loginserviceimpl.java

《j2ee开发全程实录》随书源码

package com.cownew.PIS.framework.server.serviceImpl;

import java.util.List;

import com.cownew.PIS.base.permission.common.IUserDAO;
import com.cownew.PIS.base.permission.common.UserInfo;

import com.cownew.PIS.framework.common.services.ACInfo;
import com.cownew.PIS.framework.common.services.ILoginService;
import com.cownew.PIS.framework.common.services.LoginServiceException;
import com.cownew.PIS.framework.common.utils.KeyValueList;
import com.cownew.PIS.framework.common.utils.PISKeyValue;
import com.cownew.PIS.framework.server.helper.LocalServiceLocator;
import com.cownew.PIS.framework.server.helper.ServerConfig;
import com.cownew.PIS.framework.server.helper.ThreadVariableManager;
import com.cownew.PIS.framework.server.sessionMgr.SessionManager;
import com.cownew.ctk.security.MD5Utils;

public class LoginServiceImpl implements ILoginService
{

	public String login(String userName, String password, String acName)
	{
		//请求分配sessionId
		String sessionId = SessionManager.getInstance()
				.requestSessionId(acName);

		//设定当前用户的sessionId
		ThreadVariableManager.getInstance().setCurrentSessionId(sessionId);

		IUserDAO userDAO = (IUserDAO) LocalServiceLocator.getInstance()
				.getService(IUserDAO.class);
		KeyValueList params = new KeyValueList();
		params.add(new PISKeyValue("number", userName));

		//从系统中查找number为指定number的用户
		List list = userDAO.load("from " + UserInfo.class.getName()
				+ " user where number=:number", params);		

		//如果没找到则报告用户名错误
		if (list.size() <= 0)
		{
			throw new LoginServiceException(
					LoginServiceException.USERNAMEPASSWORDERROR);
		}

		//存在两个以上相同的用户名,正常情况下不可能发生
		if (list.size() > 1)
		{
			throw new AssertionError("more than one userName");
		}

		UserInfo userInfo = (UserInfo) list.get(0);

		//如果用户已经被冻结则抛出异常
		if (userInfo.getIsFreezed())
		{
			throw new LoginServiceException(
					LoginServiceException.USERNAMEFREEZEDERROR);
		}

		//对密码进行摘要计算
		password = MD5Utils.digest(password);
		if (userInfo.getPassword().equals(password))
		{
			//设定当前用户的用户Id
			ThreadVariableManager.getInstance().getCurrentServerUserContext()
					.setCurUserId(userInfo.getId());
			//将分配的返回给用户
			return sessionId;
		}

		//如果运行到此处说明密码错误
		//要清除sessionId,然后抛异常
		SessionManager.getInstance().removeSession(sessionId);
		throw new LoginServiceException(
				LoginServiceException.USERNAMEPASSWORDERROR);
	}

	public void logout(String sessionId)
	{
		SessionManager.getInstance().removeSession(sessionId);
	}

	public ACInfo[] getAllACInfo()
	{
		return ServerConfig.getInstance().getAcInfos();
	}

}