/* Generated version of this file copyright 2004 SO.MUS.AR. s.a.s. */ /* Original hand-written version of this source file Copyright 2003 Sun Microsystems, Inc. All rights reserved. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: - Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. - Redistribution in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. Neither the name of Sun Microsystems, Inc. or the names of contributors may be used to endorse or promote products derived from this software without specific prior written permission. This software is provided "AS IS," without a warranty of any kind. ALL EXPRESS OR IMPLIED CONDITIONS, REPRESENTATIONS AND WARRANTIES, INCLUDING ANY IMPLIED WARRANTY OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT, ARE HEREBY EXCLUDED. SUN AND ITS LICENSORS SHALL NOT BE LIABLE FOR ANY DAMAGES SUFFERED BY LICENSEE AS A RESULT OF USING, MODIFYING OR DISTRIBUTING THE SOFTWARE OR ITS DERIVATIVES. IN NO EVENT WILL SUN OR ITS LICENSORS BE LIABLE FOR ANY LOST REVENUE, PROFIT OR DATA, OR FOR DIRECT, INDIRECT, SPECIAL, CONSEQUENTIAL, INCIDENTAL OR PUNITIVE DAMAGES, HOWEVER CAUSED AND REGARDLESS OF THE THEORY OF LIABILITY, ARISING OUT OF THE USE OF OR INABILITY TO USE SOFTWARE, EVEN IF SUN HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. You acknowledge that Software is not designed, licensed or intended for use in the design, construction, operation or maintenance of any nuclear facility. */ package com.sun.j2ee.blueprints.signon.dao; import java.sql.Connection; import java.sql.PreparedStatement; import java.sql.ResultSet; import java.sql.SQLException; import javax.sql.DataSource; import javax.naming.InitialContext; import javax.naming.Context; import javax.naming.NamingException; import java.util.Locale; import java.util.ArrayList; import java.util.Iterator; import com.sun.j2ee.blueprints.util.tracer.Debug; import com.sun.j2ee.blueprints.util.dao.DAOUtils; import com.sun.j2ee.blueprints.util.dao.DAOSystemException; /** * This class implements UserDAO for Pointbase database. * This class encapsulates all the database access for the User. * It follows the Data Access Object pattern. */ public class PointbaseUserDAO implements UserDAO { // // ----- Molding step 1 // Generate SQL INSERT statement string if required by // LOGIC.default.queries // private final static String USER_INSERT_QUERY_STR = "INSERT INTO " + DatabaseNames.SIGNON_TABLE + "(username, password)" + " VALUES " + "(?, ?)"; // // ----- Molding step 2 // Generate SQL SELECT statement string if required by // LOGIC.default.queries // // // ----- Molding step 3 // Generate SQL SELECT statement string for duplicate // checks if required by LOGIC.default.queries // // // ----- Molding step 4 // Generate custom SQL query strings if required by LOGIC.query // private final static String MATCH_PASSWORD_SELECT_QUERY_STR = "SELECT " + "password" + " FROM " + DatabaseNames.SIGNON_TABLE + " WHERE " + "username = ?"; public PointbaseUserDAO() { } // // ----- Molding step 5 // Generate various database access methods depending on // generation requests listed in LOGIC.default.queries // // insert - Type 2 public void createUser( String userName, String password ) throws SignOnDAODupKeyException { PreparedStatement stmt = null; Connection dbConnection = null; try { dbConnection = DAOUtils.getDBConnection(JNDINames.SIGNON_DATASOURCE); stmt = dbConnection.prepareStatement(USER_INSERT_QUERY_STR); stmt.setString(1, userName.trim() ); stmt.setString(2, password.trim() ); int resultCount = stmt.executeUpdate(); if ( resultCount != 1 ) { // insert - Type 2: A DBUpdateException would probably be better throw new SignOnDAODupKeyException( "ERROR in USER_TABLE INSERT !! resultCount = " + resultCount); } } catch(SQLException se) { throw new DAOSystemException("SQLException while inserting new " + "user; key = " + userName + "\n", se); } finally { DAOUtils.closeStatement(stmt); DAOUtils.closeConnection(dbConnection); } } /** * @return true if userName already exists in database AND the * corresponding password in the database matches * the password parameter **/ public boolean matchPassword(String userName, String password) throws SignOnDAOFinderException, InvalidPasswordException{ Connection conn = null; PreparedStatement ps = null; ResultSet rs = null; try { conn = DAOUtils.getDBConnection(JNDINames.SIGNON_DATASOURCE); ps = conn.prepareStatement(MATCH_PASSWORD_SELECT_QUERY_STR); ps.setString(1, userName.trim()); rs = ps.executeQuery(); if(rs.next()) { if(!rs.getString(1).equals(password)) { throw new InvalidPasswordException("Password does not match"); } } else { throw new SignOnDAOFinderException("Unable to find user " + userName); } } catch (SQLException se) { throw new DAOSystemException(se); } finally { DAOUtils.closeResultSet(rs); DAOUtils.closeStatement(ps); DAOUtils.closeConnection(conn); } return(true); } }