Examples of org.apache.jetspeed.security.PasswordCredential

• org.apache.jetspeed.security.PasswordCredential

  PasswordCredential

  @author Ate Douma @version $Id: PasswordCredential.java 516448 2007-03-09 16:25:47Z ate $

        // Here's where a break should be.   The following code should be put into the RETURN portlet
        try
        {
            User user = userManager.getUser(userName);
            PasswordCredential pwc = userManager.getPasswordCredential(user);
            pwc.setPassword(null, newPassword);
            pwc.setUpdateRequired(true);
            userManager.storePasswordCredential(pwc);

            // if we got here stuff is changed... removed the key from the map
            admin.removeNewLoginInfo(guid);
        } catch (SecurityException e)

                {
                    try
                    {
                        boolean passwordSet = false;
                        UserManager manager = (UserManager) getManager();
                        PasswordCredential credential = manager
                                .getPasswordCredential((User) getPrincipal());
                        if (getCredentialValue() != null
                                && getCredentialValue().trim().length() > 0)
                        {
                            credential.setPassword(null, getCredentialValue());
                            getServiceLocator()
                                    .getAuditActivity()
                                    .logAdminCredentialActivity(
                                            getPortletRequest()
                                                    .getUserPrincipal()
                                                    .getName(),
                                            getIPAddress(),
                                            getPrincipal().getName(),
                                            AuditActivity.PASSWORD_RESET,
                                            AdminPortletWebPage.USER_ADMINISTRATION);
                            passwordSet = true;
                        }
                        if (getCredentialUpdateRequired() != credential
                                .isUpdateRequired())
                        {
                            credential
                                    .setUpdateRequired(getCredentialUpdateRequired());
                            getServiceLocator()
                                    .getAuditActivity()
                                    .logAdminCredentialActivity(
                                            getPortletRequest()
                                                    .getUserPrincipal()
                                                    .getName(),
                                            getIPAddress(),
                                            getPrincipal().getName(),
                                            AuditActivity.PASSWORD_UPDATE_REQUIRED,
                                            AdminPortletWebPage.USER_ADMINISTRATION);
                        }
                        if (getCredentialEnabled() != credential.isEnabled())
                        {
                            credential.setEnabled(getCredentialEnabled());
                            String activity = (getCredentialEnabled() ? AuditActivity.PASSWORD_ENABLED
                                    : AuditActivity.PASSWORD_DISABLED);
                            getServiceLocator()
                                    .getAuditActivity()
                                    .logAdminCredentialActivity(
                                            getPortletRequest()
                                                    .getUserPrincipal()
                                                    .getName(),
                                            getIPAddress(),
                                            getPrincipal().getName(),
                                            activity,
                                            AdminPortletWebPage.USER_ADMINISTRATION);
                        }
                        String expiredFlagStr = getUserExpiredFlag();
                        if (expiredFlagStr != null)
                        {
                            if (!passwordSet
                                    && expiredFlagStr.equals("expired"))
                            {
                                java.sql.Date today = new java.sql.Date(
                                        new Date().getTime());
                                credential.setExpirationDate(today);
                                getServiceLocator()
                                        .getAuditActivity()
                                        .logAdminCredentialActivity(
                                                getPortletRequest()
                                                        .getUserPrincipal()
                                                        .getName(),
                                                getIPAddress(),
                                                getPrincipal().getName(),
                                                AuditActivity.PASSWORD_EXPIRE,
                                                AdminPortletWebPage.USER_ADMINISTRATION);
                            } else if (expiredFlagStr.equals("extend"))
                            {
                                // getUserManager().setPasswordExpiration(getUserName(),
                                // null);
                                // TODO confirm with Ate/David
                                credential.setExpirationDate(MAX_DATE);
                                getServiceLocator()
                                        .getAuditActivity()
                                        .logAdminCredentialActivity(
                                                getPortletRequest()
                                                        .getUserPrincipal()
                                                        .getName(),
                                                getIPAddress(),
                                                getPrincipal().getName(),
                                                AuditActivity.PASSWORD_EXTEND,
                                                AdminPortletWebPage.USER_ADMINISTRATION);
                            } else if (expiredFlagStr.equals("unlimited"))
                            {
                                credential.setExpirationDate(MAX_DATE);
                                getServiceLocator()
                                        .getAuditActivity()
                                        .logAdminCredentialActivity(
                                                getPortletRequest()
                                                        .getUserPrincipal()

  public Subject getSubject(User user) throws SecurityException
  {
    if (!getAnonymousUser().equals(user.getName()) && credentialManager != null)
    {
      PasswordCredential pwc = getPasswordCredential(user);
      if (pwc != null)
      {
        UserCredential credential = new UserCredentialImpl(pwc);
        HashSet<Object> privateCred = new HashSet<Object>();
        privateCred.add(credential);

    {
        try
        {
            Subject subject = request.getSubject();
            Iterator credentialsIter = subject.getPrivateCredentials().iterator();
            PasswordCredential pwdCredential = null;
            while ( credentialsIter.hasNext() )
            {
                Object credential = credentialsIter.next();
                if ( credential instanceof PasswordCredential )
                {
                    pwdCredential = (PasswordCredential)credential;
                    break;
                }
            }
            Integer passwordDaysValid = null;

            // check for an existing password credential
            // The only expected subject without a password credential is the anonymous user!
            if ( pwdCredential != null )
            {
                if ( pwdCredential.isUpdateRequired() )
                {
                    passwordDaysValid = new Integer(0); // required change
                }
                if ( request.getSessionAttribute(CHECKED_KEY) == null  )
                {
                    request.setSessionAttribute(CHECKED_KEY,Boolean.TRUE);
                    if ( pwdCredential.getPreviousAuthenticationDate() != null )
                    {
                        long expirationTime = pwdCredential.getExpirationDate().getTime();
                        long lastAuthTime = pwdCredential.getLastAuthenticationDate().getTime();
                        int lastAuthDaysBeforeExpiration = (int)((expirationTime-lastAuthTime)/(24*60*60*1000));
                        if (  lastAuthDaysBeforeExpiration < 1 )
                        {
                            passwordDaysValid = new Integer(1);
                        }
                        else if (expirationWarningDays.length > 0)
                        {
                            long prevAuthTime = Long.MIN_VALUE;
                            if (pwdCredential.getPreviousAuthenticationDate() != null )
                            {
                                prevAuthTime = pwdCredential.getPreviousAuthenticationDate().getTime();
                            }
                            int prevAuthDaysBeforeExpiration = (int)((expirationTime-prevAuthTime)/(24*60*60*1000));
                            if ( prevAuthDaysBeforeExpiration > lastAuthDaysBeforeExpiration )
                            {
                                for ( int i = 0; i < expirationWarningDays.length; i++ )

                if ( password != null && password.trim().length() > 0 )
                {
                    userManager.setPassword(userName, null, password);
                    updated = true;
                }
                PasswordCredential credential = getCredential(userName);
                if ( credential != null )
                {
                    String updateRequiredStr = actionRequest.getParameter("user_cred_updreq");
                    if (updateRequiredStr != null)
                    {
                        boolean updateRequired = Boolean.valueOf(updateRequiredStr).booleanValue();
                        if (updateRequired != credential.isUpdateRequired())
                        {
                            userManager.setPasswordUpdateRequired(userName,updateRequired);
                            updated = true;
                        }
                    }
                    String enabledStr = actionRequest.getParameter("user_cred_enabled");
                    if (enabledStr != null)
                    {
                        boolean enabled = Boolean.valueOf(enabledStr).booleanValue();
                        if (enabled != credential.isEnabled())
                        {
                            userManager.setPasswordEnabled(userName,enabled);
                            updated = true;
                        }
                    }

        return new LinkedList();
    }

    private PasswordCredential getCredential(String userName)
    {
        PasswordCredential credential = null;
        Set credentials = lookupUser(userName).getSubject().getPrivateCredentials();
        Iterator iter = credentials.iterator();
        while (iter.hasNext())
        {
            Object o = iter.next();

    {
        try
        {
            // create the user
            User user =  userManager.addUser(userName);
            PasswordCredential pwc = userManager.getPasswordCredential(user);
            pwc.setPassword(null, password);
            userManager.storePasswordCredential(pwc);

            // assign roles to user
            if (roles == null || roles.isEmpty())
            {

     * @see org.apache.jetspeed.security.spi.PasswordCredentialProvider#create(java.lang.String, java.lang.String)
     */
    public PasswordCredential create(String userName, String password) throws SecurityException
    {
        validator.validate(password);
        PasswordCredential pc;
        if ( encoder != null )
        {
            pc = new DefaultPasswordCredentialImpl(userName, encoder.encode(userName, password).toCharArray());
        }
        else

        return null;
    }

    protected String getPassword(User user)
    {
        PasswordCredential credential = null;

        Set credentials = user.getSubject().getPrivateCredentials();
        Iterator iter = credentials.iterator();
        while (iter.hasNext())
        {
            Object o = iter.next();
            if (o instanceof PasswordCredential)
            {
                credential = (PasswordCredential) o;
                char[] charar = credential.getPassword();

                return new String(charar);
            }
        }
        return null;

                {
                    userManager.setPassword(userName, null, password);
                    audit.logAdminCredentialActivity(actionRequest.getUserPrincipal().getName(), getIPAddress(actionRequest), userName, AuditActivity.PASSWORD_RESET, USER_ADMINISTRATION);
                    passwordSet = true;
                }
                PasswordCredential credential = getCredential(actionRequest, userName);
                if ( credential != null )
                {
                    String updateRequiredStr = actionRequest.getParameter("user_cred_updreq");
                    if (updateRequiredStr != null)
                    {
                        boolean updateRequired = Boolean.valueOf(updateRequiredStr).booleanValue();
                        if (updateRequired != credential.isUpdateRequired())
                        {
                            userManager.setPasswordUpdateRequired(userName,updateRequired);
                            audit.logAdminCredentialActivity(actionRequest.getUserPrincipal().getName(), getIPAddress(actionRequest), userName, AuditActivity.PASSWORD_UPDATE_REQUIRED, USER_ADMINISTRATION);
                        }
                    }
                    String enabledStr = actionRequest.getParameter("user_cred_enabled");
                    if (enabledStr != null)
                    {
                        boolean enabled = Boolean.valueOf(enabledStr).booleanValue();
                        if (enabled != credential.isEnabled())
                        {
                            userManager.setPasswordEnabled(userName,enabled);
                            String activity = (enabled) ? AuditActivity.PASSWORD_ENABLED : AuditActivity.PASSWORD_DISABLED;
                            audit.logAdminCredentialActivity(actionRequest.getUserPrincipal().getName(), getIPAddress(actionRequest), userName, activity, USER_ADMINISTRATION);
                        }