1
19
20 package com.liferay.portal.service.impl;
21
22 import com.liferay.portal.PortalException;
23 import com.liferay.portal.SystemException;
24 import com.liferay.portal.model.PasswordPolicy;
25 import com.liferay.portal.model.PasswordTracker;
26 import com.liferay.portal.model.User;
27 import com.liferay.portal.security.pwd.PwdEncryptor;
28 import com.liferay.portal.service.base.PasswordTrackerLocalServiceBaseImpl;
29
30 import java.util.Date;
31 import java.util.Iterator;
32
33
40 public class PasswordTrackerLocalServiceImpl
41 extends PasswordTrackerLocalServiceBaseImpl {
42
43 public void deletePasswordTrackers(long userId) throws SystemException {
44 passwordTrackerPersistence.removeByUserId(userId);
45 }
46
47 public boolean isSameAsCurrentPassword(long userId, String newClearTextPwd)
48 throws PortalException, SystemException {
49
50 User user = userPersistence.findByPrimaryKey(userId);
51
52 String currentPwd = user.getPassword();
53
54 if (user.isPasswordEncrypted()) {
55 String newEncPwd = PwdEncryptor.encrypt(
56 newClearTextPwd, user.getPassword());
57
58 if (currentPwd.equals(newEncPwd)) {
59 return true;
60 }
61 else {
62 return false;
63 }
64 }
65 else {
66 if (currentPwd.equals(newClearTextPwd)) {
67 return true;
68 }
69 else {
70 return false;
71 }
72 }
73 }
74
75 public boolean isValidPassword(long userId, String newClearTextPwd)
76 throws PortalException, SystemException {
77
78 PasswordPolicy passwordPolicy =
79 passwordPolicyLocalService.getPasswordPolicyByUserId(userId);
80
81 if (!passwordPolicy.getHistory()) {
82 return true;
83 }
84
85
87 int historyCount = 1;
88
89 Iterator<PasswordTracker> itr = passwordTrackerPersistence.findByUserId(
90 userId).iterator();
91
92 while (itr.hasNext()) {
93 if (historyCount > passwordPolicy.getHistoryCount()) {
94 break;
95 }
96
97 PasswordTracker passwordTracker = itr.next();
98
99 String oldEncPwd = passwordTracker.getPassword();
100 String newEncPwd = PwdEncryptor.encrypt(newClearTextPwd, oldEncPwd);
101
102 if (oldEncPwd.equals(newEncPwd)) {
103 return false;
104 }
105
106 historyCount++;
107 }
108
109 return true;
110 }
111
112 public void trackPassword(long userId, String encPassword)
113 throws PortalException, SystemException {
114
115 PasswordPolicy passwordPolicy =
116 passwordPolicyLocalService.getPasswordPolicyByUserId(userId);
117
118 if (passwordPolicy.isHistory()) {
119 long passwordTrackerId = counterLocalService.increment();
120
121 PasswordTracker passwordTracker = passwordTrackerPersistence.create(
122 passwordTrackerId);
123
124 passwordTracker.setUserId(userId);
125 passwordTracker.setCreateDate(new Date());
126 passwordTracker.setPassword(encPassword);
127
128 passwordTrackerPersistence.update(passwordTracker, false);
129 }
130 }
131
132 }