00001
00002
00003
00004
00005
00006
00007
00008
00009
00010
00011
00012
00013
00014
00015
00016
00017
00018
00019
00020
00021
00022
00023
00024
00025
00026
00027
00028
00029
00030 package org.openmobileis.services.security;
00031
00032
00033 import org.openmobileis.common.context.ApplicationContextManager;
00034 import org.openmobileis.common.util.PropertiesManager;
00035 import org.openmobileis.common.util.log.LogManager;
00036 import org.openmobileis.common.util.log.LogServices;
00037
00045 public class SecurityManager {
00046 private static SecurityManager manager;
00047 private long passwordTime = 0;
00048 private long maxTimeout = 0;
00049
00050 private static SecurityStore store;
00051 private static SecurityHash hash;
00052
00057 protected SecurityManager() {
00058 super();
00059 if (SecurityManager.store == null) {
00060 SecurityManager.registerSecurityStore(new DefaultSecurityStore());
00061 }
00062 if (SecurityManager.hash == null) {
00063 SecurityManager.registerSecurityHash(new DefaultSecurityHash());
00064 }
00065 String timeout = PropertiesManager.getManager().getProperty("webserver.securoty.password.timeout");
00066 if (timeout != null) {
00067 maxTimeout = Integer.parseInt(timeout)*60*1000;
00068 }
00069 }
00070
00071 public static void registerSecurityStore(SecurityStore newStore) {
00072 synchronized(SecurityManager.class) {
00073 SecurityManager.store = newStore;
00074 }
00075 }
00076
00077 public static void registerSecurityHash(SecurityHash newHash) {
00078 synchronized(SecurityManager.class) {
00079 SecurityManager.hash = newHash;
00080 }
00081 }
00082
00083 public static SecurityManager getManager() {
00084 if (manager == null) {
00085 synchronized(SecurityManager.class) {
00086 if (manager == null) {
00087 manager = new SecurityManager();
00088 ApplicationContextManager.getManager().addManager(manager);
00089 }
00090 }
00091 }
00092 return manager;
00093 }
00094
00095 public long getMaxTimeout() {
00096 return maxTimeout;
00097 }
00098
00099 public boolean isServiceCallElapseTime() {
00100 long currentTime = System.currentTimeMillis();
00101 long elapse = currentTime - passwordTime;
00102 if (elapse >maxTimeout) {
00103 return true;
00104 }
00105 return false;
00106 }
00107
00108 public void setServiceCall() {
00109 passwordTime = System.currentTimeMillis();
00110 }
00111
00112 public boolean changeServicePass(String oldpassword, String newpassword) {
00113
00114
00115 if (oldpassword == null || oldpassword.trim().length() == 0) {
00116 if (this.isInitializedPass()) {
00117 LogManager.traceWarning(LogServices.SECURITYSERVICE, "SecurityManager::changeServicePass : oldpassword is null while it's initialized... returning false");
00118 return false;
00119 }
00120 } else {
00121 if (!this.validateServicePass(oldpassword)) {
00122 LogManager.traceWarning(LogServices.SECURITYSERVICE, "SecurityManager::changeServicePass : wrong old password... returning flase");
00123 return false;
00124 }
00125 }
00126
00127
00128 if (newpassword == null || newpassword.trim().length() == 0) {
00129 LogManager.traceWarning(LogServices.SECURITYSERVICE, "SecurityManager::changeServicePass : newpassword is incorrect");
00130 return false;
00131 }
00132 LogManager.traceWarning(LogServices.SECURITYSERVICE, "SecurityManager::changeServicePass : before setServicePass");
00133 this.setServicePass(newpassword);
00134 LogManager.traceWarning(LogServices.SECURITYSERVICE, "SecurityManager::changeServicePass : after setServicePass.. returning true");
00135 return true;
00136 }
00137
00138 private void setServicePass(String password) {
00139 if (password == null) {
00140 return;
00141 }
00142 byte[] hashedPass = SecurityManager.hash.hash(password.toCharArray());
00143 SecurityManager.store.store(new String(hashedPass));
00144 }
00145
00146 public boolean validateServicePass(String password) {
00147 if (password == null) {
00148 return false;
00149 }
00150 byte[] hashedPass = SecurityManager.hash.hash(password.toCharArray());
00151 byte[] hashedServicePass = SecurityManager.store.read();
00152 if (hashedPass != null && hashedPass.equals(hashedServicePass)) {
00153 return true;
00154 }
00155 return false;
00156 }
00157
00158 public boolean isInitializedPass() {
00159 byte[] pass = SecurityManager.store.read();
00160
00161 if (pass == null || pass.length == 0) {
00162 return false;
00163 }
00164
00165 return true;
00166 }
00167
00168 }