package c.v.swms.server.service.security.pojo; import java.util.Date; import java.util.List; import java.util.Locale; import java.util.regex.Matcher; import java.util.regex.Pattern; import org.apache.commons.codec.digest.DigestUtils; import org.apache.commons.lang.StringUtils; import c.v.swms.server.model.base.pass.PasswordRule; import c.v.swms.server.utils.DateUtil; import c.v.swms.server.web.filter.WarehouseHolder; import c.v.thorn.server.exception.BusinessException; import c.v.thorn.server.model.security.User; import c.v.thorn.server.service.security.pojo.DefaultUserManager; import c.v.thorn.server.util.LocalizedMessage; import c.v.thorn.server.web.security.UserHolder; public class DefaultSwmsUserManager extends DefaultUserManager { //密码策略返回消息 public String message; public void saveUser(User user, Locale locale) { if (this.retrieve(user.getLoginName()) != null && user.isNew()) { throw new BusinessException("user.already.exsits", new String[] { user.getLoginName() }); } PasswordRule rule = getPasswordRule(); User dbuser; if (user.isNew()) { dbuser = user; dbuser.setEnabled(true); dbuser.setLocked(false); } else { dbuser = load(User.class, user.getId()); } if (user.getFirstPage() != null && user.getFirstPage().getId() != null) { dbuser.setFirstPage(user.getFirstPage()); } else { dbuser.setFirstPage(null); } //密码规则校验 verifyPassByRule(dbuser, rule, user.getPassword()); dbuser.setPassword( DigestUtils.shaHex(user.getPassword())); dbuser.setStrExtend1(user.getStrExtend1()); dbuser.setStrExtend2(user.getStrExtend2()); dbuser.setStrExtend3(user.getStrExtend3()); dbuser.setStrExtend4(user.getStrExtend4()); dbuser.setLocale(locale); dbuser.setExpiryDate(user.getExpiryDate()); dbuser.setEmail(user.getEmail()); dbuser.setLoginName(user.getLoginName()); dbuser.setName(user.getName()); dbuser.setReferenceModel( user.getReferenceModel()==null?WarehouseHolder.getWarehouse(). getReferenceModel():user.getReferenceModel()); this.commonDao.store(dbuser); } /** * 用户修改密码 */ public void modifyPassword(String oldPassword, String newPassword, String confirmPassword) { User user = commonDao.load(User.class, UserHolder.getUser().getId()); PasswordRule rule = getPasswordRule(); //新密码一致性验证 if(!(newPassword.trim()).equals(confirmPassword.trim())){ throw new BusinessException("newPassword.notsame"); } //原密码验证 String oldPass = DigestUtils.shaHex(oldPassword); if (!oldPass.equals(user.getPassword())) { throw new BusinessException("password.notCorrect"); } verifyPassByRule(user, rule, newPassword); String newPass = DigestUtils.shaHex(newPassword); user.setPassword(newPass); commonDao.store(user); LocalizedMessage.addMessage("password.Change.success"); } private void verifyPassByRule(User user, PasswordRule rule, String newPassword) { if (rule == null) { return; } //新密码规则验证 if (this.isPass(rule, newPassword, user) == false) { throw new BusinessException(message); } //当不区分大小写时把修改的密码转换成小写的存到数据库 if(!rule.getCaseSensitive()){ newPassword = newPassword.toLowerCase(); } String newPass = DigestUtils.shaHex(newPassword); user.setPassword(newPass); //当密码重复周期为0时把用户的历史密码清空 if(rule.getRepeatCycle() == 0){ user.setStrExtend5(""); } else { //新密码重复性验证 if (!StringUtils.isEmpty(user.getStrExtend5()) && user.getStrExtend5().indexOf(newPass) >= 0) { throw new BusinessException("password.history.dupicate"); } //将新密码加入历史密码组, //如果历史密码超过重复周期,去掉前面的历史密码 user.setStrExtend5(user.getStrExtend5() + newPass + ","); int times = StringUtils.countMatches(user.getStrExtend5(), ","); while (times > rule.getRepeatCycle()) { user.setStrExtend5(StringUtils.substring(user.getStrExtend5(), user.getStrExtend5().indexOf(",")+1)); times = StringUtils.countMatches(user.getStrExtend5(), ","); } } //当策略的密码有效期为0时,则修改用户的有效期为null即永不过期 if(rule.getPeriod() == 0){ user.setPasswordExpiryDate(null); } else { user.setPasswordExpiryDate( DateUtil.addDayToDate(new Date(), rule.getPeriod())); } } @SuppressWarnings("unchecked") private PasswordRule getPasswordRule() { PasswordRule pass=null; List<PasswordRule> rules = commonDao.findByQuery( "from PasswordRule pr where pr.isDisable = false"); if (rules == null || rules.size() < 1) { return null; } pass = rules.get(0); return pass; } /** * 密码策略判断 * @param password * @param user * @return */ private boolean isPass(PasswordRule pass, String password, User user) { if (pass == null) { return true; } //长度不足 if (pass.getPwdLength() > password.length()) { message = "connot.length.shot"; return false; } //无特殊符号 if (pass.getNeedSymbol()) { Pattern p = Pattern.compile("(.*[^a-zA-z0-9].*)"); Matcher m = p.matcher(password); if (!m.matches()) { message = "connot.needSymbol"; return false; } } //无字母 if(pass.getNeedLetter()) { Pattern p = Pattern.compile("(.*[a-zA-z].*)"); Matcher m = p.matcher(password); if (!m.matches()) { message = "connot.needLetter"; return false; } } //无数字 if (pass.getNeedNumber()) { Pattern p = Pattern.compile("(.*[0-9].*)"); Matcher m = p.matcher(password); if (!m.matches()) { message = "connot.needNumber"; return false; } } return true; } private String shaEncodePassword(String painPwd) { painPwd = painPwd == null ? "" : painPwd; if (painPwd.length() == 40) { return painPwd; } return DigestUtils.shaHex(painPwd); } }
密码策略
猜你喜欢
转载自minyongcheng.iteye.com/blog/2163992
今日推荐
周排行