📄 passwordauthenticationmodule.java
字号:
/*
* SSL-Explorer
*
* Copyright (C) 2003-2006 3SP LTD. All Rights Reserved
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License
* as published by the Free Software Foundation; either version 2 of
* the License, or (at your option) any later version.
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public
* License along with this program; if not, write to the Free Software
* Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
*/
package com.sslexplorer.security;
import java.util.Calendar;
import java.util.GregorianCalendar;
import java.util.regex.Pattern;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.struts.action.Action;
import org.apache.struts.action.ActionForward;
import org.apache.struts.action.ActionMapping;
import org.apache.struts.action.ActionMessage;
import com.sslexplorer.boot.ReplacementEngine;
import com.sslexplorer.core.BundleActionMessage;
import com.sslexplorer.core.CoreServlet;
import com.sslexplorer.core.CoreUtil;
import com.sslexplorer.core.PageInterceptException;
import com.sslexplorer.core.PageInterceptListener;
import com.sslexplorer.security.actions.ChangePasswordAction;
import com.sslexplorer.security.actions.ShowChangePasswordAction;
/**
* Implementation of {@link com.sslexplorer.security.AbstractPasswordAuthenticationModule}
* that is suitable for logging on via the web interface.
*
* @author Brett Smith <a href="mailto: brett@3sp.com"><brett@3sp.com></a>
* @version $Revision: 1.12 $
*/
public class PasswordAuthenticationModule extends AbstractPasswordAuthenticationModule {
/**
* The name of this authentication module
*/
public static final String MODULE_NAME = "Password";
/**
* Constructor
*/
public PasswordAuthenticationModule() {
super(MODULE_NAME, true);
}
/* (non-Javadoc)
* @see com.sslexplorer.security.AuthenticationModule#authenticationComplete()
*/
public void authenticationComplete() throws AuthenticationException {
UserDatabase udb = CoreServlet.getServlet().getUserDatabase();
if (udb.supportsPasswordChange()) {
/* Check that the password matches the current policy, if not then
request a new one */
Pattern p = null;
try {
String pattern = CoreServlet.getServlet().getPropertyDatabase().getProperty(0, null, "security.password.pattern");
p = ReplacementEngine.getPatternPool().getPattern(pattern, false, false);
if (!p.matcher(new String(credentials.getPassword())).matches()) {
scheme.getServletSession().setAttribute("passwordChangeReasonKey", "passwordChange.noLongerMatchesPattern");
}
} catch (Exception e) {
throw new AuthenticationException("Could not check password against current policy.", e);
} finally {
if (p != null) {
ReplacementEngine.getPatternPool().releasePattern(p);
}
}
// Check if the password has expired (or is
try {
if (scheme.getUser().getLastPasswordChange() != null) {
GregorianCalendar lastChange = new GregorianCalendar();
lastChange.setTimeInMillis(scheme.getUser().getLastPasswordChange().getTime());
GregorianCalendar warningOn = new GregorianCalendar();
int warningInDays = Integer.parseInt(CoreServlet.getServlet().getPropertyDatabase().getProperty(0,
null, "security.password.daysBeforeExpiryWarning"));
warningOn.setTimeInMillis(scheme.getUser().getLastPasswordChange().getTime());
warningOn.add(Calendar.DATE, warningInDays);
GregorianCalendar expiresOn = new GregorianCalendar();
expiresOn.setTimeInMillis(scheme.getUser().getLastPasswordChange().getTime());
int expiryInDays = Integer.parseInt(CoreServlet.getServlet().getPropertyDatabase().getProperty(0,
null, "security.password.daysBeforeExpiry"));
expiresOn.add(Calendar.DATE, expiryInDays);
GregorianCalendar now = new GregorianCalendar();
if (expiresOn.before(now) && expiryInDays > 0) {
scheme.getServletSession().setAttribute(Constants.PASSWORD_CHANGE_REASON_MESSAGE,
new ActionMessage("passwordChange.expired"));
} else if (warningOn.before(now) && warningInDays > 0) {
long daysToExpiry = ((expiresOn.getTimeInMillis() - now.getTimeInMillis()) + 86399999l) / 86400000l;
CoreUtil.addSingleSessionGlobalWarning(scheme.getServletSession(), new BundleActionMessage("navigation",
"globalWarning.passwordNearExpiry", new Long(daysToExpiry)));
}
} else {
scheme.getServletSession().setAttribute(Constants.PASSWORD_CHANGE_REASON_MESSAGE,
new ActionMessage("passwordChange.newPassword"));
}
if (scheme.getServletSession().getAttribute(Constants.PASSWORD_CHANGE_REASON_MESSAGE) != null) {
CoreUtil.addPageInterceptListener(scheme.getServletSession(), new PageInterceptListener() {
public String getId() {
return "changePassword";
}
public ActionForward checkForForward(Action action, ActionMapping mapping, HttpServletRequest request,
HttpServletResponse response) throws PageInterceptException {
if (!(action instanceof ShowChangePasswordAction) && !(action instanceof ChangePasswordAction)) {
return new ActionForward("/showChangePassword.do", true);
}
return null;
}
public boolean isRedirect() {
return false;
}
});
}
} catch (Exception e) {
throw new AuthenticationException("Could not check password against current policy.", e);
}
}
}
/* (non-Javadoc)
* @see com.sslexplorer.security.AuthenticationModule#getInclude()
*/
public String getInclude() {
return "/WEB-INF/jsp/auth/userPasswordAuth.jspf";
}
}
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -