001
014
015 package com.liferay.portal.service.impl;
016
017 import com.liferay.portal.kernel.exception.PortalException;
018 import com.liferay.portal.kernel.exception.SystemException;
019 import com.liferay.portal.model.PasswordPolicy;
020 import com.liferay.portal.model.PasswordTracker;
021 import com.liferay.portal.model.User;
022 import com.liferay.portal.security.pwd.PasswordEncryptorUtil;
023 import com.liferay.portal.service.base.PasswordTrackerLocalServiceBaseImpl;
024
025 import java.util.Date;
026 import java.util.List;
027
028
032 public class PasswordTrackerLocalServiceImpl
033 extends PasswordTrackerLocalServiceBaseImpl {
034
035 public void deletePasswordTrackers(long userId) throws SystemException {
036 passwordTrackerPersistence.removeByUserId(userId);
037 }
038
039 public boolean isSameAsCurrentPassword(long userId, String newClearTextPwd)
040 throws PortalException, SystemException {
041
042 User user = userPersistence.findByPrimaryKey(userId);
043
044 String currentPwd = user.getPassword();
045
046 if (user.isPasswordEncrypted()) {
047 String newEncPwd = PasswordEncryptorUtil.encrypt(
048 newClearTextPwd, user.getPassword());
049
050 if (currentPwd.equals(newEncPwd)) {
051 return true;
052 }
053 else {
054 return false;
055 }
056 }
057 else {
058 if (currentPwd.equals(newClearTextPwd)) {
059 return true;
060 }
061 else {
062 return false;
063 }
064 }
065 }
066
067 public boolean isValidPassword(long userId, String newClearTextPwd)
068 throws PortalException, SystemException {
069
070 PasswordPolicy passwordPolicy =
071 passwordPolicyLocalService.getPasswordPolicyByUserId(userId);
072
073 if ((passwordPolicy == null) || !passwordPolicy.getHistory()) {
074 return true;
075 }
076
077
078
079 int historyCount = 1;
080
081 List<PasswordTracker> passwordTrackers =
082 passwordTrackerPersistence.findByUserId(userId);
083
084 for (PasswordTracker passwordTracker : passwordTrackers) {
085 if (historyCount >= passwordPolicy.getHistoryCount()) {
086 break;
087 }
088
089 String oldEncPwd = passwordTracker.getPassword();
090 String newEncPwd = PasswordEncryptorUtil.encrypt(
091 newClearTextPwd, oldEncPwd);
092
093 if (oldEncPwd.equals(newEncPwd)) {
094 return false;
095 }
096
097 historyCount++;
098 }
099
100 return true;
101 }
102
103 public void trackPassword(long userId, String encPassword)
104 throws PortalException, SystemException {
105
106 PasswordPolicy passwordPolicy =
107 passwordPolicyLocalService.getPasswordPolicyByUserId(userId);
108
109 if ((passwordPolicy != null) && passwordPolicy.isHistory()) {
110 long passwordTrackerId = counterLocalService.increment();
111
112 PasswordTracker passwordTracker = passwordTrackerPersistence.create(
113 passwordTrackerId);
114
115 passwordTracker.setUserId(userId);
116 passwordTracker.setCreateDate(new Date());
117 passwordTracker.setPassword(encPassword);
118
119 passwordTrackerPersistence.update(passwordTracker);
120 }
121 }
122
123 }