API tools faq
paste
Guest User

Untitled

a guest
Jan 6th, 2018
160
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 10.42 KB | None | 0 0
raw download clone embed print report
  1. <ui:composition xmlns="http://www.w3.org/1999/xhtml"
  2. xmlns:f="http://xmlns.jcp.org/jsf/core"
  3. xmlns:c="http://xmlns.jcp.org/jsp/jstl/core"
  4. xmlns:h="http://xmlns.jcp.org/jsf/html"
  5. xmlns:ui="http://xmlns.jcp.org/jsf/facelets"
  6. xmlns:pt="http://xmlns.jcp.org/jsf/passthrough"
  7. xmlns:jsf="http://xmlns.jcp.org/jsf"
  8. xmlns:p="http://primefaces.org/ui"
  9. xmlns:o="http://omnifaces.org/ui"
  10. xmlns:of="http://omnifaces.org/functions">
  11. <h:form id="create_encrypted_password">
  12. <p:growl id="growl" showDetail="true"/>
  13. <p:fieldset legend="Create Encrypted Password." style="margin-bottom:20px">
  14. <h:panelGrid columns="2" cellpadding="5">
  15. <p:outputLabel
  16. value="Select employee (requires minimum of 3 characters):"
  17. for="acEmployee"/>
  18. <p:autoComplete id="acEmployee" minQueryLength="3" value="#{encryptPasswordView.empNameSurname}"
  19. completeMethod="#{encryptPasswordView.acEmployee}" autoHighlight="true" dropdown="true"
  20. maxResults="15" forceSelection="true" size="50"
  21. placeholder="Type the employee number, name or surname to start the search"
  22. title="Enter employee details" required="true"
  23. requiredMessage="A user must be selected."/>
  24. <p:outputLabel for="plain_text_password" value="Plain text password"/>
  25. <p:inputText id="plain_text_password" value="#{encryptPasswordView.plainTextPassword}" required="true"
  26. requiredMessage="Password field may not be empty" label="Enter password: "
  27. placeholder="Enter new password to be encrypted"
  28. title="Password must have 8 or more characters, with at least one digit, one upper case letter, one lower case letter and one special symbol (“@#$%”)"
  29. size="40"/>
  30. <p:commandButton value="Encrypt and write password" id="encrypt_password" update="growl"
  31. action="#{encryptPasswordView.persistEncyptedPassword()}"
  32. styleClass="ui-priority-primary">
  33. <f:ajax execute="@form" listener="#{encryptPasswordView.persistEncyptedPassword()}" render="@form"/>
  34. </p:commandButton>
  35. </h:panelGrid>
  36. </p:fieldset>
  37. <p:dialog header="Password strength insufficient." widgetVar="pwdDlg" draggable="false" resizable="false"
  38. visible="false">
  39. <h:outputText
  40. value="Password must have 8 or more characters, with at least one digit, one upper case letter, one lower case letter and one special symbol (“@#$%”)"/>
  41. </p:dialog>
  42. </h:form>
  43. </ui:composition>
  44.  
  45. package com.megchemsa.view.shiro;
  46.  
  47. import com.megchemsa.controller.shiro.EncryptPasswordService;
  48. import org.apache.logging.log4j.LogManager;
  49. import org.apache.logging.log4j.Logger;
  50. import org.jetbrains.annotations.NotNull;
  51. import org.omnifaces.cdi.ViewScoped;
  52. import org.primefaces.context.RequestContext;
  53.  
  54. import javax.annotation.PostConstruct;
  55. import javax.inject.Inject;
  56. import javax.inject.Named;
  57. import javax.persistence.EntityManager;
  58. import javax.persistence.PersistenceContext;
  59. import javax.persistence.Query;
  60. import java.io.Serializable;
  61. import java.util.List;
  62.  
  63. @SuppressWarnings("WeakerAccess")
  64. @edu.umd.cs.findbugs.annotations.SuppressFBWarnings("NP_NULL_ON_SOME_PATH")
  65. @Named
  66. @ViewScoped
  67. public class EncryptPasswordView implements Serializable {
  68.  
  69. private static final long serialVersionUID = 1L;
  70.  
  71. @PersistenceContext(unitName = "PostgresDS")
  72. private EntityManager em;
  73. private List<String> empNameSurnameList;
  74. private String empNameSurname;
  75. private String plainTextPassword;
  76. private String encryptedPassword;
  77. private boolean isFirstRun;
  78. private final static Logger log = LogManager.getLogger(EncryptPasswordView.class.getName());
  79.  
  80. @Inject
  81. private transient EncryptPasswordService encryptPasswordService;
  82.  
  83. @PostConstruct
  84. public void init() {
  85. Query query = em.createQuery("SELECT emp.empNameSurname FROM EmpNameSurnameEntity emp ORDER BY emp.empNameSurname asc");
  86. //noinspection unchecked
  87. this.empNameSurnameList = query.getResultList();
  88. this.plainTextPassword = "";
  89. this.encryptedPassword = "";
  90. this.empNameSurname = "";
  91. this.isFirstRun = true;
  92. this.encryptPasswordService = new EncryptPasswordService();
  93. log.info("PostConstruct completed");
  94. }
  95.  
  96. public List<String> acEmployee(@NotNull String queryIn) {
  97. Query query = em.createQuery("SELECT emp.empNameSurname FROM EmpNameSurnameEntity emp WHERE UPPER(emp.empNameSurname) LIKE :keyword ORDER BY emp.empNameSurname asc");
  98. query.setParameter("keyword", "%" + queryIn.toUpperCase() + "%");
  99. //noinspection unchecked
  100. return this.empNameSurnameList = query.getResultList();
  101. }
  102.  
  103. public void persistEncyptedPassword() {
  104. if (this.isFirstRun) {
  105. this.isFirstRun = false;
  106. log.info("First run check completed");
  107. return;
  108. }
  109. if (this.encryptPasswordService.validatePassword(this.plainTextPassword)) {
  110. log.info("Password check succesful");
  111. this.encryptPasswordService.persistEncyptedPassword(this.empNameSurname, this.plainTextPassword);
  112. } else {
  113. log.info("Password check not succesful");
  114. RequestContext pfContext = RequestContext.getCurrentInstance();
  115. pfContext.execute("PF('pwdDlg').show();");
  116. }
  117. }
  118.  
  119. public EntityManager getEm() {
  120. return em;
  121. }
  122.  
  123. public void setEm(EntityManager em) {
  124. this.em = em;
  125. }
  126.  
  127. public boolean isFirstRun() {
  128. return isFirstRun;
  129. }
  130.  
  131. public void setFirstRun(boolean firstRun) {
  132. isFirstRun = firstRun;
  133. }
  134.  
  135. public EncryptPasswordService getEncryptPasswordService() {
  136. return encryptPasswordService;
  137. }
  138.  
  139. public void setEncryptPasswordService(EncryptPasswordService encryptPasswordService) {
  140. this.encryptPasswordService = encryptPasswordService;
  141. }
  142.  
  143. public List<String> getEmpNameSurnameList() {
  144. return empNameSurnameList;
  145. }
  146.  
  147. public void setEmpNameSurnameList(List<String> empNameSurnameList) {
  148. this.empNameSurnameList = empNameSurnameList;
  149. }
  150.  
  151. public String getEmpNameSurname() {
  152. return empNameSurname;
  153. }
  154.  
  155. public void setEmpNameSurname(String empNameSurname) {
  156. this.empNameSurname = empNameSurname;
  157. }
  158.  
  159. public String getPlainTextPassword() {
  160. return plainTextPassword;
  161. }
  162.  
  163. public void setPlainTextPassword(String plainTextPassword) {
  164. this.plainTextPassword = plainTextPassword;
  165. }
  166.  
  167. public String getEncryptedPassword() {
  168. return encryptedPassword;
  169. }
  170.  
  171. public void setEncryptedPassword(String encryptedPassword) {
  172. this.encryptedPassword = encryptedPassword;
  173. }
  174. }
  175.  
  176. package com.megchemsa.controller.shiro;
  177.  
  178. import com.megchemsa.model.shiro.UserLoginDetailsEntity;
  179. import com.megchemsa.utility.PasswordValidator;
  180. import org.apache.commons.lang3.StringUtils;
  181. import org.apache.logging.log4j.LogManager;
  182. import org.apache.logging.log4j.Logger;
  183. import org.jetbrains.annotations.NotNull;
  184. import org.apache.shiro.crypto.hash.Sha512Hash;
  185.  
  186. import javax.annotation.PostConstruct;
  187. import javax.ejb.Stateful;
  188. import javax.faces.bean.SessionScoped;
  189. import javax.inject.Inject;
  190. import javax.persistence.EntityManager;
  191. import javax.persistence.PersistenceContext;
  192.  
  193. @SessionScoped
  194. @Stateful()
  195. public class EncryptPasswordService {
  196.  
  197. private final static Logger log = LogManager.getLogger(EncryptPasswordService.class.getName());
  198. private static final String PASSWORD_SALT = "*&^%$#@!!@#$%^&*SALTED_and_PEPPER*&^%$#@!!@#$%^&*";
  199. private static final int HASH_ITTERATIONS = 10000;
  200. private String encryptedPassword;
  201. private String[] strs;
  202. private long empAid;
  203.  
  204. @Inject
  205. private PasswordValidator passwordValidator;
  206. private UserLoginDetailsEntity userLoginDetailsEntity;
  207.  
  208. @PersistenceContext(unitName = "PostgresDS")
  209. EntityManager em;
  210.  
  211. @PostConstruct
  212. private void init() {
  213. this.passwordValidator = new PasswordValidator();
  214. this.encryptedPassword = "";
  215. this.strs = new String[]{"empAid", "empInitials", "empFullFirstNames", "empLastName"};
  216. this.empAid = 0L;
  217. }
  218.  
  219. public EncryptPasswordService() {
  220. }
  221.  
  222. @NotNull
  223. public static String getPasswordSalt() {
  224. return PASSWORD_SALT;
  225. }
  226.  
  227. public static int getHashItterations() {
  228. return HASH_ITTERATIONS;
  229. }
  230.  
  231. public boolean validatePassword(@NotNull String plainTextPassword) {
  232. this.passwordValidator = new PasswordValidator();
  233. return this.passwordValidator.validate(plainTextPassword);
  234. }
  235.  
  236. public void persistEncyptedPassword(String empNameSurname, String ptPwd) {
  237. log.info("Value of ptPwd is: " + ptPwd);
  238. this.encryptedPassword = passwordSaltHasher(ptPwd);
  239. log.info("Value of encrypted password is:" + this.encryptedPassword);
  240. this.strs = StringUtils.split(empNameSurname, ",");
  241. this.empAid = Long.parseLong(strs[0]);
  242. log.info("empAid converted to long: " + this.getEmpAid());
  243. em.getTransaction().begin();
  244. userLoginDetailsEntity = em.find(UserLoginDetailsEntity.class, this.empAid);
  245. log.info("User: " + userLoginDetailsEntity.getEmpUsername() + " plain text password: " + ptPwd + " encrypted to: " + this.encryptedPassword);
  246. userLoginDetailsEntity.setEmpPassword(this.encryptedPassword);
  247. em.getTransaction().commit();
  248. }
  249.  
  250. private String passwordSaltHasher(String ptPwd) {
  251. this.encryptedPassword = new Sha512Hash(ptPwd, PASSWORD_SALT, HASH_ITTERATIONS).toHex();
  252. return this.encryptedPassword;
  253. }
  254.  
  255. public String getEncryptedPassword() {
  256. return encryptedPassword;
  257. }
  258.  
  259. public void setEncryptedPassword(String encryptedPassword) {
  260. this.encryptedPassword = encryptedPassword;
  261. }
  262.  
  263. public String[] getStrs() {
  264. return strs;
  265. }
  266.  
  267. public void setStrs(String[] strs) {
  268. this.strs = strs;
  269. }
  270.  
  271. public long getEmpAid() {
  272. return empAid;
  273. }
  274.  
  275. public void setEmpAid(long empAid) {
  276. this.empAid = empAid;
  277. }
  278. }
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!