1
22
23 package com.liferay.portal.service.impl;
24
25 import com.liferay.portal.PortalException;
26 import com.liferay.portal.SystemException;
27 import com.liferay.portal.model.PasswordPolicy;
28 import com.liferay.portal.model.PasswordTracker;
29 import com.liferay.portal.model.User;
30 import com.liferay.portal.security.pwd.PwdEncryptor;
31 import com.liferay.portal.service.base.PasswordTrackerLocalServiceBaseImpl;
32
33 import java.util.Date;
34 import java.util.Iterator;
35
36
43 public class PasswordTrackerLocalServiceImpl
44 extends PasswordTrackerLocalServiceBaseImpl {
45
46 public void deletePasswordTrackers(long userId) throws SystemException {
47 passwordTrackerPersistence.removeByUserId(userId);
48 }
49
50 public boolean isSameAsCurrentPassword(long userId, String newClearTextPwd)
51 throws PortalException, SystemException {
52
53 User user = userPersistence.findByPrimaryKey(userId);
54
55 String currentPwd = user.getPassword();
56
57 if (user.isPasswordEncrypted()) {
58 String newEncPwd = PwdEncryptor.encrypt(
59 newClearTextPwd, user.getPassword());
60
61 if (currentPwd.equals(newEncPwd)) {
62 return true;
63 }
64 else {
65 return false;
66 }
67 }
68 else {
69 if (currentPwd.equals(newClearTextPwd)) {
70 return true;
71 }
72 else {
73 return false;
74 }
75 }
76 }
77
78 public boolean isValidPassword(long userId, String newClearTextPwd)
79 throws PortalException, SystemException {
80
81 PasswordPolicy passwordPolicy =
82 passwordPolicyLocalService.getPasswordPolicyByUserId(userId);
83
84 if (!passwordPolicy.getHistory()) {
85 return true;
86 }
87
88
90 int historyCount = 1;
91
92 Iterator<PasswordTracker> itr = passwordTrackerPersistence.findByUserId(
93 userId).iterator();
94
95 while (itr.hasNext()) {
96 if (historyCount > passwordPolicy.getHistoryCount()) {
97 break;
98 }
99
100 PasswordTracker passwordTracker = itr.next();
101
102 String oldEncPwd = passwordTracker.getPassword();
103 String newEncPwd = PwdEncryptor.encrypt(newClearTextPwd, oldEncPwd);
104
105 if (oldEncPwd.equals(newEncPwd)) {
106 return false;
107 }
108
109 historyCount++;
110 }
111
112 return true;
113 }
114
115 public void trackPassword(long userId, String encPassword)
116 throws SystemException {
117
118 long passwordTrackerId = counterLocalService.increment();
119
120 PasswordTracker passwordTracker = passwordTrackerPersistence.create(
121 passwordTrackerId);
122
123 passwordTracker.setUserId(userId);
124 passwordTracker.setCreateDate(new Date());
125 passwordTracker.setPassword(encPassword);
126
127 passwordTrackerPersistence.update(passwordTracker, false);
128 }
129
130 }