SessionLoginManager.java

00001 /*
00002  * OpenMobileIS - a free Java(TM) Framework for mobile applications Java(TM)
00003  * Copyright (C) 2004-2006 Philippe Delrieu
00004  * All rights reserved.
00005  * Contact: pdelrieu@openmobileis.org
00006  *
00007  * This library is free software; you can redistribute it and/or
00008  * modify it under the terms of the GNU Lesser General Public
00009  * License as published by the Free Software Foundation; either
00010  * version 2.1 of the License, or any later version.
00011  *
00012  * This library is distributed in the hope that it will be useful,
00013  * but WITHOUT ANY WARRANTY; without even the implied warranty of
00014  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
00015  * Lesser General Public License for more details.
00016  *
00017  * You should have received a copy of the GNU Lesser General Public
00018  * License along with this library; if not, write to the Free Software
00019  * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307
00020  * USA
00021  *
00022  *  Author : Philippe Delrieu
00023  *
00024  *  Modifications :
00025  *  2004 Creation P.Delrieu
00026  *  2004 Modified by Romain Beaugrand
00027  *
00028  */
00029 
00030 package org.openmobileis.services.security;
00031 
00032 
00033 import org.openmobileis.common.context.ApplicationContextManager;
00034 import org.openmobileis.common.util.PropertiesManager;
00035 import org.openmobileis.common.util.log.LogManager;
00036 import org.openmobileis.common.util.log.LogServices;
00037 
00045 public class SessionLoginManager {
00046         private static SessionLoginManager manager;
00047         private long passwordTime = 0;
00048         private long maxTimeout = 0;
00049         private String tempPass = "";
00050 
00051         private static SecurityStore store;
00052         private static SecurityHash hash;
00053         protected boolean inited = false;
00054 
00059         protected SessionLoginManager() {
00060                 super();
00061                 if (SessionLoginManager.store == null) {
00062                 SessionLoginManager.registerSecurityStore(new DefaultSecurityStore());
00063                 }
00064                 if (SessionLoginManager.hash == null) {
00065                 SessionLoginManager.registerSecurityHash(new DefaultSecurityHash());
00066                 }
00067                 String prop = PropertiesManager.getManager().getProperty("org.openmobileis.service.session.forcepass");
00068                 if (prop!= null && prop.equals("true")) inited = true;
00069                 String timeout = PropertiesManager.getManager().getProperty("org.openmobileis.service.session.timeout");
00070                 if (timeout != null)    {
00071                         maxTimeout = Integer.parseInt(timeout)*60*1000;
00072                 }
00073         }
00074 
00075         public static void registerSecurityStore(SecurityStore newStore) {
00076               synchronized(SessionLoginManager.class) {
00077                   SessionLoginManager.store = newStore;
00078               }
00079         }
00080 
00081         public static void registerSecurityHash(SecurityHash newHash) {
00082               synchronized(SessionLoginManager.class) {
00083                   SessionLoginManager.hash = newHash;
00084               }
00085         }
00086 
00087         public static SessionLoginManager getManager()  {
00088             if (manager == null)  {
00089                 synchronized(SessionLoginManager.class) {
00090                   if (manager == null)  {
00091                     manager = new SessionLoginManager();
00092                     ApplicationContextManager.getManager().addManager(manager);
00093                   }
00094                 }
00095               }
00096             return manager;
00097         }
00098 
00099         public long getMaxTimeout()     {
00100                 return maxTimeout;
00101         }
00102 
00103         public boolean isServiceCallElapseTime()        {
00104                 long currentTime  = System.currentTimeMillis();
00105                 long elapse = currentTime - passwordTime;
00106                 if (elapse >maxTimeout) {
00107       tempPass = "";
00108                         return true;
00109                 }
00110                 return false;
00111         }
00112 
00113         public String getSessionPassword()      {
00114                 return tempPass;
00115         }
00116 
00117         public void clearSessionPass()  {
00118                 tempPass ="";
00119                 SessionLoginManager.store.clear();
00120         }
00121 
00122         public void setServiceCall()    {
00123                 passwordTime  = System.currentTimeMillis();
00124         }
00125 
00126         public boolean changeSessionPass(String newpassword) {
00127             // SAVE NEW PASSWORD
00128             if (newpassword == null || newpassword.trim().length() == 0) {
00129                 LogManager.traceWarning(LogServices.SECURITYSERVICE, "SecurityManager::changeSessionPass : newpassword is null or empty");
00130                     tempPass = "";
00131                 return false;
00132             }
00133             this.setSessionPass(newpassword);
00134             tempPass = newpassword;
00135             return true;
00136         }
00137 
00138         private void setSessionPass(String password)    {
00139                 if (inited)     {
00140                         byte[] hashedPass = SessionLoginManager.hash.hash(password.getBytes());
00141                         SessionLoginManager.store.store(new String(hashedPass));
00142                 }
00143         }
00144 
00145         public boolean validateSessionPass(String password) {
00146             if (password == null) {
00147                 tempPass = "";
00148               return false;
00149             }
00150             String hashedPass = new String(SessionLoginManager.hash.hash(password.getBytes()));
00151             String hashedServicePass = new String(SessionLoginManager.store.read());
00152             if (hashedPass != null && hashedPass.equals(hashedServicePass)) {
00153         tempPass = password;
00154               return true;
00155             }
00156             tempPass = "";
00157             return false;
00158         }
00159 
00160         public boolean isInitializedPass() {
00161             byte[] pass = SessionLoginManager.store.read();
00162 
00163             if (pass == null || pass.length == 0) {
00164                 return false;
00165             }
00166 
00167             return true;
00168         }
00169         
00170         public void resetElapsedTime()  {
00171                 this.passwordTime = 0;
00172         }
00173 
00174 }

Generated on Mon Jan 14 17:29:49 2008 for OpenMobileIS by  doxygen 1.5.4