1
14
15 package com.liferay.portal.service.impl;
16
17 import com.liferay.portal.kernel.exception.PortalException;
18 import com.liferay.portal.kernel.exception.SystemException;
19 import com.liferay.portal.model.PasswordPolicy;
20 import com.liferay.portal.model.PasswordTracker;
21 import com.liferay.portal.model.User;
22 import com.liferay.portal.security.pwd.PwdEncryptor;
23 import com.liferay.portal.service.base.PasswordTrackerLocalServiceBaseImpl;
24
25 import java.util.Date;
26 import java.util.Iterator;
27
28
35 public class PasswordTrackerLocalServiceImpl
36 extends PasswordTrackerLocalServiceBaseImpl {
37
38 public void deletePasswordTrackers(long userId) throws SystemException {
39 passwordTrackerPersistence.removeByUserId(userId);
40 }
41
42 public boolean isSameAsCurrentPassword(long userId, String newClearTextPwd)
43 throws PortalException, SystemException {
44
45 User user = userPersistence.findByPrimaryKey(userId);
46
47 String currentPwd = user.getPassword();
48
49 if (user.isPasswordEncrypted()) {
50 String newEncPwd = PwdEncryptor.encrypt(
51 newClearTextPwd, user.getPassword());
52
53 if (currentPwd.equals(newEncPwd)) {
54 return true;
55 }
56 else {
57 return false;
58 }
59 }
60 else {
61 if (currentPwd.equals(newClearTextPwd)) {
62 return true;
63 }
64 else {
65 return false;
66 }
67 }
68 }
69
70 public boolean isValidPassword(long userId, String newClearTextPwd)
71 throws PortalException, SystemException {
72
73 PasswordPolicy passwordPolicy =
74 passwordPolicyLocalService.getPasswordPolicyByUserId(userId);
75
76 if (!passwordPolicy.getHistory()) {
77 return true;
78 }
79
80
82 int historyCount = 1;
83
84 Iterator<PasswordTracker> itr = passwordTrackerPersistence.findByUserId(
85 userId).iterator();
86
87 while (itr.hasNext()) {
88 if (historyCount >= passwordPolicy.getHistoryCount()) {
89 break;
90 }
91
92 PasswordTracker passwordTracker = itr.next();
93
94 String oldEncPwd = passwordTracker.getPassword();
95 String newEncPwd = PwdEncryptor.encrypt(newClearTextPwd, oldEncPwd);
96
97 if (oldEncPwd.equals(newEncPwd)) {
98 return false;
99 }
100
101 historyCount++;
102 }
103
104 return true;
105 }
106
107 public void trackPassword(long userId, String encPassword)
108 throws PortalException, SystemException {
109
110 PasswordPolicy passwordPolicy =
111 passwordPolicyLocalService.getPasswordPolicyByUserId(userId);
112
113 if ((passwordPolicy != null) && passwordPolicy.isHistory()) {
114 long passwordTrackerId = counterLocalService.increment();
115
116 PasswordTracker passwordTracker = passwordTrackerPersistence.create(
117 passwordTrackerId);
118
119 passwordTracker.setUserId(userId);
120 passwordTracker.setCreateDate(new Date());
121 passwordTracker.setPassword(encPassword);
122
123 passwordTrackerPersistence.update(passwordTracker, false);
124 }
125 }
126
127 }