alvinalexander.com | career | drupal | java | mac | mysql | perl | scala | uml | unix  

What this is

This file is included in the DevDaily.com "Java Source Code Warehouse" project. The intent of this project is to help you "Learn Java by Example" TM.

Other links

The source code

/*
 * $Header: /cvsroot/mvnforum/mvnforum/src/com/mvnforum/auth/OnlineUserFactoryImpl.java,v 1.18.2.1 2005/06/17 17:37:37 minhnn Exp $
 * $Author: minhnn $
 * $Revision: 1.18.2.1 $
 * $Date: 2005/06/17 17:37:37 $
 *
 * ====================================================================
 *
 * Copyright (C) 2002-2005 by MyVietnam.net
 *
 * This program is free software; you can redistribute it and/or
 * modify it under the terms of the GNU General Public License
 * as published by the Free Software Foundation; either version 2
 * of the License, or any later version.
 *
 * All copyright notices regarding mvnForum MUST remain intact
 * in the scripts and in the outputted HTML.
 * The "powered by" text/logo with a link back to
 * http://www.mvnForum.com and http://www.MyVietnam.net in the
 * footer of the pages MUST remain visible when the pages
 * are viewed on the internet or intranet.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with this program; if not, write to the Free Software
 * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA  02111-1307, USA.
 *
 * Support can be obtained from support forums at:
 * http://www.mvnForum.com/mvnforum/index
 *
 * Correspondence and Marketing Questions can be sent to:
 * info@MyVietnam.net
 *
 * @author: Minh Nguyen  minhnn@MyVietnam.net
 * @author: Mai  Nguyen  mai.nh@MyVietnam.net
 */
package com.mvnforum.auth;

import java.sql.Timestamp;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import com.mvnforum.*;
import com.mvnforum.db.*;
import net.myvietnam.mvncore.exception.*;
import net.myvietnam.mvncore.security.Encoder;
import net.myvietnam.mvncore.util.DateUtil;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;

public class OnlineUserFactoryImpl implements OnlineUserFactory {

    private static Log log = LogFactory.getLog(OnlineUserFactoryImpl.class);

    public OnlineUserFactoryImpl() {
    }

    public OnlineUser getAuthenticatedUser(HttpServletRequest request,
                                           HttpServletResponse response,
                                           String loginName, String password,
                                           boolean isEncodedPassword)
        throws AuthenticationException, DatabaseException, AssertionException {

        int memberID = 0;
        int timeZone = 0;
        boolean invisible = false;
        String localeName = "";
        Timestamp lastLogon = null;
        String lastLogonIP = null;
        int postsPerPage = 10;

        try {
            memberID = DAOFactory.getMemberDAO().getMemberIDFromMemberName(loginName);
        } catch (ObjectNotFoundException e) {
            throw new AuthenticationException(NotLoginException.WRONG_NAME);
        } catch (Exception e) {
            log.error("Unexpected error validating user", e);
            /** @todo find a beter one than NotLoginException.NOT_LOGIN */
            throw new AuthenticationException(NotLoginException.NOT_LOGIN);
        }

        try {
            MemberBean memberBean = DAOFactory.getMemberDAO().getMember_forViewCurrentMember(memberID);

            if (memberBean.getMemberStatus() != MemberBean.MEMBER_STATUS_ENABLE) {
                if (memberID != MVNForumConstant.MEMBER_ID_OF_ADMIN) {// Admin cannot be disabled
                    throw new AuthenticationException(NotLoginException.ACCOUNT_DISABLED);
                }
            }

            if (DAOFactory.getMemberDAO().getActivateCode(memberID).equals(MemberBean.MEMBER_ACTIVATECODE_ACTIVATED) == false) {
                // not activated
                if (MVNForumConfig.getRequireActivation()) {
                    if (memberID != MVNForumConstant.MEMBER_ID_OF_ADMIN) {// Admin dont have to activate to login
                        throw new AuthenticationException(NotLoginException.NOT_ACTIVATED);
                    }
                }
            }

            if (validatePassword(loginName, password, isEncodedPassword) == false) {
                if ((MVNForumConfig.getEnablePasswordlessAuth() == false) || (password.length() > 0)) {
                    throw new AuthenticationException(NotLoginException.WRONG_PASSWORD);
                }
            }

            timeZone = memberBean.getMemberTimeZone();
            localeName = memberBean.getMemberLanguage();
            lastLogon = memberBean.getMemberLastLogon();
            postsPerPage = memberBean.getMemberPostsPerPage();
            lastLogonIP = memberBean.getMemberLastIP();
            invisible  = memberBean.isInvisible();
            // now we have checked the authentication, then we update the lastlogon date
            Timestamp now = DateUtil.getCurrentGMTTimestamp();
            DAOFactory.getMemberDAO().updateLastLogon(memberID, now, request.getRemoteAddr());

            // next, get the correct name from database
            // Eg: if in database the MemberName is "Admin", and user enter "admin"
            // We will convert "admin" to "Admin"
            String memberName = memberBean.getMemberName();

            OnlineUserImpl authenticatedUser = new OnlineUserImpl(request, false/*isGuest*/);
            authenticatedUser.setMemberID(memberID);
            authenticatedUser.setMemberName(memberName);
            authenticatedUser.setInvisible(invisible);
            authenticatedUser.setTimeZone(timeZone);
            //NOTE: This MUST be the only way to get permission for a member,
            // so we prevent getPermission for one user and set for other user
            // Note: this method might throw AssertionException
            MVNForumPermission permission = MVNForumPermissionFactory.getAuthenticatedPermission(memberID);
            authenticatedUser.setPermission(permission);
            authenticatedUser.setLocaleName(localeName);
            authenticatedUser.setLastLogonTimestamp(lastLogon);
            authenticatedUser.setLastLogonIP(lastLogonIP);
            authenticatedUser.setGender(memberBean.getMemberGender() != 0);
            authenticatedUser.setPostsPerPage(postsPerPage);

            if (MVNForumConfig.getEnableCompany()) {
                try {
                    int companyID = DAOFactory.getMemberCompanyDAO().getCompanyIDFromMemberID(memberID);
                    CompanyBean companyBean = DAOFactory.getCompanyDAO().getCompany(companyID);

                    // Load the css Path for this user
                    String cssPath = MyUtil.getCompanyCssPath(companyBean, request.getContextPath());
                    authenticatedUser.setCssPath(cssPath);

                    // Load the logo Path for this user
                    String logoPath = MyUtil.getCompanyLogoPath(companyBean, request.getContextPath());
                    authenticatedUser.setLogoPath(logoPath);
                } catch (ObjectNotFoundException ex) {
                    // not belong to a company, just ignore
                }
            }
            return authenticatedUser;
        } catch (ObjectNotFoundException e) {
            throw new AuthenticationException(NotLoginException.WRONG_NAME);//we dont want this line to happen
        } catch (DatabaseException e) {
            log.error("Unexpected error validating user", e);
            throw new AuthenticationException(NotLoginException.NOT_LOGIN);//we dont want this line to happen
        }
    }

    public OnlineUser getAnonymousUser(HttpServletRequest request)
        throws DatabaseException, AssertionException {

        int memberID = MVNForumConstant.MEMBER_ID_OF_GUEST;
        String memberName = MVNForumConfig.getDefaultGuestName();
        int timeZone = MVNForumConfig.getDefaultGuestTimeZone();
        String localeName = "";
        Timestamp lastLogon = null;
        String lastLogonIP = null;
        int postsPerPage = MVNForumConfig.getRowsPerPage();

        try {
            MemberBean memberBean = DAOFactory.getMemberDAO().getMember_forViewCurrentMember(memberID);
            if (memberBean.getMemberStatus() != MemberBean.MEMBER_STATUS_ENABLE) {
                //@todo: for now, Guest is always enabled
            }
            memberName = memberBean.getMemberName();
            timeZone = memberBean.getMemberTimeZone();
            localeName = memberBean.getMemberLanguage();
            lastLogon = memberBean.getMemberLastLogon();
            postsPerPage = memberBean.getMemberPostsPerPage();
            lastLogonIP = memberBean.getMemberLastIP();

            //@todo: Should we update LastLogon? I think we should, so we know when we had last guest visiting the site.
            Timestamp now = DateUtil.getCurrentGMTTimestamp();
            //@todo should we remember these information for the Guest
            DAOFactory.getMemberDAO().updateLastLogon(memberID, now, request.getRemoteAddr());

            OnlineUserImpl anonymousUser = new OnlineUserImpl(request, true/*isGuest*/);
            anonymousUser.setMemberID(memberID);
            anonymousUser.setMemberName(memberName);
            anonymousUser.setTimeZone(timeZone);
            MVNForumPermission permission = MVNForumPermissionFactory.getAnonymousPermission();
            anonymousUser.setPermission(permission);
            anonymousUser.setLocaleName(localeName);
            anonymousUser.setLastLogonTimestamp(lastLogon);
            anonymousUser.setLastLogonIP(lastLogonIP);
            //no gender; anonymousUser.setGender(memberBean.getMemberGender() != 0);
            anonymousUser.setPostsPerPage(postsPerPage);
            return anonymousUser;
        } catch (ObjectNotFoundException e) {
            OnlineUserImpl anonymousUser = new OnlineUserImpl(request, true/*isGuest*/);
            //anonymousUser.setMemberID(MVNForumConstant.MEMBER_ID_OF_GUEST);
            //anonymousUser.setMemberName(MVNForumConfig.getDefaultGuestName());
            MVNForumPermission permission = MVNForumPermissionFactory.getAnonymousPermission();
            anonymousUser.setPermission(permission);
            anonymousUser.setLocaleName("");
            anonymousUser.setLastLogonTimestamp(new Timestamp(0));
            anonymousUser.setPostsPerPage(postsPerPage);
            anonymousUser.setTimeZone(timeZone);
            return anonymousUser;
        } catch (DatabaseException e) {
            OnlineUserImpl anonymousUser = new OnlineUserImpl(request, true/*isGuest*/);
            //anonymousUser.setMemberID(MVNForumConstant.MEMBER_ID_OF_GUEST);
            //anonymousUser.setMemberName(MVNForumConfig.getDefaultGuestName());
            MVNForumPermission permission = MVNForumPermissionFactory.getAnonymousPermission();
            anonymousUser.setPermission(permission);
            anonymousUser.setLocaleName("");
            anonymousUser.setLastLogonTimestamp(new Timestamp(0));
            anonymousUser.setPostsPerPage(postsPerPage);
            anonymousUser.setTimeZone(timeZone);
            return anonymousUser;
        }
    }

    public void postLogin(HttpServletRequest request, HttpServletResponse response, OnlineUser onlineUser)
        throws DatabaseException {

        // We create default Message Folder for this user
        int folderOption = 0;
        int folderType = 0;
        int folderStatus = 0;
        Timestamp now = DateUtil.getCurrentGMTTimestamp();
        try {
            try {
                DAOFactory.getMessageFolderDAO().create(MVNForumConstant.MESSAGE_FOLDER_INBOX, onlineUser.getMemberID(),
                                            0/*folderOrder*/, folderStatus, folderOption, folderType, now, now);
            } catch (DuplicateKeyException ex) {
                // Already existed, just go ahead
            }

            try {
                DAOFactory.getMessageFolderDAO().create(MVNForumConstant.MESSAGE_FOLDER_DRAFT, onlineUser.getMemberID(),
                                            1/*folderOrder*/, folderStatus, folderOption, folderType, now, now);
            } catch (DuplicateKeyException ex) {
                // Already existed, just go ahead
            }

            try {
                DAOFactory.getMessageFolderDAO().create(MVNForumConstant.MESSAGE_FOLDER_SENT, onlineUser.getMemberID(),
                                            2/*folderOrder*/, folderStatus, folderOption, folderType, now, now);
            } catch (DuplicateKeyException ex) {
                // Already existed, just go ahead
            }

            try {
                DAOFactory.getMessageFolderDAO().create(MVNForumConstant.MESSAGE_FOLDER_TRASH, onlineUser.getMemberID(),
                                            3/*folderOrder*/, folderStatus, folderOption, folderType, now, now);
            } catch (DuplicateKeyException ex) {
                // Already existed, just go ahead
            }
        } catch (CreateException ce) {
            throw new DatabaseException("Cannot created Message Folder.");
        } catch (ForeignKeyNotFoundException fe) {
            throw new DatabaseException("Cannot created Message Folder because the foreign key is not existed.");
        }
    }

    public void logout(HttpServletRequest request, HttpServletResponse response) {
        //do nothing
    }

    public String getEncodedPassword(String loginName, String password) {
        return Encoder.getMD5_Base64(password);
    }

    public boolean validatePassword(String loginName, String password, boolean isEncodedPassword)
        throws AuthenticationException {

        try {
            int memberId = DAOFactory.getMemberDAO().getMemberIDFromMemberName(loginName);
            if ((memberId == 0) || (memberId == MVNForumConstant.MEMBER_ID_OF_GUEST)) {
                return true;
            }

            String encodedPassword;
            if (isEncodedPassword) {
                encodedPassword = password;
            } else {
                encodedPassword = getEncodedPassword(loginName, password);
            }

            if (isEncodedPassword && password.equals(OnlineUserManager.PASSWORD_OF_METHOD_REALM)) {
                if (MVNForumConfig.getEnableLoginInfoInRealm()) {
                    return true;
                }
            }
            if (isEncodedPassword && password.equals(OnlineUserManager.PASSWORD_OF_METHOD_CUSTOMIZATION)) {
                if (MVNForumConfig.getEnableLoginInfoInCustomization()) {
                    return true;
                }
            }
            return encodedPassword.equals(DAOFactory.getMemberDAO().getPassword(memberId));
        } catch (ObjectNotFoundException e) {
            throw new AuthenticationException(NotLoginException.WRONG_NAME);
        } catch (Exception e) {
            /** @todo find a beter one than NotLoginException.NOT_LOGIN */
            throw new AuthenticationException(NotLoginException.NOT_LOGIN);
        }
    }

    public void ensureCorrectPassword(String loginName, String password, boolean isEncodedPassword)
        throws AuthenticationException {

        boolean isCorrectPassword = validatePassword(loginName, password, isEncodedPassword);
        if (isCorrectPassword == false) {
            throw new AuthenticationException(NotLoginException.WRONG_PASSWORD);
        }
    }
}
... this post is sponsored by my books ...

#1 New Release!

FP Best Seller

 

new blog posts

 

Copyright 1998-2021 Alvin Alexander, alvinalexander.com
All Rights Reserved.

A percentage of advertising revenue from
pages under the /java/jwarehouse URI on this website is
paid back to open source projects.