001
014
015 package com.liferay.portal.service.impl;
016
017 import com.liferay.portal.kernel.exception.PortalException;
018 import com.liferay.portal.kernel.exception.SystemException;
019 import com.liferay.portal.model.PasswordPolicy;
020 import com.liferay.portal.model.PasswordTracker;
021 import com.liferay.portal.model.User;
022 import com.liferay.portal.security.pwd.PwdEncryptor;
023 import com.liferay.portal.service.base.PasswordTrackerLocalServiceBaseImpl;
024
025 import java.util.Date;
026 import java.util.Iterator;
027
028
032 public class PasswordTrackerLocalServiceImpl
033 extends PasswordTrackerLocalServiceBaseImpl {
034
035 public void deletePasswordTrackers(long userId) throws SystemException {
036 passwordTrackerPersistence.removeByUserId(userId);
037 }
038
039 public boolean isSameAsCurrentPassword(long userId, String newClearTextPwd)
040 throws PortalException, SystemException {
041
042 User user = userPersistence.findByPrimaryKey(userId);
043
044 String currentPwd = user.getPassword();
045
046 if (user.isPasswordEncrypted()) {
047 String newEncPwd = PwdEncryptor.encrypt(
048 newClearTextPwd, user.getPassword());
049
050 if (currentPwd.equals(newEncPwd)) {
051 return true;
052 }
053 else {
054 return false;
055 }
056 }
057 else {
058 if (currentPwd.equals(newClearTextPwd)) {
059 return true;
060 }
061 else {
062 return false;
063 }
064 }
065 }
066
067 public boolean isValidPassword(long userId, String newClearTextPwd)
068 throws PortalException, SystemException {
069
070 PasswordPolicy passwordPolicy =
071 passwordPolicyLocalService.getPasswordPolicyByUserId(userId);
072
073 if (!passwordPolicy.getHistory()) {
074 return true;
075 }
076
077
078
079 int historyCount = 1;
080
081 Iterator<PasswordTracker> itr = passwordTrackerPersistence.findByUserId(
082 userId).iterator();
083
084 while (itr.hasNext()) {
085 if (historyCount >= passwordPolicy.getHistoryCount()) {
086 break;
087 }
088
089 PasswordTracker passwordTracker = itr.next();
090
091 String oldEncPwd = passwordTracker.getPassword();
092 String newEncPwd = PwdEncryptor.encrypt(newClearTextPwd, oldEncPwd);
093
094 if (oldEncPwd.equals(newEncPwd)) {
095 return false;
096 }
097
098 historyCount++;
099 }
100
101 return true;
102 }
103
104 public void trackPassword(long userId, String encPassword)
105 throws PortalException, SystemException {
106
107 PasswordPolicy passwordPolicy =
108 passwordPolicyLocalService.getPasswordPolicyByUserId(userId);
109
110 if ((passwordPolicy != null) && passwordPolicy.isHistory()) {
111 long passwordTrackerId = counterLocalService.increment();
112
113 PasswordTracker passwordTracker = passwordTrackerPersistence.create(
114 passwordTrackerId);
115
116 passwordTracker.setUserId(userId);
117 passwordTracker.setCreateDate(new Date());
118 passwordTracker.setPassword(encPassword);
119
120 passwordTrackerPersistence.update(passwordTracker, false);
121 }
122 }
123
124 }