NC6 用户账号密码加密工具类
RBAC用户密码工具类:
package nc.vo.uap.rbac.util;import java.util.Collection;
import java.util.regex.Matcher;
import java.util.regex.Pattern;import org.apache.commons.codec.digest.DigestUtils;
import org.apache.commons.lang.StringUtils;import nc.bcmanage.superadm.bs.SuperADMCache;
import nc.bcmanage.vo.SuperAdminVO;
import nc.bs.dao.BaseDAO;
import nc.bs.framework.common.InvocationInfoProxy;
import nc.bs.logging.Logger;
import nc.bs.uif2.BusinessExceptionAdapter;
import nc.jdbc.framework.SQLParameter;
import nc.login.vo.INCUserTypeConstant;
import nc.vo.framework.rsa.Encode;
import nc.vo.pub.BusinessException;
import nc.vo.sm.UserVO;/*** RBAC用户密码工具* @author hanyw1* @since uap6.1*/
public class RbacUserPwdUtil {/**为了能区分用户密码是否被md5加密完,在被md5加密的串前面加前缀**/public final static String MD5PWD_PREFIX = "U_U++--V";//最初的密码前缀过于简单,但为了兼容先保持一段时间。 逐渐替换@Deprecatedpublic final static String MD5PWD_PREFIX_Deprecated = "md5";/*** 获取大小写字母和数字混搭的8位长度随机密码* @return*/public static String getRandomSeq() {StringBuffer buff = new StringBuffer();int index = 0;for (int i = 0; i < 8; i++) {int random = (int) (Math.random() * 1000);if (i >= 3) {index = random % 3;} else {index = i;}switch (index) {case 0:buff.append((char) (97 + random % 26));break;case 1:buff.append((char) (65 + random % 26));break; case 2:buff.append((char) (48 + random % 10));break;}}return buff.toString();}// 校验密码中必须包含一个字母和数字public boolean checkPwdType(String pwd) {String regExABC = "a|b|c|d|e|f|g|h|i|j|k|l|m|n|o|p|q|r|s|t|u|v|w|x|y|z|" +"A|B|C|D|E|F|G|H|I|J|K|L|M|N|O|P|Q|R|S|T|U|V|W|X|Y|Z";Pattern patABC = Pattern.compile(regExABC);Matcher matABC = patABC.matcher(pwd); String regEx123 = "0|1|2|3|4|5|6|7|8|9";Pattern pat123 = Pattern.compile(regEx123);Matcher mat123 = pat123.matcher(pwd);return matABC.find() && mat123.find();}/*** 校验用户密码(仅是静态密码加密后的简单比对)* @param user 用户VO* @param expresslyPWD 待校验明文密码* @return 校验通过返回 true, 校验不通过返回 false*/public static boolean checkUserPassword(UserVO user,String expresslyPWD) {if(user == null)return false;String userActualCodecPwd = getUserActualCodecPwd(user);Integer user_type = user.getUser_type();//非超级管理员密码不能为空,超级管理员密码可能为空if(user_type != null && user_type != INCUserTypeConstant.USER_TYPE_SUPER_ADM && (StringUtils.isBlank(userActualCodecPwd) || StringUtils.isBlank(expresslyPWD)) )return false;try{String toCheckCodecPwd = getEncodedPassword(user, expresslyPWD);boolean isValidByMD5 = userActualCodecPwd.equals(toCheckCodecPwd);if(!isValidByMD5){//兼容旧前缀boolean checkByOldPrefix = checkByMD5WithOldPrefix(user, expresslyPWD,userActualCodecPwd);if(checkByOldPrefix)return checkByOldPrefix;if(user_type == INCUserTypeConstant.USER_TYPE_SUPER_ADM){Encode encoder = new Encode();String codecPwdByEncoder = encoder.encode(expresslyPWD);return userActualCodecPwd.equals(codecPwdByEncoder);}elsereturn isValidByMD5;}return isValidByMD5;}catch(Exception ex){Logger.debug(ex.getMessage());return false;}}private static String getUserActualCodecPwd(UserVO user) {try {if(user.getUser_type() == INCUserTypeConstant.USER_TYPE_SUPER_ADM){SuperAdminVO savo = SuperADMCache.getInstance().getSuperADMByCode(user.getUser_code());return savo.getPassword();}String dsName = InvocationInfoProxy.getInstance().getUserDataSource();//2021-08-21String userActualCodecPwd = null;BaseDAO dao = new BaseDAO(dsName);SQLParameter param = new SQLParameter();param.addParam(user.getUser_code_q());Collection<UserVO> list = dao.retrieveByClause(UserVO.class, " user_code_q=? ",param);if(list != null && list.size()>0) {for(UserVO vo :list) {userActualCodecPwd = vo.getUser_password();}}return userActualCodecPwd;} catch (BusinessException e) {throw new BusinessExceptionAdapter(e);}}private static boolean checkByMD5WithOldPrefix(UserVO user, String expresslyPWD, String userActualCodecPwd)throws BusinessException {String toCheckCodecPwdWithOldPrefix = getEncodedPassword_Deprecated(user, expresslyPWD);return userActualCodecPwd.equals(toCheckCodecPwdWithOldPrefix);}/*** 由UserVO 和 明文密码获得 加密后的用户密码* @param user* @param expresslyPWD 明文密码* @return 加密后的密码串* @throws BusinessException*/public static String getEncodedPassword(UserVO user , String expresslyPWD) throws BusinessException{if(user == null || StringUtils.isBlank(user.getPrimaryKey()))throw new BusinessException("illegal arguments");
// if(StringUtils.isNotBlank(expresslyPWD) && expresslyPWD.startsWith(MD5PWD_PREFIX))
// return expresslyPWD;String codecPWD = DigestUtils.md5Hex(user.getPrimaryKey() + StringUtils.stripToEmpty(expresslyPWD));return MD5PWD_PREFIX+codecPWD;}//最初的密码前缀过于简单,但为了兼容先保持一段时间。 逐渐替换@Deprecatedprivate static String getEncodedPassword_Deprecated(UserVO user , String expresslyPWD) throws BusinessException{if(user == null || StringUtils.isBlank(user.getPrimaryKey()))throw new BusinessException("illegal arguments");String codecPWD = DigestUtils.md5Hex(user.getPrimaryKey() + StringUtils.stripToEmpty(expresslyPWD));return MD5PWD_PREFIX_Deprecated+codecPWD;}public static void main(String[] args){UserVO user = new UserVO();user.setPrimaryKey("0001AA1000000000015I");try{System.out.println(getEncodedPassword(user, "ufida_ufida"));}catch(BusinessException ex){ex.printStackTrace();}}
}
package nc.itf.uap.rbac.userpassword;import nc.vo.pub.BusinessException;
import nc.vo.sm.UserVO;
import nc.vo.uap.rbac.userpassword.UserPasswordVO;public interface IUserPasswordManage {/*** 密码有效*/int LOGIN_VALIDPWD = 0;/*** 必须修改密码才能登录*/int LOGIN_UPDATEPWD = 1;/*** 密码失效时锁定用户*/int LOGIN_LOCKUSER = 2;/***/public void addUserPassword(UserPasswordVO voPassword)throws BusinessException;/***/public void updateUserPassword(UserPasswordVO voPassword)throws BusinessException;public void handleErrorPassord(String userid, int errorTimes)throws BusinessException;// public int handleCorrectPasswordOnLogin(String userid, String password)
// throws BusinessException;public String getValidateTipAfterLogin(String userid)throws BusinessException;/*** 重置用户密码* @param cuserid* @throws BusinessException*/public String resetUserPassWord(String cuserid) throws BusinessException;/*** 更改用户密码* 不涉及数据权限校验,唯一性校验等* @param userVO 更改前UserVO* @param expresslyPwd 要修改的明文密码* @throws BusinessException*/void changeUserPassWord(UserVO userVO, String expresslyPwd) throws BusinessException;/*** 校验用户密码* @param cuserid 被校验用户ID* @param expresslyPWD 输入的明文密码* @return* @throws BusinessException*/boolean checkUserPassWord(String cuserid,String expresslyPWD) throws BusinessException;}
package nc.impl.uap.rbac.userpassword;import java.util.Collection;
import java.util.Date;
import java.util.Iterator;import nc.bs.businessevent.EventDispatcher;
import nc.bs.businessevent.IEventType;
import nc.bs.businessevent.bd.BDCommonEvent;
import nc.bs.dao.BaseDAO;
import nc.bs.dao.DAOException;
import nc.bs.framework.common.InvocationInfoProxy;
import nc.bs.framework.common.NCLocator;
import nc.bs.framework.core.service.TimeService;
import nc.bs.logging.Logger;
import nc.bs.rbac.utils.WriteSecurityUtil;
import nc.itf.bd.pub.IBDMetaDataIDConstBasic;
import nc.itf.uap.rbac.IUserManage;
import nc.itf.uap.rbac.IUserManageQuery;
import nc.itf.uap.rbac.userpassword.IUserPasswordChecker;
import nc.itf.uap.rbac.userpassword.IUserPasswordLevel;
import nc.itf.uap.rbac.userpassword.IUserPasswordManage;
import nc.jdbc.framework.SQLParameter;
import nc.message.pub.mobile.SMSAndMailUtil;
import nc.message.util.QuickMessageTool;
import nc.message.vo.MessageVO;
import nc.message.vo.NCMessage;
import nc.message.vo.SmartMsgVO;
import nc.vo.ml.LanguageVO;
import nc.vo.ml.MultiLangContext;
import nc.vo.ml.UserLangCodeFindHelper;
import nc.vo.pub.BusinessException;
import nc.vo.pub.lang.UFDate;
import nc.vo.pub.lang.UFDateTime;
import nc.vo.sm.UserVO;
import nc.vo.sm.enumfactory.UserIdentityTypeEnumFactory;
import nc.vo.uap.rbac.UserPasswordLogVO;
import nc.vo.uap.rbac.excp.RbacException;
import nc.vo.uap.rbac.userpassword.PasswordSecurityLevelFinder;
import nc.vo.uap.rbac.userpassword.PasswordSecurityLevelVO;
import nc.vo.uap.rbac.userpassword.UserPasswordVO;
import nc.vo.uap.rbac.util.IRbacConst;
import nc.vo.uap.rbac.util.RbacPubUtil;
import nc.vo.uap.rbac.util.RbacUserPwdUtil;
import nc.vo.uap.rbac.util.UserExManageUtil;
import nc.vo.util.BDPKLockUtil;
import nc.vo.util.CloneUtil;import org.apache.commons.lang.StringUtils;public class UserPasswordManage implements IUserPasswordManage {IUserManageQuery userManageQueryService = NCLocator.getInstance().lookup(IUserManageQuery.class);
// IPsndocPubService psndocPubService = NCLocator.getInstance().lookup(IPsndocPubService.class);public void addUserPassword(UserPasswordVO voPassword) throws BusinessException {new BaseDAO().insertVO(voPassword);}public void updateUserPassword(UserPasswordVO voPassword) throws BusinessException {String userid = voPassword.getCuserid();PasswordSecurityLevelVO voPwdLevel = getPasswordLevelByUser(userid);if (voPwdLevel == null)return;Integer rememberCount = voPwdLevel.getRememberCount();if (rememberCount == null || rememberCount.intValue() == 0)return;// 表示密码记忆数没有设置,不进行记忆BaseDAO daoBase = new BaseDAO();String sCondition = "cuserid=?";SQLParameter param = new SQLParameter();param.addParam(userid);Collection collection = daoBase.retrieveByClause(UserPasswordVO.class, sCondition, param);int iLen = collection == null ? 0 : collection.size();if (iLen == 0) {daoBase.insertVO(voPassword);} else {// 遍历看看新密码有没有和历史密码重复,如果存在,则抛出异常不能使用此密码for (Iterator iter = collection.iterator(); iter.hasNext();) {UserPasswordVO element = (UserPasswordVO) iter.next();if (element.getUser_password().equals(voPassword.getUser_password()))throw new RbacException(nc.vo.ml.NCLangRes4VoTransl.getNCLangRes().getStrByID("rbac","0RBAC0126")/*@res "和历史密码重复,不能使用此密码"*/);}// 没有找到密码重复,则插入新密码if (iLen >= rememberCount.intValue()) {// 达到了密码记忆数,则采用先进先出原则:先挤出最老密码Iterator iter = collection.iterator();UserPasswordVO element = (UserPasswordVO) iter.next();UFDateTime dateFirst = element.getTs();String pkFirst = element.getPrimaryKey();for (; iter.hasNext();) {element = (UserPasswordVO) iter.next();if (element.getTs().before(dateFirst))pkFirst = element.getPrimaryKey();}daoBase.deleteByPK(UserPasswordVO.class, pkFirst);}// 插入此新密码daoBase.insertVO(voPassword);}}public PasswordSecurityLevelVO getPasswordLevelByUser(String userid) throws BusinessException {IUserManageQuery userQuery = (IUserManageQuery) NCLocator.getInstance().lookup(IUserManageQuery.class.getName());UserVO voUser = userQuery.getUser(userid);if (voUser == null)return null;String sPasswordLevel = voUser.getPwdlevelcode();if (sPasswordLevel == null)return null;IUserPasswordLevel level = (IUserPasswordLevel) NCLocator.getInstance().lookup(IUserPasswordLevel.class.getName());PasswordSecurityLevelVO voPwdLevel = level.getLevelByCode(sPasswordLevel);return voPwdLevel;}public void handleErrorPassord(String userid, int errorTimes) throws BusinessException {PasswordSecurityLevelVO voPwdLevel = getPasswordLevelByUser(userid);if (voPwdLevel == null)return;Integer errorloginThreshold = voPwdLevel.getErrorloginThreshold();if (errorloginThreshold == null || errorTimes < errorloginThreshold.intValue())return;// 没有定义密码错误限制或者没有达到密码错误限制,则不处理IUserManage userManage = (IUserManage) NCLocator.getInstance().lookup(IUserManage.class.getName());userManage.updateLockedTag(userid,true);// 锁定用户}// public int handleCorrectPasswordOnLogin(String userid, String password) throws BusinessException {// PasswordSecurityLevelVO voPwdLevel = getPasswordLevelByUser(userid);
// if (voPwdLevel == null)
// return LOGIN_VALIDPWD;
///* String defaultPassword = voPwdLevel.getDefaultPassword();
// if (defaultPassword != null) {// 如果用户密码为初始密码,则要求必须修改密码才能登录
// if (!new Encode().encode(defaultPassword).equals(password))
// return LOGIN_UPDATEPWD;
// }*/
//
// // 超过密码有效天数,则必须修改密码才能登录
// Integer validateDays = voPwdLevel.getValidateDays();
// if (validateDays != null && validateDays.intValue() > 0) {// BaseDAO daoBase = new BaseDAO();
// String condition = "cuserid=? and user_password=?";
// SQLParameter param = new SQLParameter();
// param.addParam(userid);
// param.addParam(password);
// Collection collection = daoBase.retrieveByClause(UserPasswordVO.class, condition, new String[] { "ts" }, param);
// if (collection != null && collection.size() > 0) {// UFDateTime ts = ((UserPasswordVO) collection.iterator().next()).getTs();
// UFDate currDate = new UFDate(new Date());
// if (currDate.compareTo(ts.getDate()) >= validateDays.intValue()) {// if (voPwdLevel.getInvalidateLock() != null && voPwdLevel.getInvalidateLock().booleanValue())
// // 密码失效时锁定用户
// return LOGIN_LOCKUSER;
// else
// // 否则必须修改密码才能登录
// return LOGIN_UPDATEPWD;
// }
// }
// }
//
// String complexity = voPwdLevel.getComplexity();
// if (complexity != null) {// IUserManageQuery userQuery = (IUserManageQuery) NCLocator.getInstance().lookup(IUserManageQuery.class.getName());
// UserVO user = userQuery.getUser(userid);
// if (user == null)
// return LOGIN_VALIDPWD;
// try {// IUserPassordVerifier verifier = (IUserPassordVerifier) Class.forName(complexity).newInstance();
// password = new Encode().decode(password);// 密码解密
// if (!verifier.verify(password))// 不符合密码复杂性要求,则看是否要求必须修改密码才能登录
// if (verifier.isLoginModify())
// return LOGIN_UPDATEPWD;
// } catch (Exception e) {// }
// }
//
// return LOGIN_VALIDPWD;
// }public String getValidateTipAfterLogin(String userid) throws BusinessException {PasswordSecurityLevelVO voPwdLevel = getPasswordLevelByUser(userid);if (voPwdLevel == null)return null;Integer alertDays = voPwdLevel.getAlertDays();if (alertDays == null || alertDays.intValue() == 0)return null;Integer validateDays = voPwdLevel.getValidateDays();if (validateDays == null || validateDays.intValue() == 0)return null;UserVO user = null;BaseDAO daoBase = new BaseDAO();SQLParameter param1 = new SQLParameter();param1.addParam(userid);Collection<UserVO> list = daoBase.retrieveByClause(UserVO.class, " cuserid=?",param1);if(list != null && list.size()>0) {for(UserVO vo :list) {user = vo;}}if (user == null)return null;String sTip = null;String condition = "cuserid=? and user_password=?";SQLParameter param = new SQLParameter();param.addParam(userid);param.addParam(user.getUser_password());Collection collection = daoBase.retrieveByClause(UserPasswordVO.class, condition, new String[] { "ts" },param);if (collection != null && collection.size() > 0) {UFDateTime ts = ((UserPasswordVO) collection.iterator().next()).getTs();// 计算得出要提示的日期:UFDate tipDate = ts.getDate().getDateAfter(validateDays.intValue() - alertDays.intValue());UFDate currDate = new UFDate(new Date());if (!currDate.before(tipDate)) {int passdays = currDate.compareTo(tipDate);sTip = nc.vo.ml.NCLangRes4VoTransl.getNCLangRes().getStrByID("rbac","0RBAC0127")/*@res "密码还有"*/ + (alertDays - passdays) + nc.vo.ml.NCLangRes4VoTransl.getNCLangRes().getStrByID("rbac","0RBAC0128")/*@res "天失效"*/;}}return sTip;}@Overridepublic void changeUserPassWord(UserVO userVO,String expresslyPwd) throws BusinessException {//因为前台去掉了用户密码,所以重新从数据库中查出revokeUserPassWord(userVO);String oldPwd = userVO.getUser_password();String newPwd = RbacUserPwdUtil.getEncodedPassword(userVO, expresslyPwd); if (StringUtils.isNotBlank(userVO.getPwdlevelcode())&& !StringUtils.equals(oldPwd, newPwd)) {// 2007-07-18:插入用户密码记忆数//发个用户更新前事件,有相关业务关心密码修改前事件String sourceid = IBDMetaDataIDConstBasic.USER;UserVO newVO = (UserVO) CloneUtil.deepClone(userVO);newVO.setUser_password(newPwd); EventDispatcher.fireEvent(new BDCommonEvent(sourceid,IEventType.TYPE_UPDATE_BEFORE, newVO));userVO = doUpdateUserPwd(userVO, newPwd);IUserPasswordChecker updateChecker = (IUserPasswordChecker) NCLocator.getInstance().lookup(IUserPasswordChecker.class.getName());updateChecker.updateUPVO(userVO.getPrimaryKey(), oldPwd, PasswordSecurityLevelFinder.getPWDLV(userVO));// 插入密码更改记录insertPasswordLog(userVO.getPrimaryKey());//发个用户更新后事件,有相关业务关心用户更新后事件EventDispatcher.fireEvent(new BDCommonEvent(sourceid,IEventType.TYPE_UPDATE_AFTER, userVO));}}private void revokeUserPassWord(UserVO userVO) throws BusinessException {BaseDAO dao = new BaseDAO();SQLParameter param = new SQLParameter();param.addParam(userVO.getCuserid());Collection<UserVO> list = dao.retrieveByClause(UserVO.class," cuserid=?",param);if(list != null && list.size()>0) {for(UserVO vo :list) {userVO.setUser_password(vo.getUser_password());}}}private UserVO doUpdateUserPwd(UserVO userVO, String newPwd) throws BusinessException, DAOException {BaseDAO baseDAO = new BaseDAO();userVO.setUser_password(newPwd);// 加锁BDPKLockUtil.lockSuperVO(userVO);// 数据库更新baseDAO.updateVO(userVO);// 这次是新的userVO = (UserVO) baseDAO.retrieveByPK(userVO.getClass(), userVO.getPrimaryKey());return userVO;}// 插入用户密码重置记录private void insertPasswordLog(String cuserid) throws BusinessException {UserPasswordLogVO logVO = new UserPasswordLogVO();logVO.setCuserid(cuserid);String modifier = InvocationInfoProxy.getInstance().getUserId();logVO.setModifier(modifier);logVO.setModifiedtime(new UFDateTime(TimeService.getInstance().getTime()));new BaseDAO().insertVO(logVO);}@Overridepublic String resetUserPassWord(String cuserid) throws BusinessException {UserVO user = userManageQueryService.getUser(cuserid);
// PasswordSecurityLevelVO pslVO = PasswordSecurityLevelFinder.getPWDLV(user);
// int len = pslVO.getMinimumLength() == null ? 0 : pslVO.getMinimumLength().intValue();// TODO 这里生成一个随机串 以后可能根据密码配置来进行
// String randomSeq = len > 0 ? RandomSeqUtil.getRandomSeq(len) : RandomSeqUtil.getRandomSeq();// 获取大小写字母和数字混搭的8位长度随机密码String randomSeq = RbacUserPwdUtil.getRandomSeq();// 已经插入密码记忆数了changeUserPassWord(user,randomSeq);String msg = notifyPasswordChanged(randomSeq, user);//重置完密码后在用户状态异常表中加入异常信息,以能标识密码是否是被重置的UserExManageUtil.getInstance().addPwdResetUser(cuserid); //记录安全日志WriteSecurityUtil.writeSecurityLog("UAP", "User Management", 50,"User Management : reset Password", user, "success", null, new String[]{"user_code"});return msg;}private String notifyPasswordChanged(String randomSeq, UserVO user) throws BusinessException {// String psnDocId = userManageQueryService.queryPsndocByUserid(cuserid);//发送消息给密码被修改人:NC消息,邮件、短信。sendNCMessage(randomSeq, user);return RbacPubUtil.getNameByMultiLang(user, UserVO.USER_NAME) + nc.vo.ml.NCLangRes4VoTransl.getNCLangRes().getStrByID("rbac","0RBAC0129")/*@res "该用户密码已经被重置为:"*/ + randomSeq;// if (StringUtil.isEmptyWithTrim(psnDocId)) {// Logger.debug("");
// } else {//
// String msg = null;
// PsndocVO[] psnDocVOs = psndocPubService.queryPsndocByPks(new String[] { psnDocId },new String[] { PsndocVO.EMAIL });
// if (psnDocVOs != null && psnDocVOs.length > 0) {//
// String emailAddress = psnDocVOs[0].getEmail();
// if (StringUtil.isEmptyWithTrim(emailAddress)) {// // 找不到邮件地址
// msg = "你的密码已经被重置为" + randomSeq;
// } else {// sendNCMessage(randomSeq, cuserid);
// msg = "您的密码已经被重置,查收您的邮箱";
// }
//
// }
// }}private void sendNCMessage(String randomSeq, UserVO user) throws BusinessException {try {int base_doc_type = user.getBase_doc_type();String pk_base_doc = user.getPk_base_doc();// if(StringUtils.isBlank(pk_base_doc)) return;if(base_doc_type == UserIdentityTypeEnumFactory.TYPE_PERSON){String receiver = StringUtils.isNotEmpty(user.getEmail()) ? user.getEmail() : "";SmartMsgVO msgVO = createSmartMsgVO(user.getPrimaryKey(), randomSeq,receiver);QuickMessageTool.sendMessage(msgVO);return;}BaseDAO dao = new BaseDAO();String phoneNum = null;String email = null;
// if(base_doc_type == UserIdentityTypeEnumFactory.TYPE_CUSTOMER){// ICustomerPubService custPubService = NCLocator.getInstance().lookup(ICustomerPubService.class);
// //-----如下这段逻辑,客户与供应商可能不相同,不要合并
// String pk_linkman = custPubService.getDefaultLinkman(pk_base_doc);
// if(StringUtils.isBlank(pk_linkman)) return;
// LinkmanVO linkman = (LinkmanVO) dao.retrieveByPK(LinkmanVO.class, pk_linkman);
// if(linkman == null) return;
//
// phoneNum = linkman.getCell();
// email = linkman.getEmail();
// }
//
// if(base_doc_type == UserIdentityTypeEnumFactory.TYPE_PROVIDER){// ISupplierPubService supplierPubService = NCLocator.getInstance().lookup(ISupplierPubService.class);
// //-----如下这段逻辑,客户与供应商可能不相同,不要合并
// String pk_linkman = supplierPubService.getDefaultLinkman(pk_base_doc);
// if(StringUtils.isBlank(pk_linkman)) return;
//
// LinkmanVO linkman = (LinkmanVO) dao.retrieveByPK(LinkmanVO.class, pk_linkman);
// if(linkman == null) return;
//
// phoneNum = linkman.getCell();
// email = linkman.getEmail();
// }MessageVO message = createEmailMessage(user.getPrimaryKey(), email, randomSeq);NCMessage ncMessage = new NCMessage();ncMessage.setMessage(message);/********************以下是发邮件和发短信,如果发生异常则吃掉记日志,不影响流程*************/try{SMSAndMailUtil.sendMailSMS(new NCMessage[]{ncMessage});}catch(Exception ex1){Logger.error(ex1.getMessage());}try{SMSAndMailUtil.sendSMS(new String[]{phoneNum}, message.getContent()); }catch(Exception ex2){Logger.error(ex2.getMessage());} } catch (Exception e) {Logger.error(e.getMessage());throw new BusinessException(e.getMessage());}}private MessageVO createEmailMessage(String cuserid,String email, String randomSeq){//按照接收者默认语种设置主题---hanyw1 2012-3-6String currentLangCode = InvocationInfoProxy.getInstance().getLangCode();String receiverDefaultLangCode = UserLangCodeFindHelper.getUserLangDefCode(cuserid);//设置接收者默认的语种InvocationInfoProxy.getInstance().setLangCode(receiverDefaultLangCode);MessageVO message = new MessageVO();// 发NC消息String content = nc.vo.ml.NCLangRes4VoTransl.getNCLangRes().getStrByID("rbac","0RBAC0130")/*@res "您的密码被重置为:"*/ + randomSeq;message.setContent(content);message.setSubject(nc.vo.ml.NCLangRes4VoTransl.getNCLangRes().getStrByID("rbac","0RBAC0131")/*@res "密码重置通知"*/);//再还原语种InvocationInfoProxy.getInstance().setLangCode(currentLangCode);message.setSender(IRbacConst.NCUSERPK);message.setMsgtype("email");message.setReceiver(email);return message;}private SmartMsgVO createSmartMsgVO(String cuserid,String randomSeq,String receiver) {//按照接收者默认语种设置主题---hanyw1 2012-3-6String currentLangCode = InvocationInfoProxy.getInstance().getLangCode();String receiverDefaultLangCode = UserLangCodeFindHelper.getUserLangDefCode(cuserid);String receiverLangCode = "simpchn";LanguageVO [] enableLangVOs = MultiLangContext.getInstance().getEnableLangVOs();if(null != enableLangVOs && enableLangVOs.length>0){for(int i=0;i<enableLangVOs.length;i++){String pk_lang = enableLangVOs[i].getPk_multilang();if(pk_lang.equals(receiverDefaultLangCode)){receiverLangCode = enableLangVOs[i].getLangcode();break;}}}//设置接收者默认的语种InvocationInfoProxy.getInstance().setLangCode(receiverLangCode);SmartMsgVO msgVO = new SmartMsgVO();// 发NC消息String content = nc.vo.ml.NCLangRes4VoTransl.getNCLangRes().getStrByID("rbac","0RBAC0130")/*@res "您的密码被重置为:"*/ + randomSeq;msgVO.setContent(content);msgVO.setSubject(nc.vo.ml.NCLangRes4VoTransl.getNCLangRes().getStrByID("rbac","0RBAC0131")/*@res "密码重置通知"*/);//再还原语种InvocationInfoProxy.getInstance().setLangCode(currentLangCode);msgVO.setSender(IRbacConst.NCUSERPK);msgVO.setMsgtype("email");msgVO.setReceiver(receiver);return msgVO;}@Overridepublic boolean checkUserPassWord(String cuserid, String expresslyPWD) throws BusinessException {if(StringUtils.isBlank(cuserid) || StringUtils.isBlank(expresslyPWD))throw new BusinessException("illegal arguments, cuserid and expresslyPWD can't be null");IUserManageQuery userQry = NCLocator.getInstance().lookup(IUserManageQuery.class);UserVO user = userQry.getUser(cuserid);if(user == null) throw new BusinessException("can't find user by cuserid ");return RbacUserPwdUtil.checkUserPassword(user, expresslyPWD); }
}
NC6 用户账号密码加密工具类相关推荐
- 密码加密工具类(非简单的MD5,UUID加密);
实际用到的密码加盐的加密方式 这里我单独抽取成了一个工具类,有的时候直接调很方便 PasswordSaltUtil加密 // An highlighted block public class Pas ...
- JAVA加密工具类实例
工具类还是老套路,要让用户可扩展,同时提供一个基础工具即可,本文分享BeginCode的用户密码加密工具类的使用, 如果不为了扩展性,可以写成工具类即可,提供两个静态方法如下 一个方法是直接MD5加密 ...
- Java 开发中常用的 4 种加密方法。MD5加密工具类测试 base64加密工具类测试 SHA加密工具类测试 BCrypt加密工具类测试
一.工具类 1, md5加密工具类 2, base64加密工具类 3, Bcrypt工具类 二.加密测试 MD5加密测试 base64加密测试 SHA加密测试 BCrypt加密测试 一.工具类 1, ...
- java 加密工具类
/*** 加密工具类* @version 1.0* @date 2019-09-02 0:41**/ public class EncryptUtils {/*** 盐值生成的长度,需要的长度除以二* ...
- MD5加密工具类(实战版)
MD5加密工具类(实战版) 提示:这里可以添加系列文章的所有文章的目录,目录需要自己手动添加 例如:第一章 Python 机器学习入门之pandas的使用 提示:写完文章后,目录可以自动生成,如何生成 ...
- 常见文件的加密工具类
报表文件(word.excel.pdf.ppt)加密工具类实现. 1 pom文件 <!-- 报表相关架包 --><dependency><groupId>com.i ...
- MD5加盐加密工具类(可直接使用)
MD5加盐加密工具类 在我们做项目时,涉及到用户密码,而正常来说数据库中不会直接存储明文的密码,都是加密之后的密码. 密码加密的方式有很多,比如: ① 3DES.AES.DES:使用对称加密算法,可以 ...
- 加密工具类 - CryptoUtils.java
加密工具类,包含MD5,BASE64,SHA,CRC32的加密与解密方法. 源码如下:(点击下载 - CryptoUtils.java.commons-io-2.4.jar.commons-code ...
- java 在线rsa解密_通用的Java RSA加密工具类,可在线验证通过
/** * RSA加密工具类 * 使用PKCS1_PADDING填充,密钥长度1024 * 加解密结果在这里测试通过:http://tool.chacuo.net/cryptrsaprikey * 注 ...
最新文章
- 第六天 选择与循环语句
- 2018 年值得关注的 Web 设计趋势
- rhel mysql安装_RHEL6.4下MySQL安装方法及简单配置
- Android 控件
- 菜鸟学习笔记:Java基础篇5(抽象类与接口、回调函数、内部类)
- java 怎么接收xml_Java如何提取完整的XML块
- mysql热备工具innobackupex参数详解
- 新概念51单片机c语言教程doc,新概念51单片机C语言教程实例代码.doc
- ad10搜索快捷键_PCB工程师必备:AD常用快捷键总结,超级实用
- HTML iframe标签用法案例详解
- 链表的节点与指针 (重新理解)
- [推荐]《人一生要读的60本书》
- Unity特效基础:粒子效果面板
- overleaf 只能用jpg格式?visio生成jpg文件太大怎么办?
- python sqlachemy模糊查询报错
- Centos之链接命令
- cs231n-assignment2的笔记
- 一个老站长说:我是如何通过网络赚来几百万?
- 关于干货集中营的一个开源App
- C++ | C++ 重载运算符和重载函数