localuseradminsessionbean.java

JAVA做的J2EE下CA认证系统 基于EJB开发

            sqlquery = sqlquery + query.getQueryString();

        if (caauthorizationstring == null || endentityprofilestring == null) {
            raauthorization = new RAAuthorization(admin, raadminsession, authorizationsession);
            caauthstring = raauthorization.getCAAuthorizationString();
            if (globalconfiguration.getEnableEndEntityProfileLimitations())
                endentityauth = raauthorization.getEndEntityProfileAuthorizationString();
            else
                endentityauth = "";
        }

        if (!caauthstring.trim().equals("") && query != null)
            sqlquery = sqlquery + " AND " + caauthstring;
        else
            sqlquery = sqlquery + caauthstring;


        if (globalconfiguration.getEnableEndEntityProfileLimitations()) {
            if (caauthstring.trim().equals("") && query == null)
                sqlquery = sqlquery + endentityauth;
            else
                sqlquery = sqlquery + " AND " + endentityauth;

            if (endentityauth == null || endentityauth.trim().equals("")) {
                authorizedtoanyprofile = false;
            }
        }

        try {
            if (authorizedtoanyprofile) {
                // Construct SQL query.
                con = JDBCUtil.getDBConnection(JNDINames.DATASOURCE);

                ps = con.prepareStatement(sqlquery);

                // Execute query.
                rs = ps.executeQuery();

                // Assemble result.
                while (rs.next() && returnval.size() <= UserAdminConstants.MAXIMUM_QUERY_ROWCOUNT) {
                	// TODO add support for extended information.
                    UserDataVO data = new UserDataVO(rs.getString(1), rs.getString(2), rs.getInt(14), rs.getString(3), rs.getString(4), rs.getInt(5), rs.getInt(6)
                            , rs.getInt(10), rs.getInt(11), new java.util.Date(rs.getLong(8)), new java.util.Date(rs.getLong(9)), rs.getInt(12), rs.getInt(13),
							null);
                    data.setPassword(rs.getString(7));

                    if (!onlybatchusers || (data.getPassword() != null && data.getPassword().length() > 0))
                        returnval.add(data);
                }
            }
            debug("<query()");
            return returnval;

        } catch (Exception e) {
            throw new EJBException(e);
        } finally {
            JDBCUtil.close(con, ps, rs);
        }

    } // query

    /**
     * Methods that checks if a user exists in the database having the given endentityprofileid. This function is mainly for avoiding
     * desyncronisation when a end entity profile is deleted.
     *
     * @param endentityprofileid the id of end entity profile to look for.
     * @return true if endentityprofileid exists in userdatabase.
     * @ejb.interface-method
     * @ejb.transaction type="Supports"
     */
    public boolean checkForEndEntityProfileId(Admin admin, int endentityprofileid) {
        debug(">checkForEndEntityProfileId()");
        Connection con = null;
        PreparedStatement ps = null;
        ResultSet rs = null;
        int count = 1; // return true as default.

        Query query = new Query(Query.TYPE_USERQUERY);
        query.add(UserMatch.MATCH_WITH_ENDENTITYPROFILE, BasicMatch.MATCH_TYPE_EQUALS, Integer.toString(endentityprofileid));

        try {
            // Construct SQL query.
            con = JDBCUtil.getDBConnection(JNDINames.DATASOURCE);
            ps = con.prepareStatement("select COUNT(*) from UserData where " + query.getQueryString());
            // Execute query.
            rs = ps.executeQuery();
            // Assemble result.
            if (rs.next()) {
                count = rs.getInt(1);
            }
            debug("<checkForEndEntityProfileId()");
            return count > 0;

        } catch (Exception e) {
            throw new EJBException(e);
        } finally {
            JDBCUtil.close(con, ps, rs);
        }


    }

    /**
     * Methods that checks if a user exists in the database having the given certificateprofileid. This function is mainly for avoiding
     * desyncronisation when a certificateprofile is deleted.
     *
     * @param certificateprofileid the id of certificateprofile to look for.
     * @return true if certificateproileid exists in userdatabase.
     * @ejb.interface-method
     * @ejb.transaction type="Supports"
     */
    public boolean checkForCertificateProfileId(Admin admin, int certificateprofileid) {
        debug(">checkForCertificateProfileId()");
        Connection con = null;
        PreparedStatement ps = null;
        ResultSet rs = null;
        int count = 1; // return true as default.

        Query query = new Query(Query.TYPE_USERQUERY);
        query.add(UserMatch.MATCH_WITH_CERTIFICATEPROFILE, BasicMatch.MATCH_TYPE_EQUALS, Integer.toString(certificateprofileid));

        try {
            // Construct SQL query.
            con = JDBCUtil.getDBConnection(JNDINames.DATASOURCE);
            ps = con.prepareStatement("select COUNT(*) from UserData where " + query.getQueryString());
            // Execute query.
            rs = ps.executeQuery();
            // Assemble result.
            if (rs.next()) {
                count = rs.getInt(1);
            }
            debug("<checkForCertificateProfileId()");
            return count > 0;

        } catch (Exception e) {
            throw new EJBException(e);
        } finally {
            JDBCUtil.close(con, ps, rs);
        }
    } // checkForCertificateProfileId

    /**
     * Methods that checks if a user exists in the database having the given caid. This function is mainly for avoiding
     * desyncronisation when a CAs is deleted.
     *
     * @param caid the id of CA to look for.
     * @return true if caid exists in userdatabase.
     * @ejb.interface-method
     * @ejb.transaction type="Supports"
     */
    public boolean checkForCAId(Admin admin, int caid) {
        debug(">checkForCAId()");
        Connection con = null;
        PreparedStatement ps = null;
        ResultSet rs = null;
        int count = 1; // return true as default.

        Query query = new Query(Query.TYPE_USERQUERY);
        query.add(UserMatch.MATCH_WITH_CA, BasicMatch.MATCH_TYPE_EQUALS, Integer.toString(caid));

        try {
            // Construct SQL query.
            con = JDBCUtil.getDBConnection(JNDINames.DATASOURCE);
            ps = con.prepareStatement("select COUNT(*) from UserData where " + query.getQueryString());
            // Execute query.
            rs = ps.executeQuery();
            // Assemble result.
            if (rs.next()) {
                count = rs.getInt(1);
            }
            debug("<checkForCAId()");
            return count > 0;

        } catch (Exception e) {
            throw new EJBException(e);
        } finally {
            JDBCUtil.close(con, ps, rs);
        }
    } // checkForCAId


    /**
     * Methods that checks if a user exists in the database having the given hard token profile id. This function is mainly for avoiding
     * desyncronisation when a hard token profile is deleted.
     *
     * @param profileid of hardtokenprofile to look for.
     * @return true if proileid exists in userdatabase.
     * @ejb.interface-method
     * @ejb.transaction type="Supports"
     */
    public boolean checkForHardTokenProfileId(Admin admin, int profileid) {
        debug(">checkForHardTokenProfileId()");
        Connection con = null;
        PreparedStatement ps = null;
        ResultSet rs = null;
        int count = 1; // return true as default.

        Query query = new Query(Query.TYPE_USERQUERY);
        query.add(UserMatch.MATCH_WITH_TOKEN, BasicMatch.MATCH_TYPE_EQUALS, Integer.toString(profileid));

        try {
            // Construct SQL query.
            con = JDBCUtil.getDBConnection(JNDINames.DATASOURCE);
            ps = con.prepareStatement("select COUNT(*) from UserData where " + query.getQueryString());
            // Execute query.
            rs = ps.executeQuery();
            // Assemble result.
            if (rs.next()) {
                count = rs.getInt(1);
            }
            debug("<checkForHardTokenProfileId()");
            return count > 0;

        } catch (Exception e) {
            throw new EJBException(e);
        } finally {
            JDBCUtil.close(con, ps, rs);
        }
    } // checkForHardTokenProfileId


    private void sendNotification(Admin admin, EndEntityProfile profile, String username, String password, String dn, String email, int caid) {
        debug(">sendNotification: user="+username+", email="+email);
        try {
            if (email == null) {
                throw new Exception("Notification cannot be sent to user where email field is null");
            }

            String mailJndi = getLocator().getString("java:comp/env/MailJNDIName");
            Session mailSession = getLocator().getMailSession(mailJndi);
            DNFieldExtractor dnfields = new DNFieldExtractor(dn, DNFieldExtractor.TYPE_SUBJECTDN);
            HashMap params = new HashMap();
            params.put("USERNAME", username);
            params.put("PASSWORD", password);
            params.put("CN", dnfields.getField(DNFieldExtractor.CN, 0));
            params.put("O", dnfields.getField(DNFieldExtractor.O, 0));
            params.put("OU", dnfields.getField(DNFieldExtractor.OU, 0));
            params.put("C", dnfields.getField(DNFieldExtractor.C, 0));
            params.put("NL", System.getProperty("line.separator"));
            String date = DateFormat.getDateTimeInstance(DateFormat.SHORT, DateFormat.SHORT).format(new Date());
            params.put("DATE", date);

            Message msg = new TemplateMimeMessage(params, mailSession);
            msg.setFrom(new InternetAddress(profile.getNotificationSender()));
            msg.setRecipients(javax.mail.Message.RecipientType.TO, InternetAddress.parse(email, false));
            msg.setSubject(profile.getNotificationSubject());
            msg.setContent(profile.getNotificationMessage(), "text/plain");
            msg.setHeader("X-Mailer", "JavaMailer");
            msg.setSentDate(new Date());
            Transport.send(msg);

            logsession.log(admin, caid, LogEntry.MODULE_RA, new java.util.Date(), username, null, LogEntry.EVENT_INFO_NOTIFICATION, "Notification to " + email + " sent successfully.");
        } catch (Exception e) {
            error("Error when sending notification to " + email, e);
            try{
                logsession.log(admin, caid, LogEntry.MODULE_RA, new java.util.Date(),username, null, LogEntry.EVENT_ERROR_NOTIFICATION, "Error when sending notification to " + email );
            }catch(Exception f){
                throw new EJBException(f);
            }
        }
        debug("<sendNotification: user="+username+", email="+email);
    } // sendNotification

    /**
     * Method checking if username already exists in database.
     *
     * @return true if username already exists.
     * @ejb.interface-method
     * @ejb.transaction type="Supports"
     */
    public boolean existsUser(Admin admin, String username) {
        boolean returnval = true;

        try {