dbauthenticationprovider.java~1~

java系统通用框架 很实用的东东 一般人都看的懂,

package com.ibm.bisc.ebiz.security;

/**
 * Insert the type's description here.
 * Creation date: (2003-3-13 10:44:20)
 * @author: Administrator
 */
import com.ibm.bisc.ebiz.util.*;
import com.ibm.bisc.ebiz.member.*;
import java.sql.*;
import com.ibm.bisc.ebiz.exception.*;
import com.sony.common.*;
public class DBAuthenticationProvider implements AuthenticateProvider {
/**
 * DBAuthenticationProvider constructor comment.
 */
public DBAuthenticationProvider() {
	super();
}
/**
 * authenticate method comment.
 */
public User authenticate(String userid, String password) throws com.ibm.bisc.ebiz.exception.AuthenticateException {
	return null;
}
/**
 * authenticate method comment.
 */
public User authenticate(String userid, String password, java.sql.Connection conn) throws com.ibm.bisc.ebiz.exception.AuthenticateException, com.ibm.bisc.ebiz.exception.NullPrincipalException {
//	UserWebPrincipal userprincipal = null;
	
	/*verify the userid and password*/
//	LDAPUtils ldaphandler = LDAPUtils.getHandler();
	
//	if(ldaphandler.authenticate(userid,password)){
		//认证成功
//	userprincipal = new UserWebPrincipal();
//	userprincipal.setLoginID(userid);
	User user = null;
	try {
		user = loadUserFromDB(conn, userid);

		if (user.checkPassword(password)) {
			System.out.println("user verify correct");
		}else{
			//认证失败
			throw new AuthenticateException("authenticate failed!");
		}
	}catch (Exception exp) {
		throw new AuthenticateException("authenticate failed!");
	}
		
	return user;
}
/**
 * init method comment.
 */
public void init(org.w3c.dom.Node config) {}
/*	public final static String FORCE_LOGIN_MEMBER = "02";
	public final static String FORCE_LOGIN_LIST = "01";
	public final static String FORCE_LOGIN_FUNDCOMPANY = "03";
	public final static String FORCE_LOGIIN_SSE = "00";

	public final static String DEPARTMENT_MEMB = "MEMB";
	public final static String DEPARTMENT_LIST = "LIST";
	public final static String DEPARTMENT_IBS = "IBS";
*/
private User loadUserFromDB(Connection conn, String userid) throws Exception
{

	User user = null;
	try{

		System.out.println("-------- DBAuthenticationProvider userid= "+userid);
		
		String sql = "select * from S_USER where userid = ?";
		PreparedStatement stmt = conn.prepareStatement(sql);
		stmt.setString(1, userid);
		ResultSet rs = (ResultSet)stmt.executeQuery();
		if (!rs.next())
		{
			throw new NullPrincipalException();
		}
		
		String cmpType = rs.getString("CMPTYPE");
		String deptCode = rs.getString("DEPTCODE");

		System.out.println("-------- cmpType= "+cmpType);
		System.out.println("-------- deptCode= "+deptCode);

		if (User.CMP_SONY.equals(cmpType)) {
			if (User.DEPT_SALE.equals(deptCode)) {
				user = new SalesUser(conn, rs);
			}
			if (User.DEPT_MRKT.equals(deptCode)) {
				user = new MarketUser(conn, rs);
			}
		}else {

			user = new User(conn, rs);
		}
	}catch(Exception e){
		e.printStackTrace(System.out);
		throw e;
	}

	return user;
}
}