예제 #1
0
 private void makePatternMap(List<String> patternPairs) throws IllegalArgumentException {
   if (patternPairs != null) {
     patternMap = new LinkedMap();
     for (String pair : patternPairs) {
       // Find the last occurrence of comma to avoid regexp quoting
       int pos = pair.lastIndexOf(',');
       if (pos < 0) {
         throw new IllegalArgumentException("Marformed pattern,int pair; no comma: " + pair);
       }
       String regexp = pair.substring(0, pos);
       String pristr = pair.substring(pos + 1);
       int pri;
       Pattern pat;
       try {
         pri = Integer.parseInt(pristr);
         int flags = Perl5Compiler.READ_ONLY_MASK;
         pat = RegexpUtil.getCompiler().compile(regexp, flags);
         patternMap.put(pat, pri);
       } catch (NumberFormatException e) {
         throw new IllegalArgumentException("Illegal priority: " + pristr);
       } catch (MalformedPatternException e) {
         throw new IllegalArgumentException("Illegal regexp: " + regexp);
       }
     }
   }
 }
예제 #2
0
 boolean hasRequiredCharacterMix(String str) {
   // Must have at least 3 of: upper alpha, lower alpha, numeric, special
   int cnt = 0;
   Perl5Matcher matcher = RegexpUtil.getMatcher();
   for (Pattern pat : charPats) {
     if (matcher.contains(str, pat)) {
       cnt++;
     }
   }
   return cnt >= 3;
 }
예제 #3
0
 /**
  * Return the value associated with the first pattern that the string matches, or the specified
  * default value if none, considering only patterns whose associated value is less than or equal
  * to maxPri.
  */
 public int getMatch(String str, int dfault, int maxPri) {
   Perl5Matcher matcher = RegexpUtil.getMatcher();
   for (Map.Entry<Pattern, Integer> ent : patternMap.entrySet()) {
     if (ent.getValue() <= maxPri) {
       Pattern pat = ent.getKey();
       if (matcher.contains(str, pat)) {
         log.debug2("getMatch(" + str + "): " + ent.getValue());
         return ent.getValue();
       }
     }
   }
   log.debug2("getMatch(" + str + "): default: " + dfault);
   return dfault;
 }
예제 #4
0
 /** Parse a string of the form [x1,y1},[x2,y2},...,[xN,yN} into a list of Points ([int,int]) */
 public static List<Point> parseString(String str) throws NumberFormatException {
   if (StringUtil.isNullString(str)) {
     throw new IllegalArgumentException("Must supply non-empty string");
   }
   ArrayList<Point> res = new ArrayList<Point>();
   Perl5Matcher matcher = RegexpUtil.getMatcher();
   while (matcher.contains(str, ONE_POINT_PAT)) {
     MatchResult matchResult = matcher.getMatch();
     String xstr = matchResult.group(1);
     String ystr = matchResult.group(2);
     str = matchResult.group(3);
     try {
       int x = Integer.parseInt(xstr);
       int y = Integer.parseInt(ystr);
       res.add(new Point(x, y));
     } catch (NumberFormatException e) {
       throw new IllegalArgumentException("bad point [" + xstr + "," + ystr + "] in " + str);
     }
   }
   res.trimToSize();
   return res;
 }
예제 #5
0
/** A simple integer step function. Should be genericized */
public class IntStepFunction {

  static class Point {
    final int x;
    final int y;

    Point(int x, int y) {
      this.x = x;
      this.y = y;
    }

    public boolean equals(Object o) {
      if (!(o instanceof Point)) {
        return false;
      }
      Point op = (Point) o;
      return x == op.x && y == op.y;
    }

    public int hashCode() {
      return (int) ((x ^ (x >>> 32)) + (y ^ (y >>> 32)));
    }

    public String toString() {
      StringBuilder sb = new StringBuilder();
      sb.append("(");
      if (x == Integer.MIN_VALUE) {
        sb.append("-INF");
      } else if (x == Integer.MAX_VALUE) {
        sb.append("+INF");
      } else {
        sb.append(Integer.toString(x));
      }
      sb.append(",");
      sb.append(y);
      sb.append(")");
      return sb.toString();
    }
  }

  private Point points[];

  /**
   * Create a IntStepFunction from a string specifying a list of pairs: [x1,y1},[x2,y2},...,[xN,yN}
   */
  public IntStepFunction(String spec) {
    this(parseString(spec));
  }

  /** Create a IntStepFunction from a List of Points */
  public IntStepFunction(List<Point> pointList) {
    if (pointList == null || pointList.isEmpty()) {
      throw new IllegalArgumentException("Must supply non-empty pointList");
    }
    points = new Point[pointList.size()];
    int ix = 0;
    for (Point p : pointList) {
      points[ix++] = p;
    }
  }

  /** Return the value of the function of X */
  public int getValue(int x) {
    if (x < points[0].x) {
      return 0;
    }
    Point p2 = points[0];
    for (int ix = 0; ix < points.length - 1; ix++) {
      Point p1 = p2;
      p2 = points[ix + 1];
      if (x < p2.x) {
        return p1.y;
      }
    }
    return p2.y;
  }

  // * Pattern picks off first x,y pair into group(1) and group(2) and rest
  // * of string into group(3) */
  static Pattern ONE_POINT_PAT =
      RegexpUtil.uncheckedCompile(
          "^\\s*,?\\s*\\[(\\d+)\\s*,\\s*(-?\\d+)\\](.*)$", Perl5Compiler.READ_ONLY_MASK);

  /** Parse a string of the form [x1,y1},[x2,y2},...,[xN,yN} into a list of Points ([int,int]) */
  public static List<Point> parseString(String str) throws NumberFormatException {
    if (StringUtil.isNullString(str)) {
      throw new IllegalArgumentException("Must supply non-empty string");
    }
    ArrayList<Point> res = new ArrayList<Point>();
    Perl5Matcher matcher = RegexpUtil.getMatcher();
    while (matcher.contains(str, ONE_POINT_PAT)) {
      MatchResult matchResult = matcher.getMatch();
      String xstr = matchResult.group(1);
      String ystr = matchResult.group(2);
      str = matchResult.group(3);
      try {
        int x = Integer.parseInt(xstr);
        int y = Integer.parseInt(ystr);
        res.add(new Point(x, y));
      } catch (NumberFormatException e) {
        throw new IllegalArgumentException("bad point [" + xstr + "," + ystr + "] in " + str);
      }
    }
    res.trimToSize();
    return res;
  }

  public String toString() {
    return "[CLS " + "[" + StringUtil.separatedString(points, ", ") + "]]";
  }
}
예제 #6
0
/**
 * Library of Congress password rules:
 *
 * <p>- The system must enforce a minimum password length of 8 characters for user passwords.
 *
 * <p>- The system must enforce at least three (3) of the following password complexity rules for
 * user passwords: (a) at least 1 upper case alphabetic character, (b) at least 1 lower case
 * alphabetic character, (c) at least 1 numeric character, (d) at least 1 special character.
 *
 * <p>- The system must prevent passwords with consecutive repeated characters for user accounts.
 *
 * <p>- The system must prevent the reuse of the 11 most recently used passwords for a particular
 * user account for user accounts.
 *
 * <p>- The system must prevent the user from changing his or her password more than one time per
 * day.
 *
 * <p>- The system must ensure that user passwords expire if not changed every sixty (60) days with
 * the exception of Public E-Authentication Level 1 or 2 systems, per NIST SP 800-63, which ensure
 * that user passwords expire if not changed annually.
 *
 * <p>- The system must provide a warning message seven (7) days before the user password expires
 */
public class LCUserAccount extends UserAccount {

  static final long MIN_PASSWORD_CHANGE_INTERVAL = 1 * Constants.DAY;
  static final long MAX_PASSWORD_CHANGE_INTERVAL = 60 * Constants.DAY;
  static final long PASSWORD_CHANGE_REMINDER_INTERVAL = 7 * Constants.DAY;

  static final long INACTIVITY_LOGOUT = 15 * Constants.MINUTE;
  static final int HISTORY_SIZE = 11;
  static final int MAX_FAILED_ATTEMPTS = 3;
  static final long MAX_FAILED_ATTEMPT_WINDOW = 15 * Constants.MINUTE;
  static final long MAX_FAILED_ATTEMPT_RESET_INTERVAL = 15 * Constants.MINUTE;

  static final String HASH_ALGORITHM = "SHA-256";

  public LCUserAccount(String name) {
    super(name);
  }

  public String getType() {
    return "LC";
  }

  protected int getHistorySize() {
    return HISTORY_SIZE;
  }

  protected String getDefaultHashAlgorithm() {
    return HASH_ALGORITHM;
  }

  public long getInactivityLogout() {
    return INACTIVITY_LOGOUT;
  }

  protected int getMinPasswordLength() {
    return 8;
  }

  protected long getMinPasswordChangeInterval() {
    return MIN_PASSWORD_CHANGE_INTERVAL;
  }

  protected long getMaxPasswordChangeInterval() {
    return MAX_PASSWORD_CHANGE_INTERVAL;
  }

  protected long getPasswordChangeReminderInterval() {
    return PASSWORD_CHANGE_REMINDER_INTERVAL;
  }

  protected int getMaxFailedAttempts() {
    return MAX_FAILED_ATTEMPTS;
  }

  protected long getFailedAttemptWindow() {
    return MAX_FAILED_ATTEMPT_WINDOW;
  }

  protected long getFailedAttemptResetInterval() {
    return MAX_FAILED_ATTEMPT_RESET_INTERVAL;
  }

  /** Return the hash algorithm to be used for new accounts */
  @Override
  protected void checkLegalPassword(String newPwd, String hash, boolean isAdmin)
      throws IllegalPasswordChange {
    super.checkLegalPassword(newPwd, hash, isAdmin);

    if (StringUtil.hasRepeatedChar(newPwd)) {
      throw new IllegalPassword("Password may not contain consecutive repeated characters");
    }
    if (!hasRequiredCharacterMix(newPwd)) {
      throw new IllegalPassword(
          "Password must contain mix of upper, lower, numeric and special characters");
    }
  }

  static Pattern[] charPats = {
    RegexpUtil.uncheckedCompile("[a-z]", Perl5Compiler.READ_ONLY_MASK),
    RegexpUtil.uncheckedCompile("[A-Z]", Perl5Compiler.READ_ONLY_MASK),
    RegexpUtil.uncheckedCompile("[0-9]", Perl5Compiler.READ_ONLY_MASK),
    RegexpUtil.uncheckedCompile("[" + SPECIAL_CHARS + "]", Perl5Compiler.READ_ONLY_MASK)
  };

  boolean hasRequiredCharacterMix(String str) {
    // Must have at least 3 of: upper alpha, lower alpha, numeric, special
    int cnt = 0;
    Perl5Matcher matcher = RegexpUtil.getMatcher();
    for (Pattern pat : charPats) {
      if (matcher.contains(str, pat)) {
        cnt++;
      }
    }
    return cnt >= 3;
  }

  public static class Factory extends UserAccount.Factory {
    public UserAccount newUser(String name, AccountManager acctMgr, Configuration config) {
      UserAccount acct = new LCUserAccount(name);
      acct.init(acctMgr, config);
      return acct;
    }
  }
}