83 lines
2.9 KiB
Java
83 lines
2.9 KiB
Java
package com.amarsoft.awe.security;
|
|
|
|
import jbo.awe.USER_INFO;
|
|
|
|
import com.amarsoft.are.ARE;
|
|
import com.amarsoft.are.jbo.BizObject;
|
|
import com.amarsoft.are.jbo.BizObjectManager;
|
|
import com.amarsoft.are.jbo.BizObjectQuery;
|
|
import com.amarsoft.are.jbo.JBOFactory;
|
|
import com.amarsoft.are.lang.DataElement;
|
|
import com.amarsoft.are.log.Log;
|
|
import com.amarsoft.are.security.MessageDigest;
|
|
import com.amarsoft.awe.security.pwdrule.PasswordRuleManager;
|
|
import com.amarsoft.awe.util.Transaction;
|
|
|
|
public final class LogonValidate
|
|
{
|
|
private int errorCode;
|
|
|
|
protected boolean isLogonSuccessful(LogonUser asUser, PasswordRuleManager pwm, Transaction sqlca)
|
|
{
|
|
boolean isSucc = true;
|
|
try {
|
|
String state = getUserState(asUser, sqlca);
|
|
if (!(userIsExist(asUser, sqlca))) {
|
|
isSucc = false;
|
|
setErrorCode(10);
|
|
} else if (!(state.equals("1"))) {
|
|
isSucc = false;
|
|
if (state.equals("0"))
|
|
setErrorCode(11);
|
|
else if (state.equals("2"))
|
|
setErrorCode(12);
|
|
}
|
|
else if ((pwm != null) && (!(pwm.isAccept(asUser, asUser.getUserPassword())))) {
|
|
isSucc = false;
|
|
setErrorCode(pwm.getErrorCode());
|
|
}
|
|
} catch (Exception e) {
|
|
ARE.getLog().error("Logon error", e);
|
|
}
|
|
return isSucc;
|
|
}
|
|
|
|
@SuppressWarnings("deprecation")
|
|
private boolean userIsExist(LogonUser asUser, Transaction sqlca)
|
|
throws Exception
|
|
{
|
|
// boolean isExist = false;
|
|
// String pwdMD5 = MessageDigest.getDigestAsUpperHexString("MD5", asUser.getUserPassword());
|
|
// BizObjectQuery bq = JBOFactory.createBizObjectQuery("jbo.awe.USER_INFO", "userId=:UserID and password=:Password");
|
|
// bq.setParameter("UserID", asUser.getUserId()).setParameter("Password", pwdMD5);
|
|
// isExist = bq.getTotalCount() > 0;
|
|
// return isExist;
|
|
String pwdMD5 = MessageDigest.getDigestAsUpperHexString("MD5", asUser.getUserPassword());
|
|
BizObjectManager bom = JBOFactory.getBizObjectManager(USER_INFO.CLASS_NAME);
|
|
BizObject bo = bom.createQuery("userId=:UserID").setParameter("UserID", asUser.getUserId()).getSingleResult(false);
|
|
|
|
if (null == bo) return false;
|
|
String pwd = bo.getAttribute("PASSWORD") == null ? "" : bo.getAttribute("PASSWORD").toString();
|
|
if (!pwd.equals(pwdMD5)) return false;
|
|
else return true;
|
|
}
|
|
|
|
private String getUserState(LogonUser asUser, Transaction sqlca)
|
|
throws Exception
|
|
{
|
|
String state = null;
|
|
BizObjectQuery bq = JBOFactory.createBizObjectQuery("jbo.awe.USER_INFO", "userID=:UserID");
|
|
BizObject bo = bq.setParameter("UserID", asUser.getUserId()).getSingleResult(false);
|
|
if (bo != null) state = bo.getAttribute("status").getString();
|
|
return state;
|
|
}
|
|
|
|
public int getErrorCode()
|
|
{
|
|
return this.errorCode;
|
|
}
|
|
|
|
public void setErrorCode(int errorCode) {
|
|
this.errorCode = errorCode;
|
|
}
|
|
} |