230: }
231:
232: /**
233: * Sets the super user status on the user of the name
234: * <code>sChangeUser</code> using the authority of the user identified
235: * by the user name <code>sCurrUserName</code> and password <code>sPwd</code>
236: *
237: * @param sCurrUserName the user name of the user making the change
238: * @param sPwd the password of the user making the change
239: * @param sNewSuperUser the user name of the user to be changed
240: * @param bIsSuper <code>true</code> if the user to be changed is to be a super user, otherwise <code>false</code>
241: * @throws RemoteException if the current user is not allowed to make the change,
242: * there is a pending version of the user to be changed or a general
243: * error occurs
244: */
245: static public void setIsSuperUser(String sCurrUserName,
246: String sPwd, String sChangeUser, boolean bIsSuper)
247: throws RemoteException {
248:
249: if (sCurrUserName.equals(sChangeUser) == true) {
250: throw new RemoteException(
251: "User can not change their own user status");
252: }
253: UserAuthenticator auth = UserAuthenticatorFactory
254: .getAuthenticator();
255:
256: try {
257: User currUsr = auth.getUser(sCurrUserName, sPwd);
258:
259: if (currUsr == null) {
260: throw new UserAuthenticationException(
261: "Current user details are not valid");
262: }
263:
264: if (currUsr.isSuper() == true) {
265: User newSuper = auth.getUser(sChangeUser);
266:
267: if (newSuper == null) {
268: throw new UserAuthenticationException(
269: "Details of user to change are invalid");
270: }
271:
272: if ((newSuper.isPendingVersion() == true && newSuper
273: .getLiveVersion() != null)
274: || newSuper.getPendingVersions().size() > 0) {
275: throw new RemoteException(
276: "Invalid operation when there is a pending version");
277: } else {
278: newSuper.setIsSuper(bIsSuper);
279:
280: newSuper = (User) newSuper.save();
281:
282: newSuper.changeStatus(Status.APPROVED);
283: }
284: } else {
285: throw new UserAuthenticationException(
286: "Current user not allowed to changed super user settings");
287: }
288: } catch (UserAuthenticationException e) {
289: throw new RemoteException(e.getLocalizedMessage(), e);
290: } catch (DataAccessException e) {
291: throw new RemoteException(e.getLocalizedMessage(), e);
292: } catch (EditException e) {
293: throw new RemoteException(e.getLocalizedMessage(), e);
294: }
295:
296: }
297:
298: /**
299: * Returns <code>true</code> if the user of the given user name has been
300: * locked out of the system due to too many attempts to log in.
301: *
302: * @param sUserName the user name
303: * @return <code>true</code> if the user of the given user name has been
304: * locked out
305: */
306: static public boolean isUserLockedOut(String sUserName) {
307: boolean bIsLockedOut = false;
308:
309: UserAuthenticator auth = UserAuthenticatorFactory
310: .getAuthenticator();
311:
312: try {
313: bIsLockedOut = auth.isUserLockedOut(sUserName);
314: } catch (UserAuthenticationException e) {
315: m_logger.log(Level.WARNING, e.getLocalizedMessage(), e);
316: }
317:
318: return bIsLockedOut;
319: }
320:
321: }
|