1
22
23 package com.liferay.portal.service.impl;
24
25 import com.liferay.counter.service.CounterLocalServiceUtil;
26 import com.liferay.portal.PortalException;
27 import com.liferay.portal.SystemException;
28 import com.liferay.portal.model.PasswordPolicy;
29 import com.liferay.portal.model.PasswordTracker;
30 import com.liferay.portal.model.User;
31 import com.liferay.portal.security.pwd.PwdEncryptor;
32 import com.liferay.portal.service.PasswordPolicyLocalServiceUtil;
33 import com.liferay.portal.service.base.PasswordTrackerLocalServiceBaseImpl;
34 import com.liferay.portal.service.persistence.PasswordTrackerUtil;
35 import com.liferay.portal.service.persistence.UserUtil;
36
37 import java.util.Date;
38 import java.util.Iterator;
39
40
47 public class PasswordTrackerLocalServiceImpl
48 extends PasswordTrackerLocalServiceBaseImpl {
49
50 public void deletePasswordTrackers(long userId) throws SystemException {
51 PasswordTrackerUtil.removeByUserId(userId);
52 }
53
54 public boolean isSameAsCurrentPassword(long userId, String newClearTextPwd)
55 throws PortalException, SystemException {
56
57 User user = UserUtil.findByPrimaryKey(userId);
58
59 String currentPwd = user.getPassword();
60
61 if (user.isPasswordEncrypted()) {
62 String newEncPwd = PwdEncryptor.encrypt(
63 newClearTextPwd, user.getPassword());
64
65 if (currentPwd.equals(newEncPwd)) {
66 return true;
67 }
68 else {
69 return false;
70 }
71 }
72 else {
73 if (currentPwd.equals(newClearTextPwd)) {
74 return true;
75 }
76 else {
77 return false;
78 }
79 }
80 }
81
82 public boolean isValidPassword(long userId, String newClearTextPwd)
83 throws PortalException, SystemException {
84
85 PasswordPolicy passwordPolicy =
86 PasswordPolicyLocalServiceUtil.getPasswordPolicyByUserId(userId);
87
88 if (!passwordPolicy.getHistory()) {
89 return true;
90 }
91
92
94 int historyCount = 1;
95
96 Iterator itr = PasswordTrackerUtil.findByUserId(userId).iterator();
97
98 while (itr.hasNext()) {
99 if (historyCount > passwordPolicy.getHistoryCount()) {
100 break;
101 }
102
103 PasswordTracker passwordTracker = (PasswordTracker)itr.next();
104
105 String oldEncPwd = passwordTracker.getPassword();
106 String newEncPwd = PwdEncryptor.encrypt(newClearTextPwd, oldEncPwd);
107
108 if (oldEncPwd.equals(newEncPwd)) {
109 return false;
110 }
111
112 historyCount++;
113 }
114
115 return true;
116 }
117
118 public void trackPassword(long userId, String encPwd)
119 throws PortalException, SystemException {
120
121 long passwordTrackerId = CounterLocalServiceUtil.increment();
122
123 PasswordTracker passwordTracker =
124 PasswordTrackerUtil.create(passwordTrackerId);
125
126 passwordTracker.setUserId(userId);
127 passwordTracker.setCreateDate(new Date());
128 passwordTracker.setPassword(encPwd);
129
130 PasswordTrackerUtil.update(passwordTracker);
131 }
132
133 }