Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <ui:composition xmlns="http://www.w3.org/1999/xhtml"
- xmlns:f="http://xmlns.jcp.org/jsf/core"
- xmlns:c="http://xmlns.jcp.org/jsp/jstl/core"
- xmlns:h="http://xmlns.jcp.org/jsf/html"
- xmlns:ui="http://xmlns.jcp.org/jsf/facelets"
- xmlns:pt="http://xmlns.jcp.org/jsf/passthrough"
- xmlns:jsf="http://xmlns.jcp.org/jsf"
- xmlns:p="http://primefaces.org/ui"
- xmlns:o="http://omnifaces.org/ui"
- xmlns:of="http://omnifaces.org/functions">
- <h:form id="create_encrypted_password">
- <p:growl id="growl" showDetail="true"/>
- <p:fieldset legend="Create Encrypted Password." style="margin-bottom:20px">
- <h:panelGrid columns="2" cellpadding="5">
- <p:outputLabel
- value="Select employee (requires minimum of 3 characters):"
- for="acEmployee"/>
- <p:autoComplete id="acEmployee" minQueryLength="3" value="#{encryptPasswordView.empNameSurname}"
- completeMethod="#{encryptPasswordView.acEmployee}" autoHighlight="true" dropdown="true"
- maxResults="15" forceSelection="true" size="50"
- placeholder="Type the employee number, name or surname to start the search"
- title="Enter employee details" required="true"
- requiredMessage="A user must be selected."/>
- <p:outputLabel for="plain_text_password" value="Plain text password"/>
- <p:inputText id="plain_text_password" value="#{encryptPasswordView.plainTextPassword}" required="true"
- requiredMessage="Password field may not be empty" label="Enter password: "
- placeholder="Enter new password to be encrypted"
- title="Password must have 8 or more characters, with at least one digit, one upper case letter, one lower case letter and one special symbol (“@#$%”)"
- size="40"/>
- <p:commandButton value="Encrypt and write password" id="encrypt_password" update="growl"
- action="#{encryptPasswordView.persistEncyptedPassword()}"
- styleClass="ui-priority-primary">
- <f:ajax execute="@form" listener="#{encryptPasswordView.persistEncyptedPassword()}" render="@form"/>
- </p:commandButton>
- </h:panelGrid>
- </p:fieldset>
- <p:dialog header="Password strength insufficient." widgetVar="pwdDlg" draggable="false" resizable="false"
- visible="false">
- <h:outputText
- value="Password must have 8 or more characters, with at least one digit, one upper case letter, one lower case letter and one special symbol (“@#$%”)"/>
- </p:dialog>
- </h:form>
- </ui:composition>
- package com.megchemsa.view.shiro;
- import com.megchemsa.controller.shiro.EncryptPasswordService;
- import org.apache.logging.log4j.LogManager;
- import org.apache.logging.log4j.Logger;
- import org.jetbrains.annotations.NotNull;
- import org.omnifaces.cdi.ViewScoped;
- import org.primefaces.context.RequestContext;
- import javax.annotation.PostConstruct;
- import javax.inject.Inject;
- import javax.inject.Named;
- import javax.persistence.EntityManager;
- import javax.persistence.PersistenceContext;
- import javax.persistence.Query;
- import java.io.Serializable;
- import java.util.List;
- @SuppressWarnings("WeakerAccess")
- @edu.umd.cs.findbugs.annotations.SuppressFBWarnings("NP_NULL_ON_SOME_PATH")
- @Named
- @ViewScoped
- public class EncryptPasswordView implements Serializable {
- private static final long serialVersionUID = 1L;
- @PersistenceContext(unitName = "PostgresDS")
- private EntityManager em;
- private List<String> empNameSurnameList;
- private String empNameSurname;
- private String plainTextPassword;
- private String encryptedPassword;
- private boolean isFirstRun;
- private final static Logger log = LogManager.getLogger(EncryptPasswordView.class.getName());
- @Inject
- private transient EncryptPasswordService encryptPasswordService;
- @PostConstruct
- public void init() {
- Query query = em.createQuery("SELECT emp.empNameSurname FROM EmpNameSurnameEntity emp ORDER BY emp.empNameSurname asc");
- //noinspection unchecked
- this.empNameSurnameList = query.getResultList();
- this.plainTextPassword = "";
- this.encryptedPassword = "";
- this.empNameSurname = "";
- this.isFirstRun = true;
- this.encryptPasswordService = new EncryptPasswordService();
- log.info("PostConstruct completed");
- }
- public List<String> acEmployee(@NotNull String queryIn) {
- Query query = em.createQuery("SELECT emp.empNameSurname FROM EmpNameSurnameEntity emp WHERE UPPER(emp.empNameSurname) LIKE :keyword ORDER BY emp.empNameSurname asc");
- query.setParameter("keyword", "%" + queryIn.toUpperCase() + "%");
- //noinspection unchecked
- return this.empNameSurnameList = query.getResultList();
- }
- public void persistEncyptedPassword() {
- if (this.isFirstRun) {
- this.isFirstRun = false;
- log.info("First run check completed");
- return;
- }
- if (this.encryptPasswordService.validatePassword(this.plainTextPassword)) {
- log.info("Password check succesful");
- this.encryptPasswordService.persistEncyptedPassword(this.empNameSurname, this.plainTextPassword);
- } else {
- log.info("Password check not succesful");
- RequestContext pfContext = RequestContext.getCurrentInstance();
- pfContext.execute("PF('pwdDlg').show();");
- }
- }
- public EntityManager getEm() {
- return em;
- }
- public void setEm(EntityManager em) {
- this.em = em;
- }
- public boolean isFirstRun() {
- return isFirstRun;
- }
- public void setFirstRun(boolean firstRun) {
- isFirstRun = firstRun;
- }
- public EncryptPasswordService getEncryptPasswordService() {
- return encryptPasswordService;
- }
- public void setEncryptPasswordService(EncryptPasswordService encryptPasswordService) {
- this.encryptPasswordService = encryptPasswordService;
- }
- public List<String> getEmpNameSurnameList() {
- return empNameSurnameList;
- }
- public void setEmpNameSurnameList(List<String> empNameSurnameList) {
- this.empNameSurnameList = empNameSurnameList;
- }
- public String getEmpNameSurname() {
- return empNameSurname;
- }
- public void setEmpNameSurname(String empNameSurname) {
- this.empNameSurname = empNameSurname;
- }
- public String getPlainTextPassword() {
- return plainTextPassword;
- }
- public void setPlainTextPassword(String plainTextPassword) {
- this.plainTextPassword = plainTextPassword;
- }
- public String getEncryptedPassword() {
- return encryptedPassword;
- }
- public void setEncryptedPassword(String encryptedPassword) {
- this.encryptedPassword = encryptedPassword;
- }
- }
- package com.megchemsa.controller.shiro;
- import com.megchemsa.model.shiro.UserLoginDetailsEntity;
- import com.megchemsa.utility.PasswordValidator;
- import org.apache.commons.lang3.StringUtils;
- import org.apache.logging.log4j.LogManager;
- import org.apache.logging.log4j.Logger;
- import org.jetbrains.annotations.NotNull;
- import org.apache.shiro.crypto.hash.Sha512Hash;
- import javax.annotation.PostConstruct;
- import javax.ejb.Stateful;
- import javax.faces.bean.SessionScoped;
- import javax.inject.Inject;
- import javax.persistence.EntityManager;
- import javax.persistence.PersistenceContext;
- @SessionScoped
- @Stateful()
- public class EncryptPasswordService {
- private final static Logger log = LogManager.getLogger(EncryptPasswordService.class.getName());
- private static final String PASSWORD_SALT = "*&^%$#@!!@#$%^&*SALTED_and_PEPPER*&^%$#@!!@#$%^&*";
- private static final int HASH_ITTERATIONS = 10000;
- private String encryptedPassword;
- private String[] strs;
- private long empAid;
- @Inject
- private PasswordValidator passwordValidator;
- private UserLoginDetailsEntity userLoginDetailsEntity;
- @PersistenceContext(unitName = "PostgresDS")
- EntityManager em;
- @PostConstruct
- private void init() {
- this.passwordValidator = new PasswordValidator();
- this.encryptedPassword = "";
- this.strs = new String[]{"empAid", "empInitials", "empFullFirstNames", "empLastName"};
- this.empAid = 0L;
- }
- public EncryptPasswordService() {
- }
- @NotNull
- public static String getPasswordSalt() {
- return PASSWORD_SALT;
- }
- public static int getHashItterations() {
- return HASH_ITTERATIONS;
- }
- public boolean validatePassword(@NotNull String plainTextPassword) {
- this.passwordValidator = new PasswordValidator();
- return this.passwordValidator.validate(plainTextPassword);
- }
- public void persistEncyptedPassword(String empNameSurname, String ptPwd) {
- log.info("Value of ptPwd is: " + ptPwd);
- this.encryptedPassword = passwordSaltHasher(ptPwd);
- log.info("Value of encrypted password is:" + this.encryptedPassword);
- this.strs = StringUtils.split(empNameSurname, ",");
- this.empAid = Long.parseLong(strs[0]);
- log.info("empAid converted to long: " + this.getEmpAid());
- em.getTransaction().begin();
- userLoginDetailsEntity = em.find(UserLoginDetailsEntity.class, this.empAid);
- log.info("User: " + userLoginDetailsEntity.getEmpUsername() + " plain text password: " + ptPwd + " encrypted to: " + this.encryptedPassword);
- userLoginDetailsEntity.setEmpPassword(this.encryptedPassword);
- em.getTransaction().commit();
- }
- private String passwordSaltHasher(String ptPwd) {
- this.encryptedPassword = new Sha512Hash(ptPwd, PASSWORD_SALT, HASH_ITTERATIONS).toHex();
- return this.encryptedPassword;
- }
- public String getEncryptedPassword() {
- return encryptedPassword;
- }
- public void setEncryptedPassword(String encryptedPassword) {
- this.encryptedPassword = encryptedPassword;
- }
- public String[] getStrs() {
- return strs;
- }
- public void setStrs(String[] strs) {
- this.strs = strs;
- }
- public long getEmpAid() {
- return empAid;
- }
- public void setEmpAid(long empAid) {
- this.empAid = empAid;
- }
- }
Add Comment
Please, Sign In to add comment