001
014
015 package com.liferay.portal.service.impl;
016
017 import com.liferay.portal.kernel.exception.PortalException;
018 import com.liferay.portal.model.PasswordPolicy;
019 import com.liferay.portal.model.PasswordTracker;
020 import com.liferay.portal.model.User;
021 import com.liferay.portal.security.pwd.PasswordEncryptorUtil;
022 import com.liferay.portal.service.base.PasswordTrackerLocalServiceBaseImpl;
023
024 import java.util.Date;
025 import java.util.List;
026
027
031 public class PasswordTrackerLocalServiceImpl
032 extends PasswordTrackerLocalServiceBaseImpl {
033
034 @Override
035 public void deletePasswordTrackers(long userId) {
036 passwordTrackerPersistence.removeByUserId(userId);
037 }
038
039 @Override
040 public boolean isSameAsCurrentPassword(long userId, String newClearTextPwd)
041 throws PortalException {
042
043 User user = userPersistence.findByPrimaryKey(userId);
044
045 String currentPwd = user.getPassword();
046
047 if (user.isPasswordEncrypted()) {
048 String newEncPwd = PasswordEncryptorUtil.encrypt(
049 newClearTextPwd, user.getPassword());
050
051 if (currentPwd.equals(newEncPwd)) {
052 return true;
053 }
054 else {
055 return false;
056 }
057 }
058 else {
059 if (currentPwd.equals(newClearTextPwd)) {
060 return true;
061 }
062 else {
063 return false;
064 }
065 }
066 }
067
068 @Override
069 public boolean isValidPassword(long userId, String newClearTextPwd)
070 throws PortalException {
071
072 PasswordPolicy passwordPolicy =
073 passwordPolicyLocalService.getPasswordPolicyByUserId(userId);
074
075 if ((passwordPolicy == null) || !passwordPolicy.getHistory()) {
076 return true;
077 }
078
079
080
081 int historyCount = 1;
082
083 List<PasswordTracker> passwordTrackers =
084 passwordTrackerPersistence.findByUserId(userId);
085
086 for (PasswordTracker passwordTracker : passwordTrackers) {
087 if (historyCount >= passwordPolicy.getHistoryCount()) {
088 break;
089 }
090
091 String oldEncPwd = passwordTracker.getPassword();
092 String newEncPwd = PasswordEncryptorUtil.encrypt(
093 newClearTextPwd, oldEncPwd);
094
095 if (oldEncPwd.equals(newEncPwd)) {
096 return false;
097 }
098
099 historyCount++;
100 }
101
102 return true;
103 }
104
105 @Override
106 public void trackPassword(long userId, String encPassword)
107 throws PortalException {
108
109 PasswordPolicy passwordPolicy =
110 passwordPolicyLocalService.getPasswordPolicyByUserId(userId);
111
112 if ((passwordPolicy != null) && passwordPolicy.isHistory()) {
113 long passwordTrackerId = counterLocalService.increment();
114
115 PasswordTracker passwordTracker = passwordTrackerPersistence.create(
116 passwordTrackerId);
117
118 passwordTracker.setUserId(userId);
119 passwordTracker.setCreateDate(new Date());
120 passwordTracker.setPassword(encPassword);
121
122 passwordTrackerPersistence.update(passwordTracker);
123 }
124 }
125
126 }