001
014
015 package com.liferay.portal.service.impl;
016
017 import com.liferay.portal.kernel.exception.PortalException;
018 import com.liferay.portal.kernel.exception.SystemException;
019 import com.liferay.portal.model.PasswordPolicy;
020 import com.liferay.portal.model.PasswordTracker;
021 import com.liferay.portal.model.User;
022 import com.liferay.portal.security.pwd.PwdEncryptor;
023 import com.liferay.portal.service.base.PasswordTrackerLocalServiceBaseImpl;
024
025 import java.util.Date;
026 import java.util.Iterator;
027
028
032 public class PasswordTrackerLocalServiceImpl
033 extends PasswordTrackerLocalServiceBaseImpl {
034
035 @Override
036 public void deletePasswordTrackers(long userId) throws SystemException {
037 passwordTrackerPersistence.removeByUserId(userId);
038 }
039
040 @Override
041 public boolean isSameAsCurrentPassword(long userId, String newClearTextPwd)
042 throws PortalException, SystemException {
043
044 User user = userPersistence.findByPrimaryKey(userId);
045
046 String currentPwd = user.getPassword();
047
048 if (user.isPasswordEncrypted()) {
049 String newEncPwd = PwdEncryptor.encrypt(
050 newClearTextPwd, user.getPassword());
051
052 if (currentPwd.equals(newEncPwd)) {
053 return true;
054 }
055 else {
056 return false;
057 }
058 }
059 else {
060 if (currentPwd.equals(newClearTextPwd)) {
061 return true;
062 }
063 else {
064 return false;
065 }
066 }
067 }
068
069 @Override
070 public boolean isValidPassword(long userId, String newClearTextPwd)
071 throws PortalException, SystemException {
072
073 PasswordPolicy passwordPolicy =
074 passwordPolicyLocalService.getPasswordPolicyByUserId(userId);
075
076 if ((passwordPolicy == null) || !passwordPolicy.getHistory()) {
077 return true;
078 }
079
080
081
082 int historyCount = 1;
083
084 Iterator<PasswordTracker> itr = passwordTrackerPersistence.findByUserId(
085 userId).iterator();
086
087 while (itr.hasNext()) {
088 if (historyCount >= passwordPolicy.getHistoryCount()) {
089 break;
090 }
091
092 PasswordTracker passwordTracker = itr.next();
093
094 String oldEncPwd = passwordTracker.getPassword();
095 String newEncPwd = PwdEncryptor.encrypt(newClearTextPwd, oldEncPwd);
096
097 if (oldEncPwd.equals(newEncPwd)) {
098 return false;
099 }
100
101 historyCount++;
102 }
103
104 return true;
105 }
106
107 @Override
108 public void trackPassword(long userId, String encPassword)
109 throws PortalException, SystemException {
110
111 PasswordPolicy passwordPolicy =
112 passwordPolicyLocalService.getPasswordPolicyByUserId(userId);
113
114 if ((passwordPolicy != null) && passwordPolicy.isHistory()) {
115 long passwordTrackerId = counterLocalService.increment();
116
117 PasswordTracker passwordTracker = passwordTrackerPersistence.create(
118 passwordTrackerId);
119
120 passwordTracker.setUserId(userId);
121 passwordTracker.setCreateDate(new Date());
122 passwordTracker.setPassword(encPassword);
123
124 passwordTrackerPersistence.update(passwordTracker, false);
125 }
126 }
127
128 }