001
014
015 package com.liferay.portal.service.impl;
016
017 import com.liferay.portal.kernel.exception.PortalException;
018 import com.liferay.portal.kernel.exception.SystemException;
019 import com.liferay.portal.model.PasswordPolicy;
020 import com.liferay.portal.model.PasswordTracker;
021 import com.liferay.portal.model.User;
022 import com.liferay.portal.security.pwd.PasswordEncryptorUtil;
023 import com.liferay.portal.service.base.PasswordTrackerLocalServiceBaseImpl;
024
025 import java.util.Date;
026 import java.util.List;
027
028
032 public class PasswordTrackerLocalServiceImpl
033 extends PasswordTrackerLocalServiceBaseImpl {
034
035 @Override
036 public void deletePasswordTrackers(long userId) throws SystemException {
037 passwordTrackerPersistence.removeByUserId(userId);
038 }
039
040 @Override
041 public boolean isSameAsCurrentPassword(long userId, String newClearTextPwd)
042 throws PortalException, SystemException {
043
044 User user = userPersistence.findByPrimaryKey(userId);
045
046 String currentPwd = user.getPassword();
047
048 if (user.isPasswordEncrypted()) {
049 String newEncPwd = PasswordEncryptorUtil.encrypt(
050 newClearTextPwd, user.getPassword());
051
052 if (currentPwd.equals(newEncPwd)) {
053 return true;
054 }
055 else {
056 return false;
057 }
058 }
059 else {
060 if (currentPwd.equals(newClearTextPwd)) {
061 return true;
062 }
063 else {
064 return false;
065 }
066 }
067 }
068
069 @Override
070 public boolean isValidPassword(long userId, String newClearTextPwd)
071 throws PortalException, SystemException {
072
073 PasswordPolicy passwordPolicy =
074 passwordPolicyLocalService.getPasswordPolicyByUserId(userId);
075
076 if ((passwordPolicy == null) || !passwordPolicy.getHistory()) {
077 return true;
078 }
079
080
081
082 int historyCount = 1;
083
084 List<PasswordTracker> passwordTrackers =
085 passwordTrackerPersistence.findByUserId(userId);
086
087 for (PasswordTracker passwordTracker : passwordTrackers) {
088 if (historyCount >= passwordPolicy.getHistoryCount()) {
089 break;
090 }
091
092 String oldEncPwd = passwordTracker.getPassword();
093 String newEncPwd = PasswordEncryptorUtil.encrypt(
094 newClearTextPwd, oldEncPwd);
095
096 if (oldEncPwd.equals(newEncPwd)) {
097 return false;
098 }
099
100 historyCount++;
101 }
102
103 return true;
104 }
105
106 @Override
107 public void trackPassword(long userId, String encPassword)
108 throws PortalException, SystemException {
109
110 PasswordPolicy passwordPolicy =
111 passwordPolicyLocalService.getPasswordPolicyByUserId(userId);
112
113 if ((passwordPolicy != null) && passwordPolicy.isHistory()) {
114 long passwordTrackerId = counterLocalService.increment();
115
116 PasswordTracker passwordTracker = passwordTrackerPersistence.create(
117 passwordTrackerId);
118
119 passwordTracker.setUserId(userId);
120 passwordTracker.setCreateDate(new Date());
121 passwordTracker.setPassword(encPassword);
122
123 passwordTrackerPersistence.update(passwordTracker);
124 }
125 }
126
127 }