📄 loginservices.java
字号:
/*
* $Id: LoginServices.java,v 1.3 2003/12/09 20:47:32 jonesde Exp $
*
* Copyright (c) 2001, 2002 The Open For Business Project - www.ofbiz.org
*
* Permission is hereby granted, free of charge, to any person obtaining a
* copy of this software and associated documentation files (the "Software"),
* to deal in the Software without restriction, including without limitation
* the rights to use, copy, modify, merge, publish, distribute, sublicense,
* and/or sell copies of the Software, and to permit persons to whom the
* Software is furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included
* in all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
* OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
* MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
* IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY
* CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT
* OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR
* THE USE OR OTHER DEALINGS IN THE SOFTWARE.
*/
package org.ofbiz.securityext.login;
import java.sql.Timestamp;
import java.util.HashMap;
import java.util.LinkedList;
import java.util.List;
import java.util.Map;
import javax.transaction.InvalidTransactionException;
import javax.transaction.SystemException;
import javax.transaction.Transaction;
import javax.transaction.TransactionManager;
import org.ofbiz.base.util.Debug;
import org.ofbiz.base.util.UtilDateTime;
import org.ofbiz.base.util.UtilMisc;
import org.ofbiz.base.util.UtilProperties;
import org.ofbiz.base.util.UtilValidate;
import org.ofbiz.entity.GenericDelegator;
import org.ofbiz.entity.GenericEntityException;
import org.ofbiz.entity.GenericValue;
import org.ofbiz.entity.serialize.XmlSerializer;
import org.ofbiz.entity.transaction.GenericTransactionException;
import org.ofbiz.entity.transaction.TransactionFactory;
import org.ofbiz.entity.transaction.TransactionUtil;
import org.ofbiz.security.Security;
import org.ofbiz.service.DispatchContext;
import org.ofbiz.service.ModelService;
import org.ofbiz.service.ServiceUtil;
/**
* <b>Title:</b> Login Services
*
* @author <a href="mailto:jaz@ofbiz.org">Andy Zeneski</a>
* @author <a href="mailto:jonesde@ofbiz.org">David E. Jones</a>
* @version $Revision: 1.3 $
* @since 2.0
*/
public class LoginServices {
public static final String module = LoginServices.class.getName();
/** Login service to authenticate username and password
* @return Map of results including (userLogin) GenericValue object
*/
public static Map userLogin(DispatchContext ctx, Map context) {
Map result = new HashMap();
GenericDelegator delegator = ctx.getDelegator();
boolean useEncryption = "true".equals(UtilProperties.getPropertyValue("security.properties", "password.encrypt"));
// if isServiceAuth is not specified, default to not a service auth
boolean isServiceAuth = context.get("isServiceAuth") != null && ((Boolean) context.get("isServiceAuth")).booleanValue();
String username = (String) context.get("login.username");
if (username == null) username = (String) context.get("username");
String password = (String) context.get("login.password");
if (password == null) password = (String) context.get("password");
// get the visitId for the history entity
String visitId = (String) context.get("visitId");
String errMsg = "";
if (username == null || username.length() <= 0) {
errMsg = "Username missing.";
} else if (password == null || password.length() <= 0) {
errMsg = "Password missing";
} else {
String realPassword = useEncryption ? HashEncrypt.getHash(password) : password;
boolean repeat = true;
// starts at zero but it incremented at the beggining so in the first pass passNumber will be 1
int passNumber = 0;
while (repeat) {
repeat = false;
// pass number is incremented here because there are continues in this loop so it may never get to the end
passNumber++;
GenericValue userLogin = null;
try {
// only get userLogin from cache for service calls; for web and other manual logins there is less time sensitivity
if (isServiceAuth) {
userLogin = delegator.findByPrimaryKeyCache("UserLogin", UtilMisc.toMap("userLoginId", username));
} else {
userLogin = delegator.findByPrimaryKey("UserLogin", UtilMisc.toMap("userLoginId", username));
}
} catch (GenericEntityException e) {
Debug.logWarning(e, "", module);
}
if (userLogin != null) {
String ldmStr = UtilProperties.getPropertyValue("security.properties", "login.disable.minutes");
long loginDisableMinutes = 30;
try {
loginDisableMinutes = Long.parseLong(ldmStr);
} catch (Exception e) {
loginDisableMinutes = 30;
Debug.logWarning("Could not parse login.disable.minutes from security.properties, using default of 30", module);
}
Timestamp disabledDateTime = userLogin.getTimestamp("disabledDateTime");
Timestamp reEnableTime = null;
if (loginDisableMinutes > 0 && disabledDateTime != null) {
reEnableTime = new Timestamp(disabledDateTime.getTime() + loginDisableMinutes * 60000);
}
boolean doStore = true;
// we might change & store this userLogin, so we should clone it here to get a mutable copy
userLogin = new GenericValue(userLogin);
if (UtilValidate.isEmpty(userLogin.getString("enabled")) || "Y".equals(userLogin.getString("enabled")) ||
(reEnableTime != null && reEnableTime.before(UtilDateTime.nowTimestamp()))) {
String successfulLogin;
userLogin.set("enabled", "Y");
// if the password.accept.encrypted.and.plain property in security is set to true allow plain or encrypted passwords
if (userLogin.get("currentPassword") != null &&
(realPassword.equals(userLogin.getString("currentPassword")) ||
("true".equals(UtilProperties.getPropertyValue("security.properties", "password.accept.encrypted.and.plain")) && password.equals(userLogin.getString("currentPassword"))))) {
Debug.logVerbose("[LoginServices.userLogin] : Password Matched", module);
// reset failed login count if necessry
Long currentFailedLogins = userLogin.getLong("successiveFailedLogins");
if (currentFailedLogins != null && currentFailedLogins.longValue() > 0) {
userLogin.set("successiveFailedLogins", new Long(0));
} else {
// successful login, no need to change anything, so don't do the store
doStore = false;
}
successfulLogin = "Y";
if (!isServiceAuth) {
// get the UserLoginSession if this is not a service auth
GenericValue userLoginSession = null;
Map userLoginSessionMap = null;
try {
userLoginSession = userLogin.getRelatedOne("UserLoginSession");
if (userLoginSession != null) {
Object deserObj = XmlSerializer.deserialize(userLoginSession.getString("sessionData"), delegator);
//don't check, just cast, if it fails it will get caught and reported below; if (deserObj instanceof Map)
userLoginSessionMap = (Map) deserObj;
}
} catch (GenericEntityException ge) {
Debug.logWarning(ge, "Cannot get UserLoginSession for UserLogin ID: " +
userLogin.getString("userLoginId"), module);
} catch (Exception e) {
Debug.logWarning(e, "Problems deserializing UserLoginSession", module);
}
// return the UserLoginSession Map
if (userLoginSessionMap != null) {
result.put("userLoginSession", userLoginSessionMap);
}
}
result.put("userLogin", userLogin);
result.put(ModelService.RESPONSE_MESSAGE, ModelService.RESPOND_SUCCESS);
} else {
// password is incorrect, but this may be the result of a stale cache entry,
// so lets clear the cache and try again if this is the first pass
if (isServiceAuth && passNumber <= 1) {
delegator.clearCacheLine("UserLogin", UtilMisc.toMap("userLoginId", username));
repeat = true;
continue;
}
Debug.logInfo("[LoginServices.userLogin] : Password Incorrect", module);
// password invalid...
errMsg = "Password incorrect.";
// increment failed login count
Long currentFailedLogins = userLogin.getLong("successiveFailedLogins");
if (currentFailedLogins == null) {
currentFailedLogins = new Long(1);
} else {
currentFailedLogins = new Long(currentFailedLogins.longValue() + 1);
}
userLogin.set("successiveFailedLogins", currentFailedLogins);
// if failed logins over amount in properties file, disable account
String mflStr = UtilProperties.getPropertyValue("security.properties", "max.failed.logins");
long maxFailedLogins = 3;
try {
maxFailedLogins = Long.parseLong(mflStr);
} catch (Exception e) {
maxFailedLogins = 3;
Debug.logWarning("Could not parse max.failed.logins from security.properties, using default of 3", module);
}
if (maxFailedLogins > 0 && currentFailedLogins.longValue() >= maxFailedLogins) {
userLogin.set("enabled", "N");
userLogin.set("disabledDateTime", UtilDateTime.nowTimestamp());
}
successfulLogin = "N";
}
// this section is being done in its own transaction rather than in the
//current/existing transaction because we may return error and we don't
//want that to stop this from getting stored
TransactionManager txMgr = TransactionFactory.getTransactionManager();
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -