Example 1 with User
use of com.keybox.manage.model.User in project KeyBox by skavanagh.
the class AuthDB method getUserByAuthToken.
/**
* returns user based on auth token
*
* @param authToken auth token
* @return user
*/
public static User getUserByAuthToken(String authToken) {
User user = null;
Connection con = null;
try {
con = DBUtils.getConn();
user = getUserByAuthToken(con, authToken);
} catch (Exception e) {
log.error(e.toString(), e);
} finally {
DBUtils.closeConn(con);
}
return user;
}
Also used :
User(com.keybox.manage.model.User)
Connection(java.sql.Connection)
Example 2 with User
use of com.keybox.manage.model.User in project KeyBox by skavanagh.
the class UserDB method getAdminUserSet.
/**
* returns all admin users based on sort order defined
* @param sortedSet object that defines sort order
* @profileId check if user is apart of given profile
* @return sorted user list
*/
public static SortedSet getAdminUserSet(SortedSet sortedSet, Long profileId) {
ArrayList<User> userList = new ArrayList<>();
String orderBy = "";
if (sortedSet.getOrderByField() != null && !sortedSet.getOrderByField().trim().equals("")) {
orderBy = "order by " + sortedSet.getOrderByField() + " " + sortedSet.getOrderByDirection();
}
String sql = "select u.*, m.profile_id from users u left join user_map m on m.user_id = u.id and m.profile_id = ? where u.user_type like '" + User.ADMINISTRATOR + "'" + orderBy;
Connection con = null;
try {
con = DBUtils.getConn();
PreparedStatement stmt = con.prepareStatement(sql);
stmt.setLong(1, profileId);
ResultSet rs = stmt.executeQuery();
while (rs.next()) {
User user = new User();
user.setId(rs.getLong("id"));
user.setFirstNm(rs.getString(FIRST_NM));
user.setLastNm(rs.getString(LAST_NM));
user.setEmail(rs.getString(EMAIL));
user.setUsername(rs.getString(USERNAME));
user.setPassword(rs.getString(PASSWORD));
user.setAuthType(rs.getString(AUTH_TYPE));
user.setUserType(rs.getString(USER_TYPE));
if (profileId != null && profileId.equals(rs.getLong(PROFILE_ID))) {
user.setChecked(true);
} else {
user.setChecked(false);
}
userList.add(user);
}
DBUtils.closeRs(rs);
DBUtils.closeStmt(stmt);
} catch (Exception e) {
log.error(e.toString(), e);
} finally {
DBUtils.closeConn(con);
}
sortedSet.setItemList(userList);
return sortedSet;
}
Also used :
User(com.keybox.manage.model.User)
ArrayList(java.util.ArrayList)
Connection(java.sql.Connection)
ResultSet(java.sql.ResultSet)
PreparedStatement(java.sql.PreparedStatement)
Example 3 with User
use of com.keybox.manage.model.User in project KeyBox by skavanagh.
the class UserDB method getUserSet.
/**
* returns users based on sort order defined
* @param sortedSet object that defines sort order
* @return sorted user list
*/
public static SortedSet getUserSet(SortedSet sortedSet) {
ArrayList<User> userList = new ArrayList<>();
String orderBy = "";
if (sortedSet.getOrderByField() != null && !sortedSet.getOrderByField().trim().equals("")) {
orderBy = "order by " + sortedSet.getOrderByField() + " " + sortedSet.getOrderByDirection();
}
String sql = "select * from users " + orderBy;
Connection con = null;
try {
con = DBUtils.getConn();
PreparedStatement stmt = con.prepareStatement(sql);
ResultSet rs = stmt.executeQuery();
while (rs.next()) {
User user = new User();
user.setId(rs.getLong("id"));
user.setFirstNm(rs.getString(FIRST_NM));
user.setLastNm(rs.getString(LAST_NM));
user.setEmail(rs.getString(EMAIL));
user.setUsername(rs.getString(USERNAME));
user.setPassword(rs.getString(PASSWORD));
user.setAuthType(rs.getString(AUTH_TYPE));
user.setUserType(rs.getString(USER_TYPE));
userList.add(user);
}
DBUtils.closeRs(rs);
DBUtils.closeStmt(stmt);
} catch (Exception e) {
log.error(e.toString(), e);
} finally {
DBUtils.closeConn(con);
}
sortedSet.setItemList(userList);
return sortedSet;
}
Also used :
User(com.keybox.manage.model.User)
ArrayList(java.util.ArrayList)
Connection(java.sql.Connection)
ResultSet(java.sql.ResultSet)
PreparedStatement(java.sql.PreparedStatement)
Example 4 with User
use of com.keybox.manage.model.User in project KeyBox by skavanagh.
the class AuthDB method getUserByAuthToken.
/**
* returns user id based on auth token
*
* @param authToken auth token
* @param con DB connection
* @return user
*/
public static User getUserByAuthToken(Connection con, String authToken) {
User user = null;
try {
PreparedStatement stmt = con.prepareStatement("select * from users where auth_token like ?");
stmt.setString(1, authToken);
ResultSet rs = stmt.executeQuery();
if (rs.next()) {
Long userId = rs.getLong("id");
user = UserDB.getUser(con, userId);
}
DBUtils.closeRs(rs);
DBUtils.closeStmt(stmt);
} catch (Exception e) {
log.error(e.toString(), e);
}
return user;
}
Also used :
User(com.keybox.manage.model.User)
ResultSet(java.sql.ResultSet)
PreparedStatement(java.sql.PreparedStatement)
Example 5 with User
use of com.keybox.manage.model.User in project KeyBox by skavanagh.
the class LoginAction method loginSubmit.
@Action(value = "/loginSubmit", results = { @Result(name = "input", location = "/login.jsp"), @Result(name = "change_password", location = "/admin/userSettings.action", type = "redirect"), @Result(name = "otp", location = "/admin/viewOTP.action", type = "redirect"), @Result(name = "success", location = "/admin/menu.action", type = "redirect") })
public String loginSubmit() {
String retVal = SUCCESS;
String authToken = AuthDB.login(auth);
//get client IP
String clientIP = null;
if (StringUtils.isNotEmpty(AppConfig.getProperty("clientIPHeader"))) {
clientIP = servletRequest.getHeader(AppConfig.getProperty("clientIPHeader"));
}
if (StringUtils.isEmpty(clientIP)) {
clientIP = servletRequest.getRemoteAddr();
}
if (authToken != null) {
User user = AuthDB.getUserByAuthToken(authToken);
if (user != null) {
String sharedSecret = null;
if (otpEnabled) {
sharedSecret = AuthDB.getSharedSecret(user.getId());
if (StringUtils.isNotEmpty(sharedSecret) && (auth.getOtpToken() == null || !OTPUtil.verifyToken(sharedSecret, auth.getOtpToken()))) {
loginAuditLogger.info(auth.getUsername() + " (" + clientIP + ") - " + AUTH_ERROR);
addActionError(AUTH_ERROR);
return INPUT;
}
}
//check to see if admin has any assigned profiles
if (!User.MANAGER.equals(user.getUserType()) && (user.getProfileList() == null || user.getProfileList().size() <= 0)) {
loginAuditLogger.info(auth.getUsername() + " (" + clientIP + ") - " + AUTH_ERROR_NO_PROFILE);
addActionError(AUTH_ERROR_NO_PROFILE);
return INPUT;
}
AuthUtil.setAuthToken(servletRequest.getSession(), authToken);
AuthUtil.setUserId(servletRequest.getSession(), user.getId());
AuthUtil.setAuthType(servletRequest.getSession(), user.getAuthType());
AuthUtil.setTimeout(servletRequest.getSession());
//for first time login redirect to set OTP
if (otpEnabled && StringUtils.isEmpty(sharedSecret)) {
retVal = "otp";
} else if ("changeme".equals(auth.getPassword()) && Auth.AUTH_BASIC.equals(user.getAuthType())) {
retVal = "change_password";
}
loginAuditLogger.info(auth.getUsername() + " (" + clientIP + ") - Authentication Success");
}
} else {
loginAuditLogger.info(auth.getUsername() + " (" + clientIP + ") - " + AUTH_ERROR);
addActionError(AUTH_ERROR);
retVal = INPUT;
}
return retVal;
}Aggregations
User (com.keybox.manage.model.User)9
Connection (java.sql.Connection)5
PreparedStatement (java.sql.PreparedStatement)5
ResultSet (java.sql.ResultSet)5
ArrayList (java.util.ArrayList)2
IOException (java.io.IOException)1
Principal (java.security.Principal)1
Subject (javax.security.auth.Subject)1
LoginContext (javax.security.auth.login.LoginContext)1
LoginException (javax.security.auth.login.LoginException)1
Action (org.apache.struts2.convention.annotation.Action)1
