IDEMPIERE-2558:don't allow use old password when change password

check history password
This commit is contained in:
hieplq 2015-04-06 18:51:32 +07:00
parent bd51dfdf4e
commit c293006f6f
11 changed files with 830 additions and 35 deletions

View File

@ -0,0 +1,152 @@
SET SQLBLANKLINES ON
SET DEFINE OFF
-- I forgot to set the DICTIONARY_ID_COMMENTS System Configurator
-- Apr 6, 2015 6:42:41 PM ICT
INSERT INTO AD_Table (AD_Table_ID,Name,Help,TableName,LoadSeq,AccessLevel,AD_Client_ID,AD_Org_ID,IsActive,Created,CreatedBy,Updated,UpdatedBy,IsSecurityEnabled,IsDeleteable,IsHighVolume,IsView,EntityType,ImportTable,IsChangeLog,ReplicationType,CopyColumnsFromTable,IsCentrallyMaintained,AD_Table_UU,Processing,DatabaseViewDrop) VALUES (200171,'Password History ID','Save password history to void user from reuse it for time range','AD_Password_History',0,'4',0,0,'Y',TO_DATE('2015-04-06 18:42:41','YYYY-MM-DD HH24:MI:SS'),100,TO_DATE('2015-04-06 18:42:41','YYYY-MM-DD HH24:MI:SS'),100,'N','Y','N','N','D','N','N','L','N','Y','49da1460-ff37-4f00-9ace-97bdf44db0ad','N','N')
;
-- Apr 6, 2015 6:42:42 PM ICT
INSERT INTO AD_Sequence (Name,CurrentNext,IsAudited,StartNewYear,Description,IsActive,IsTableID,AD_Client_ID,AD_Org_ID,Created,CreatedBy,Updated,UpdatedBy,AD_Sequence_ID,IsAutoSequence,StartNo,IncrementNo,CurrentNextSys,AD_Sequence_UU) VALUES ('AD_Password_History',1000000,'N','N','Table AD_Password_History','Y','Y',0,0,TO_DATE('2015-04-06 18:42:41','YYYY-MM-DD HH24:MI:SS'),100,TO_DATE('2015-04-06 18:42:41','YYYY-MM-DD HH24:MI:SS'),100,200228,'Y',1000000,1,200000,'1a1cc6c7-d4ed-469f-91e6-42c4dff8a0fc')
;
-- Apr 6, 2015 6:42:42 PM ICT
INSERT INTO AD_Element (AD_Element_ID,AD_Client_ID,AD_Org_ID,IsActive,Created,CreatedBy,Updated,UpdatedBy,ColumnName,Name,PrintName,EntityType,AD_Element_UU) VALUES (202871,0,0,'Y',TO_DATE('2015-04-06 18:42:42','YYYY-MM-DD HH24:MI:SS'),100,TO_DATE('2015-04-06 18:42:42','YYYY-MM-DD HH24:MI:SS'),100,'AD_Password_History_ID','Password History ID','PasswordHistoryID','D','485e98ad-d7ba-4ce5-9569-09dd0d02ed46')
;
-- Apr 6, 2015 6:42:42 PM ICT
INSERT INTO AD_Column (AD_Column_ID,Version,Name,AD_Table_ID,ColumnName,FieldLength,IsKey,IsParent,IsMandatory,IsTranslated,IsIdentifier,SeqNo,IsEncrypted,AD_Reference_ID,AD_Client_ID,AD_Org_ID,IsActive,Created,CreatedBy,Updated,UpdatedBy,AD_Element_ID,IsUpdateable,IsSelectionColumn,EntityType,IsSyncDatabase,IsAlwaysUpdateable,IsAutocomplete,IsAllowLogging,AD_Column_UU,IsAllowCopy,SeqNoSelection,IsToolbarButton,IsSecure,FKConstraintType) VALUES (212113,0,'Password History ID',200171,'AD_Password_History_ID',22,'Y','N','N','N','N',0,'N',13,0,0,'Y',TO_DATE('2015-04-06 18:42:42','YYYY-MM-DD HH24:MI:SS'),100,TO_DATE('2015-04-06 18:42:42','YYYY-MM-DD HH24:MI:SS'),100,202871,'N','N','D','Y','N','N','Y','991d817c-bb9d-425b-af2d-97db8c5617fd','N',0,'N','N','N')
;
-- Apr 6, 2015 6:42:42 PM ICT
CREATE TABLE AD_Password_History (AD_Password_History_ID NUMBER(10) DEFAULT NULL , CONSTRAINT AD_Password_History_Key PRIMARY KEY (AD_Password_History_ID))
;
-- Apr 6, 2015 6:42:42 PM ICT
INSERT INTO AD_Column (AD_Column_ID,Version,Name,Description,Help,AD_Table_ID,AD_Val_Rule_ID,ColumnName,DefaultValue,FieldLength,IsKey,IsParent,IsMandatory,IsTranslated,IsIdentifier,SeqNo,IsEncrypted,AD_Reference_ID,AD_Client_ID,AD_Org_ID,IsActive,Created,CreatedBy,Updated,UpdatedBy,AD_Element_ID,IsUpdateable,IsSelectionColumn,EntityType,IsSyncDatabase,IsAlwaysUpdateable,IsAutocomplete,IsAllowLogging,AD_Column_UU,IsAllowCopy,SeqNoSelection,IsToolbarButton,IsSecure,FKConstraintName,FKConstraintType) VALUES (212106,0,'Client','Client/Tenant for this installation.','A Client is a company or a legal entity. You cannot share data between Clients. Tenant is a synonym for Client.',200171,129,'AD_Client_ID','@#AD_Client_ID@',22,'N','N','N','N','N',0,'N',19,0,0,'Y',TO_DATE('2015-04-06 18:42:42','YYYY-MM-DD HH24:MI:SS'),100,TO_DATE('2015-04-06 18:42:42','YYYY-MM-DD HH24:MI:SS'),100,102,'N','N','D','Y','N','N','N','a7778717-650f-4298-b050-bffbae429272','N',0,'N','N','ADClient_ADPasswordHistory','N')
;
-- Apr 6, 2015 6:42:42 PM ICT
ALTER TABLE AD_Password_History ADD AD_Client_ID NUMBER(10) DEFAULT NULL
;
-- Apr 6, 2015 6:42:42 PM ICT
INSERT INTO AD_Column (AD_Column_ID,Version,Name,Description,Help,AD_Table_ID,AD_Val_Rule_ID,ColumnName,DefaultValue,FieldLength,IsKey,IsParent,IsMandatory,IsTranslated,IsIdentifier,SeqNo,IsEncrypted,AD_Reference_ID,AD_Client_ID,AD_Org_ID,IsActive,Created,CreatedBy,Updated,UpdatedBy,AD_Element_ID,IsUpdateable,IsSelectionColumn,EntityType,IsSyncDatabase,IsAlwaysUpdateable,IsAutocomplete,IsAllowLogging,AD_Column_UU,IsAllowCopy,SeqNoSelection,IsToolbarButton,IsSecure,FKConstraintName,FKConstraintType) VALUES (212107,0,'Organization','Organizational entity within client','An organization is a unit of your client or legal entity - examples are store, department. You can share data between organizations.',200171,104,'AD_Org_ID','@#AD_Org_ID@',22,'N','N','N','N','N',0,'N',19,0,0,'Y',TO_DATE('2015-04-06 18:42:42','YYYY-MM-DD HH24:MI:SS'),100,TO_DATE('2015-04-06 18:42:42','YYYY-MM-DD HH24:MI:SS'),100,113,'N','N','D','Y','N','N','N','8c9cd3ea-f1fb-454e-8f11-32333752e7f0','N',0,'N','N','ADOrg_ADPasswordHistory','N')
;
-- Apr 6, 2015 6:42:42 PM ICT
ALTER TABLE AD_Password_History ADD AD_Org_ID NUMBER(10) DEFAULT NULL
;
-- Apr 6, 2015 6:42:42 PM ICT
INSERT INTO AD_Column (AD_Column_ID,Version,Name,Description,Help,AD_Table_ID,ColumnName,FieldLength,IsKey,IsParent,IsMandatory,IsTranslated,IsIdentifier,SeqNo,IsEncrypted,AD_Reference_ID,AD_Client_ID,AD_Org_ID,IsActive,Created,CreatedBy,Updated,UpdatedBy,AD_Element_ID,IsUpdateable,IsSelectionColumn,EntityType,IsSyncDatabase,IsAlwaysUpdateable,IsAutocomplete,IsAllowLogging,AD_Column_UU,IsAllowCopy,SeqNoSelection,IsToolbarButton,IsSecure,FKConstraintName,FKConstraintType) VALUES (212108,0,'User/Contact','User within the system - Internal or Business Partner Contact','The User identifies a unique user in the system. This could be an internal user or a business partner contact',200171,'AD_User_ID',22,'N','N','N','N','N',0,'N',30,0,0,'Y',TO_DATE('2015-04-06 18:42:42','YYYY-MM-DD HH24:MI:SS'),100,TO_DATE('2015-04-06 18:42:42','YYYY-MM-DD HH24:MI:SS'),100,138,'N','N','D','Y','N','N','N','7a7ebfcb-87e0-4550-9124-f2e109bfaa4c','N',0,'N','N','ADUser_ADPasswordHistory','N')
;
-- Apr 6, 2015 6:42:42 PM ICT
ALTER TABLE AD_Password_History ADD AD_User_ID NUMBER(10) DEFAULT NULL
;
-- Apr 6, 2015 6:42:42 PM ICT
INSERT INTO AD_Column (AD_Column_ID,Version,Name,Description,Help,AD_Table_ID,ColumnName,FieldLength,IsKey,IsParent,IsMandatory,IsTranslated,IsIdentifier,SeqNo,IsEncrypted,AD_Reference_ID,AD_Client_ID,AD_Org_ID,IsActive,Created,CreatedBy,Updated,UpdatedBy,AD_Element_ID,IsUpdateable,IsSelectionColumn,EntityType,IsSyncDatabase,IsAlwaysUpdateable,IsAutocomplete,IsAllowLogging,AD_Column_UU,IsAllowCopy,SeqNoSelection,IsToolbarButton,IsSecure,FKConstraintType) VALUES (212109,0,'Password','Password of any length (case sensitive)','The Password for this User. Passwords are required to identify authorized users. For iDempiere Users, you can change the password via the Process "Reset Password".',200171,'Password',1024,'N','N','N','N','N',0,'N',10,0,0,'Y',TO_DATE('2015-04-06 18:42:42','YYYY-MM-DD HH24:MI:SS'),100,TO_DATE('2015-04-06 18:42:42','YYYY-MM-DD HH24:MI:SS'),100,498,'Y','N','D','Y','N','N','Y','ce12dd69-6a4f-403f-9637-683cbdd6f2f8','Y',0,'N','N','N')
;
-- Apr 6, 2015 6:42:42 PM ICT
ALTER TABLE AD_Password_History ADD Password VARCHAR2(1024) DEFAULT NULL
;
-- Apr 6, 2015 6:42:42 PM ICT
INSERT INTO AD_Column (AD_Column_ID,Version,Name,Description,AD_Table_ID,ColumnName,FieldLength,IsKey,IsParent,IsMandatory,IsTranslated,IsIdentifier,SeqNo,IsEncrypted,AD_Reference_ID,AD_Client_ID,AD_Org_ID,IsActive,Created,CreatedBy,Updated,UpdatedBy,AD_Element_ID,IsUpdateable,IsSelectionColumn,EntityType,IsSyncDatabase,IsAlwaysUpdateable,IsAutocomplete,IsAllowLogging,AD_Column_UU,IsAllowCopy,SeqNoSelection,IsToolbarButton,IsSecure,FKConstraintType) VALUES (212110,0,'Salt','Random data added to improve password hash effectiveness',200171,'Salt',16,'N','N','N','N','N',0,'N',10,0,0,'Y',TO_DATE('2015-04-06 18:42:42','YYYY-MM-DD HH24:MI:SS'),100,TO_DATE('2015-04-06 18:42:42','YYYY-MM-DD HH24:MI:SS'),100,55218,'N','N','D','Y','N','N','Y','d24dd208-ea40-4e5d-ba95-fed28420e342','Y',0,'N','N','N')
;
-- Apr 6, 2015 6:42:42 PM ICT
ALTER TABLE AD_Password_History ADD Salt VARCHAR2(16) DEFAULT NULL
;
-- Apr 6, 2015 6:42:42 PM ICT
INSERT INTO AD_Column (AD_Column_ID,Version,Name,AD_Table_ID,ColumnName,FieldLength,IsKey,IsParent,IsMandatory,IsTranslated,IsIdentifier,SeqNo,IsEncrypted,AD_Reference_ID,AD_Client_ID,AD_Org_ID,IsActive,Created,CreatedBy,Updated,UpdatedBy,AD_Element_ID,IsUpdateable,IsSelectionColumn,EntityType,IsSyncDatabase,IsAlwaysUpdateable,IsAutocomplete,IsAllowLogging,AD_Column_UU,IsAllowCopy,SeqNoSelection,IsToolbarButton,IsSecure,FKConstraintType) VALUES (212111,0,'Date Password Changed',200171,'DatePasswordChanged',7,'N','N','N','N','N',0,'N',15,0,0,'Y',TO_DATE('2015-04-06 18:42:42','YYYY-MM-DD HH24:MI:SS'),100,TO_DATE('2015-04-06 18:42:42','YYYY-MM-DD HH24:MI:SS'),100,200114,'Y','N','D','Y','N','N','N','b01a8cde-f959-4364-ab89-d43d7382b504','Y',0,'N','N','N')
;
-- Apr 6, 2015 6:42:42 PM ICT
ALTER TABLE AD_Password_History ADD DatePasswordChanged DATE DEFAULT NULL
;
-- Apr 6, 2015 6:42:42 PM ICT
INSERT INTO AD_Element (AD_Element_ID,AD_Client_ID,AD_Org_ID,IsActive,Created,CreatedBy,Updated,UpdatedBy,ColumnName,Name,PrintName,EntityType,AD_Element_UU) VALUES (202870,0,0,'Y',TO_DATE('2015-04-06 18:42:42','YYYY-MM-DD HH24:MI:SS'),100,TO_DATE('2015-04-06 18:42:42','YYYY-MM-DD HH24:MI:SS'),100,'AD_Password_History_UU','AD_Password_History_UU','AD_Password_History_UU','D','aea756f7-adec-4785-b603-d21266aa745b')
;
-- Apr 6, 2015 6:42:42 PM ICT
INSERT INTO AD_Column (AD_Column_ID,Version,Name,AD_Table_ID,ColumnName,FieldLength,IsKey,IsParent,IsMandatory,IsTranslated,IsIdentifier,SeqNo,IsEncrypted,AD_Reference_ID,AD_Client_ID,AD_Org_ID,IsActive,Created,CreatedBy,Updated,UpdatedBy,AD_Element_ID,IsUpdateable,IsSelectionColumn,EntityType,IsSyncDatabase,IsAlwaysUpdateable,IsAutocomplete,IsAllowLogging,AD_Column_UU,IsAllowCopy,SeqNoSelection,IsToolbarButton,IsSecure,FKConstraintType) VALUES (212112,0,'AD_Password_History_UU',200171,'AD_Password_History_UU',36,'N','N','N','N','N',0,'N',10,0,0,'Y',TO_DATE('2015-04-06 18:42:42','YYYY-MM-DD HH24:MI:SS'),100,TO_DATE('2015-04-06 18:42:42','YYYY-MM-DD HH24:MI:SS'),100,202870,'N','N','D','Y','N','N','N','d0d514cb-4c02-441b-b8d5-93326e6b12c9','N',0,'N','N','N')
;
-- Apr 6, 2015 6:42:42 PM ICT
ALTER TABLE AD_Password_History ADD AD_Password_History_UU VARCHAR2(36) DEFAULT NULL
;
-- Apr 6, 2015 6:42:42 PM ICT
ALTER TABLE AD_Password_History ADD CONSTRAINT AD_Password_History_UU_idx UNIQUE (AD_Password_History_UU)
;
-- Apr 6, 2015 6:42:43 PM ICT
INSERT INTO AD_TableIndex (AD_Client_ID,AD_Org_ID,AD_TableIndex_ID,AD_TableIndex_UU,Created,CreatedBy,EntityType,IsActive,Name,Updated,UpdatedBy,AD_Table_ID,IsCreateConstraint,IsUnique,Processing,TableIndexDrop,IsKey) VALUES (0,0,201031,'ff68b691-ab99-4e65-886c-93b2741fade4',TO_DATE('2015-04-06 18:42:43','YYYY-MM-DD HH24:MI:SS'),100,'D','Y','AD_Password_History_Password_uu_idx',TO_DATE('2015-04-06 18:42:43','YYYY-MM-DD HH24:MI:SS'),100,200171,'N','Y','N','N','N')
;
-- Apr 6, 2015 6:42:43 PM ICT
INSERT INTO AD_IndexColumn (AD_Client_ID,AD_Org_ID,AD_IndexColumn_ID,AD_IndexColumn_UU,Created,CreatedBy,EntityType,IsActive,Updated,UpdatedBy,AD_Column_ID,AD_TableIndex_ID,SeqNo) VALUES (0,0,201256,'94ca3aa6-d1d5-4481-b787-d7f44297b71a',TO_DATE('2015-04-06 18:42:43','YYYY-MM-DD HH24:MI:SS'),100,'D','Y',TO_DATE('2015-04-06 18:42:43','YYYY-MM-DD HH24:MI:SS'),100,212112,201031,0)
;
-- Apr 6, 2015 6:42:43 PM ICT
CREATE UNIQUE INDEX AD_Password_History_Password_uu_idx ON AD_Password_History (AD_Password_History_UU)
;
-- Apr 6, 2015 6:42:43 PM ICT
INSERT INTO AD_Element (AD_Element_ID,AD_Client_ID,AD_Org_ID,IsActive,Created,CreatedBy,Updated,UpdatedBy,ColumnName,Name,Description,Help,PrintName,EntityType,AD_Element_UU) VALUES (202868,0,0,'Y',TO_DATE('2015-04-06 18:42:43','YYYY-MM-DD HH24:MI:SS'),100,TO_DATE('2015-04-06 18:42:43','YYYY-MM-DD HH24:MI:SS'),100,'Days_Reuse_Password','Days Reuse Password','Define number of day can reuser password','Each time change password, old password keep in history
Example this value = 60. user can''t reuse password in history has age < 60
','Days Reuse Password','U','7f28c4dd-e1fb-41d6-a8b7-de18c205e6ac')
;
-- Apr 6, 2015 6:42:43 PM ICT
INSERT INTO AD_Column (AD_Column_ID,Version,Name,Description,Help,AD_Table_ID,ColumnName,FieldLength,IsKey,IsParent,IsMandatory,IsTranslated,IsIdentifier,SeqNo,IsEncrypted,AD_Reference_ID,AD_Client_ID,AD_Org_ID,IsActive,Created,CreatedBy,Updated,UpdatedBy,AD_Element_ID,IsUpdateable,IsSelectionColumn,EntityType,IsSyncDatabase,IsAlwaysUpdateable,IsAutocomplete,IsAllowLogging,AD_Column_UU,IsAllowCopy,SeqNoSelection,IsToolbarButton,IsSecure,FKConstraintType) VALUES (212098,0,'Days Reuse Password','Define number of day can reuser password','Each time change password, old password keep in history
Example this value = 60. user can''t reuse password in history has age < 60
',200005,'Days_Reuse_Password',10,'N','N','N','N','N',0,'N',11,0,0,'Y',TO_DATE('2015-04-06 18:42:43','YYYY-MM-DD HH24:MI:SS'),100,TO_DATE('2015-04-06 18:42:43','YYYY-MM-DD HH24:MI:SS'),100,202868,'Y','N','D','Y','N','N','Y','57073b2e-e457-4445-96fd-4390d48fdd20','Y',0,'N','N','N')
;
-- Apr 6, 2015 6:42:43 PM ICT
ALTER TABLE AD_PasswordRule ADD Days_Reuse_Password NUMBER(10) DEFAULT NULL
;
-- Apr 6, 2015 6:42:43 PM ICT
UPDATE AD_Field SET SeqNo=0,Updated=TO_DATE('2015-04-06 18:42:43','YYYY-MM-DD HH24:MI:SS'),UpdatedBy=100 WHERE AD_Field_ID=200075
;
-- Apr 6, 2015 6:42:43 PM ICT
INSERT INTO AD_Field (AD_Field_ID,Name,Description,Help,AD_Tab_ID,AD_Column_ID,IsDisplayed,DisplayLength,SeqNo,SortNo,IsSameLine,IsHeading,IsFieldOnly,IsEncrypted,AD_Client_ID,AD_Org_ID,IsActive,Created,CreatedBy,Updated,UpdatedBy,IsReadOnly,IsCentrallyMaintained,EntityType,AD_Field_UU,IsDisplayedGrid,SeqNoGrid,XPosition,ColumnSpan,NumLines,IsQuickEntry,IsDefaultFocus,IsAdvancedField) VALUES (203782,'Days Reuse Password','Define number of day can reuser password','Each time change password, old password keep in history
Example this value = 60. user can''t reuse password in history has age < 60
',200004,212098,'Y',0,150,0,'N','N','N','N',0,0,'Y',TO_DATE('2015-04-06 18:42:43','YYYY-MM-DD HH24:MI:SS'),100,TO_DATE('2015-04-06 18:42:43','YYYY-MM-DD HH24:MI:SS'),100,'N','Y','D','8585820b-9be4-4161-8d96-10a05ed80b10','Y',220,1,2,1,'N','N','N')
;
-- Apr 6, 2015 6:42:43 PM ICT
UPDATE AD_Field SET SeqNo=160,Updated=TO_DATE('2015-04-06 18:42:43','YYYY-MM-DD HH24:MI:SS'),UpdatedBy=100 WHERE AD_Field_ID=200090
;
-- Apr 6, 2015 6:42:43 PM ICT
UPDATE AD_Field SET SeqNo=170,Updated=TO_DATE('2015-04-06 18:42:43','YYYY-MM-DD HH24:MI:SS'),UpdatedBy=100 WHERE AD_Field_ID=200094
;
-- Apr 6, 2015 6:42:43 PM ICT
UPDATE AD_Field SET SeqNo=180,Updated=TO_DATE('2015-04-06 18:42:43','YYYY-MM-DD HH24:MI:SS'),UpdatedBy=100 WHERE AD_Field_ID=200093
;
-- Apr 6, 2015 6:42:43 PM ICT
UPDATE AD_Field SET SeqNo=190,Updated=TO_DATE('2015-04-06 18:42:43','YYYY-MM-DD HH24:MI:SS'),UpdatedBy=100 WHERE AD_Field_ID=200079
;
-- Apr 6, 2015 6:42:43 PM ICT
UPDATE AD_Field SET IsActive='N',Updated=TO_DATE('2015-04-06 18:42:43','YYYY-MM-DD HH24:MI:SS'),UpdatedBy=100 WHERE AD_Field_ID=200080
;
-- Apr 6, 2015 6:42:43 PM ICT
UPDATE AD_Field SET SeqNo=200,Updated=TO_DATE('2015-04-06 18:42:43','YYYY-MM-DD HH24:MI:SS'),UpdatedBy=100 WHERE AD_Field_ID=200254
;
SELECT register_migration_script('201504061605-IDEMPIERE-2558.sql') FROM dual
;

View File

@ -0,0 +1,149 @@
-- I forgot to set the DICTIONARY_ID_COMMENTS System Configurator
-- Apr 6, 2015 6:42:41 PM ICT
INSERT INTO AD_Table (AD_Table_ID,Name,Help,TableName,LoadSeq,AccessLevel,AD_Client_ID,AD_Org_ID,IsActive,Created,CreatedBy,Updated,UpdatedBy,IsSecurityEnabled,IsDeleteable,IsHighVolume,IsView,EntityType,ImportTable,IsChangeLog,ReplicationType,CopyColumnsFromTable,IsCentrallyMaintained,AD_Table_UU,Processing,DatabaseViewDrop) VALUES (200171,'Password History ID','Save password history to void user from reuse it for time range','AD_Password_History',0,'4',0,0,'Y',TO_TIMESTAMP('2015-04-06 18:42:41','YYYY-MM-DD HH24:MI:SS'),100,TO_TIMESTAMP('2015-04-06 18:42:41','YYYY-MM-DD HH24:MI:SS'),100,'N','Y','N','N','D','N','N','L','N','Y','49da1460-ff37-4f00-9ace-97bdf44db0ad','N','N')
;
-- Apr 6, 2015 6:42:42 PM ICT
INSERT INTO AD_Sequence (Name,CurrentNext,IsAudited,StartNewYear,Description,IsActive,IsTableID,AD_Client_ID,AD_Org_ID,Created,CreatedBy,Updated,UpdatedBy,AD_Sequence_ID,IsAutoSequence,StartNo,IncrementNo,CurrentNextSys,AD_Sequence_UU) VALUES ('AD_Password_History',1000000,'N','N','Table AD_Password_History','Y','Y',0,0,TO_TIMESTAMP('2015-04-06 18:42:41','YYYY-MM-DD HH24:MI:SS'),100,TO_TIMESTAMP('2015-04-06 18:42:41','YYYY-MM-DD HH24:MI:SS'),100,200228,'Y',1000000,1,200000,'1a1cc6c7-d4ed-469f-91e6-42c4dff8a0fc')
;
-- Apr 6, 2015 6:42:42 PM ICT
INSERT INTO AD_Element (AD_Element_ID,AD_Client_ID,AD_Org_ID,IsActive,Created,CreatedBy,Updated,UpdatedBy,ColumnName,Name,PrintName,EntityType,AD_Element_UU) VALUES (202871,0,0,'Y',TO_TIMESTAMP('2015-04-06 18:42:42','YYYY-MM-DD HH24:MI:SS'),100,TO_TIMESTAMP('2015-04-06 18:42:42','YYYY-MM-DD HH24:MI:SS'),100,'AD_Password_History_ID','Password History ID','PasswordHistoryID','D','485e98ad-d7ba-4ce5-9569-09dd0d02ed46')
;
-- Apr 6, 2015 6:42:42 PM ICT
INSERT INTO AD_Column (AD_Column_ID,Version,Name,AD_Table_ID,ColumnName,FieldLength,IsKey,IsParent,IsMandatory,IsTranslated,IsIdentifier,SeqNo,IsEncrypted,AD_Reference_ID,AD_Client_ID,AD_Org_ID,IsActive,Created,CreatedBy,Updated,UpdatedBy,AD_Element_ID,IsUpdateable,IsSelectionColumn,EntityType,IsSyncDatabase,IsAlwaysUpdateable,IsAutocomplete,IsAllowLogging,AD_Column_UU,IsAllowCopy,SeqNoSelection,IsToolbarButton,IsSecure,FKConstraintType) VALUES (212113,0,'Password History ID',200171,'AD_Password_History_ID',22,'Y','N','N','N','N',0,'N',13,0,0,'Y',TO_TIMESTAMP('2015-04-06 18:42:42','YYYY-MM-DD HH24:MI:SS'),100,TO_TIMESTAMP('2015-04-06 18:42:42','YYYY-MM-DD HH24:MI:SS'),100,202871,'N','N','D','Y','N','N','Y','991d817c-bb9d-425b-af2d-97db8c5617fd','N',0,'N','N','N')
;
-- Apr 6, 2015 6:42:42 PM ICT
CREATE TABLE AD_Password_History (AD_Password_History_ID NUMERIC(10) DEFAULT NULL , CONSTRAINT AD_Password_History_Key PRIMARY KEY (AD_Password_History_ID))
;
-- Apr 6, 2015 6:42:42 PM ICT
INSERT INTO AD_Column (AD_Column_ID,Version,Name,Description,Help,AD_Table_ID,AD_Val_Rule_ID,ColumnName,DefaultValue,FieldLength,IsKey,IsParent,IsMandatory,IsTranslated,IsIdentifier,SeqNo,IsEncrypted,AD_Reference_ID,AD_Client_ID,AD_Org_ID,IsActive,Created,CreatedBy,Updated,UpdatedBy,AD_Element_ID,IsUpdateable,IsSelectionColumn,EntityType,IsSyncDatabase,IsAlwaysUpdateable,IsAutocomplete,IsAllowLogging,AD_Column_UU,IsAllowCopy,SeqNoSelection,IsToolbarButton,IsSecure,FKConstraintName,FKConstraintType) VALUES (212106,0,'Client','Client/Tenant for this installation.','A Client is a company or a legal entity. You cannot share data between Clients. Tenant is a synonym for Client.',200171,129,'AD_Client_ID','@#AD_Client_ID@',22,'N','N','N','N','N',0,'N',19,0,0,'Y',TO_TIMESTAMP('2015-04-06 18:42:42','YYYY-MM-DD HH24:MI:SS'),100,TO_TIMESTAMP('2015-04-06 18:42:42','YYYY-MM-DD HH24:MI:SS'),100,102,'N','N','D','Y','N','N','N','a7778717-650f-4298-b050-bffbae429272','N',0,'N','N','ADClient_ADPasswordHistory','N')
;
-- Apr 6, 2015 6:42:42 PM ICT
ALTER TABLE AD_Password_History ADD COLUMN AD_Client_ID NUMERIC(10) DEFAULT NULL
;
-- Apr 6, 2015 6:42:42 PM ICT
INSERT INTO AD_Column (AD_Column_ID,Version,Name,Description,Help,AD_Table_ID,AD_Val_Rule_ID,ColumnName,DefaultValue,FieldLength,IsKey,IsParent,IsMandatory,IsTranslated,IsIdentifier,SeqNo,IsEncrypted,AD_Reference_ID,AD_Client_ID,AD_Org_ID,IsActive,Created,CreatedBy,Updated,UpdatedBy,AD_Element_ID,IsUpdateable,IsSelectionColumn,EntityType,IsSyncDatabase,IsAlwaysUpdateable,IsAutocomplete,IsAllowLogging,AD_Column_UU,IsAllowCopy,SeqNoSelection,IsToolbarButton,IsSecure,FKConstraintName,FKConstraintType) VALUES (212107,0,'Organization','Organizational entity within client','An organization is a unit of your client or legal entity - examples are store, department. You can share data between organizations.',200171,104,'AD_Org_ID','@#AD_Org_ID@',22,'N','N','N','N','N',0,'N',19,0,0,'Y',TO_TIMESTAMP('2015-04-06 18:42:42','YYYY-MM-DD HH24:MI:SS'),100,TO_TIMESTAMP('2015-04-06 18:42:42','YYYY-MM-DD HH24:MI:SS'),100,113,'N','N','D','Y','N','N','N','8c9cd3ea-f1fb-454e-8f11-32333752e7f0','N',0,'N','N','ADOrg_ADPasswordHistory','N')
;
-- Apr 6, 2015 6:42:42 PM ICT
ALTER TABLE AD_Password_History ADD COLUMN AD_Org_ID NUMERIC(10) DEFAULT NULL
;
-- Apr 6, 2015 6:42:42 PM ICT
INSERT INTO AD_Column (AD_Column_ID,Version,Name,Description,Help,AD_Table_ID,ColumnName,FieldLength,IsKey,IsParent,IsMandatory,IsTranslated,IsIdentifier,SeqNo,IsEncrypted,AD_Reference_ID,AD_Client_ID,AD_Org_ID,IsActive,Created,CreatedBy,Updated,UpdatedBy,AD_Element_ID,IsUpdateable,IsSelectionColumn,EntityType,IsSyncDatabase,IsAlwaysUpdateable,IsAutocomplete,IsAllowLogging,AD_Column_UU,IsAllowCopy,SeqNoSelection,IsToolbarButton,IsSecure,FKConstraintName,FKConstraintType) VALUES (212108,0,'User/Contact','User within the system - Internal or Business Partner Contact','The User identifies a unique user in the system. This could be an internal user or a business partner contact',200171,'AD_User_ID',22,'N','N','N','N','N',0,'N',30,0,0,'Y',TO_TIMESTAMP('2015-04-06 18:42:42','YYYY-MM-DD HH24:MI:SS'),100,TO_TIMESTAMP('2015-04-06 18:42:42','YYYY-MM-DD HH24:MI:SS'),100,138,'N','N','D','Y','N','N','N','7a7ebfcb-87e0-4550-9124-f2e109bfaa4c','N',0,'N','N','ADUser_ADPasswordHistory','N')
;
-- Apr 6, 2015 6:42:42 PM ICT
ALTER TABLE AD_Password_History ADD COLUMN AD_User_ID NUMERIC(10) DEFAULT NULL
;
-- Apr 6, 2015 6:42:42 PM ICT
INSERT INTO AD_Column (AD_Column_ID,Version,Name,Description,Help,AD_Table_ID,ColumnName,FieldLength,IsKey,IsParent,IsMandatory,IsTranslated,IsIdentifier,SeqNo,IsEncrypted,AD_Reference_ID,AD_Client_ID,AD_Org_ID,IsActive,Created,CreatedBy,Updated,UpdatedBy,AD_Element_ID,IsUpdateable,IsSelectionColumn,EntityType,IsSyncDatabase,IsAlwaysUpdateable,IsAutocomplete,IsAllowLogging,AD_Column_UU,IsAllowCopy,SeqNoSelection,IsToolbarButton,IsSecure,FKConstraintType) VALUES (212109,0,'Password','Password of any length (case sensitive)','The Password for this User. Passwords are required to identify authorized users. For iDempiere Users, you can change the password via the Process "Reset Password".',200171,'Password',1024,'N','N','N','N','N',0,'N',10,0,0,'Y',TO_TIMESTAMP('2015-04-06 18:42:42','YYYY-MM-DD HH24:MI:SS'),100,TO_TIMESTAMP('2015-04-06 18:42:42','YYYY-MM-DD HH24:MI:SS'),100,498,'Y','N','D','Y','N','N','Y','ce12dd69-6a4f-403f-9637-683cbdd6f2f8','Y',0,'N','N','N')
;
-- Apr 6, 2015 6:42:42 PM ICT
ALTER TABLE AD_Password_History ADD COLUMN Password VARCHAR(1024) DEFAULT NULL
;
-- Apr 6, 2015 6:42:42 PM ICT
INSERT INTO AD_Column (AD_Column_ID,Version,Name,Description,AD_Table_ID,ColumnName,FieldLength,IsKey,IsParent,IsMandatory,IsTranslated,IsIdentifier,SeqNo,IsEncrypted,AD_Reference_ID,AD_Client_ID,AD_Org_ID,IsActive,Created,CreatedBy,Updated,UpdatedBy,AD_Element_ID,IsUpdateable,IsSelectionColumn,EntityType,IsSyncDatabase,IsAlwaysUpdateable,IsAutocomplete,IsAllowLogging,AD_Column_UU,IsAllowCopy,SeqNoSelection,IsToolbarButton,IsSecure,FKConstraintType) VALUES (212110,0,'Salt','Random data added to improve password hash effectiveness',200171,'Salt',16,'N','N','N','N','N',0,'N',10,0,0,'Y',TO_TIMESTAMP('2015-04-06 18:42:42','YYYY-MM-DD HH24:MI:SS'),100,TO_TIMESTAMP('2015-04-06 18:42:42','YYYY-MM-DD HH24:MI:SS'),100,55218,'N','N','D','Y','N','N','Y','d24dd208-ea40-4e5d-ba95-fed28420e342','Y',0,'N','N','N')
;
-- Apr 6, 2015 6:42:42 PM ICT
ALTER TABLE AD_Password_History ADD COLUMN Salt VARCHAR(16) DEFAULT NULL
;
-- Apr 6, 2015 6:42:42 PM ICT
INSERT INTO AD_Column (AD_Column_ID,Version,Name,AD_Table_ID,ColumnName,FieldLength,IsKey,IsParent,IsMandatory,IsTranslated,IsIdentifier,SeqNo,IsEncrypted,AD_Reference_ID,AD_Client_ID,AD_Org_ID,IsActive,Created,CreatedBy,Updated,UpdatedBy,AD_Element_ID,IsUpdateable,IsSelectionColumn,EntityType,IsSyncDatabase,IsAlwaysUpdateable,IsAutocomplete,IsAllowLogging,AD_Column_UU,IsAllowCopy,SeqNoSelection,IsToolbarButton,IsSecure,FKConstraintType) VALUES (212111,0,'Date Password Changed',200171,'DatePasswordChanged',7,'N','N','N','N','N',0,'N',15,0,0,'Y',TO_TIMESTAMP('2015-04-06 18:42:42','YYYY-MM-DD HH24:MI:SS'),100,TO_TIMESTAMP('2015-04-06 18:42:42','YYYY-MM-DD HH24:MI:SS'),100,200114,'Y','N','D','Y','N','N','N','b01a8cde-f959-4364-ab89-d43d7382b504','Y',0,'N','N','N')
;
-- Apr 6, 2015 6:42:42 PM ICT
ALTER TABLE AD_Password_History ADD COLUMN DatePasswordChanged TIMESTAMP DEFAULT NULL
;
-- Apr 6, 2015 6:42:42 PM ICT
INSERT INTO AD_Element (AD_Element_ID,AD_Client_ID,AD_Org_ID,IsActive,Created,CreatedBy,Updated,UpdatedBy,ColumnName,Name,PrintName,EntityType,AD_Element_UU) VALUES (202870,0,0,'Y',TO_TIMESTAMP('2015-04-06 18:42:42','YYYY-MM-DD HH24:MI:SS'),100,TO_TIMESTAMP('2015-04-06 18:42:42','YYYY-MM-DD HH24:MI:SS'),100,'AD_Password_History_UU','AD_Password_History_UU','AD_Password_History_UU','D','aea756f7-adec-4785-b603-d21266aa745b')
;
-- Apr 6, 2015 6:42:42 PM ICT
INSERT INTO AD_Column (AD_Column_ID,Version,Name,AD_Table_ID,ColumnName,FieldLength,IsKey,IsParent,IsMandatory,IsTranslated,IsIdentifier,SeqNo,IsEncrypted,AD_Reference_ID,AD_Client_ID,AD_Org_ID,IsActive,Created,CreatedBy,Updated,UpdatedBy,AD_Element_ID,IsUpdateable,IsSelectionColumn,EntityType,IsSyncDatabase,IsAlwaysUpdateable,IsAutocomplete,IsAllowLogging,AD_Column_UU,IsAllowCopy,SeqNoSelection,IsToolbarButton,IsSecure,FKConstraintType) VALUES (212112,0,'AD_Password_History_UU',200171,'AD_Password_History_UU',36,'N','N','N','N','N',0,'N',10,0,0,'Y',TO_TIMESTAMP('2015-04-06 18:42:42','YYYY-MM-DD HH24:MI:SS'),100,TO_TIMESTAMP('2015-04-06 18:42:42','YYYY-MM-DD HH24:MI:SS'),100,202870,'N','N','D','Y','N','N','N','d0d514cb-4c02-441b-b8d5-93326e6b12c9','N',0,'N','N','N')
;
-- Apr 6, 2015 6:42:42 PM ICT
ALTER TABLE AD_Password_History ADD COLUMN AD_Password_History_UU VARCHAR(36) DEFAULT NULL
;
-- Apr 6, 2015 6:42:42 PM ICT
ALTER TABLE AD_Password_History ADD CONSTRAINT AD_Password_History_UU_idx UNIQUE (AD_Password_History_UU)
;
-- Apr 6, 2015 6:42:43 PM ICT
INSERT INTO AD_TableIndex (AD_Client_ID,AD_Org_ID,AD_TableIndex_ID,AD_TableIndex_UU,Created,CreatedBy,EntityType,IsActive,Name,Updated,UpdatedBy,AD_Table_ID,IsCreateConstraint,IsUnique,Processing,TableIndexDrop,IsKey) VALUES (0,0,201031,'ff68b691-ab99-4e65-886c-93b2741fade4',TO_TIMESTAMP('2015-04-06 18:42:43','YYYY-MM-DD HH24:MI:SS'),100,'D','Y','AD_Password_History_Password_uu_idx',TO_TIMESTAMP('2015-04-06 18:42:43','YYYY-MM-DD HH24:MI:SS'),100,200171,'N','Y','N','N','N')
;
-- Apr 6, 2015 6:42:43 PM ICT
INSERT INTO AD_IndexColumn (AD_Client_ID,AD_Org_ID,AD_IndexColumn_ID,AD_IndexColumn_UU,Created,CreatedBy,EntityType,IsActive,Updated,UpdatedBy,AD_Column_ID,AD_TableIndex_ID,SeqNo) VALUES (0,0,201256,'94ca3aa6-d1d5-4481-b787-d7f44297b71a',TO_TIMESTAMP('2015-04-06 18:42:43','YYYY-MM-DD HH24:MI:SS'),100,'D','Y',TO_TIMESTAMP('2015-04-06 18:42:43','YYYY-MM-DD HH24:MI:SS'),100,212112,201031,0)
;
-- Apr 6, 2015 6:42:43 PM ICT
CREATE UNIQUE INDEX AD_Password_History_Password_uu_idx ON AD_Password_History (AD_Password_History_UU)
;
-- Apr 6, 2015 6:42:43 PM ICT
INSERT INTO AD_Element (AD_Element_ID,AD_Client_ID,AD_Org_ID,IsActive,Created,CreatedBy,Updated,UpdatedBy,ColumnName,Name,Description,Help,PrintName,EntityType,AD_Element_UU) VALUES (202868,0,0,'Y',TO_TIMESTAMP('2015-04-06 18:42:43','YYYY-MM-DD HH24:MI:SS'),100,TO_TIMESTAMP('2015-04-06 18:42:43','YYYY-MM-DD HH24:MI:SS'),100,'Days_Reuse_Password','Days Reuse Password','Define number of day can reuser password','Each time change password, old password keep in history
Example this value = 60. user can''t reuse password in history has age < 60
','Days Reuse Password','U','7f28c4dd-e1fb-41d6-a8b7-de18c205e6ac')
;
-- Apr 6, 2015 6:42:43 PM ICT
INSERT INTO AD_Column (AD_Column_ID,Version,Name,Description,Help,AD_Table_ID,ColumnName,FieldLength,IsKey,IsParent,IsMandatory,IsTranslated,IsIdentifier,SeqNo,IsEncrypted,AD_Reference_ID,AD_Client_ID,AD_Org_ID,IsActive,Created,CreatedBy,Updated,UpdatedBy,AD_Element_ID,IsUpdateable,IsSelectionColumn,EntityType,IsSyncDatabase,IsAlwaysUpdateable,IsAutocomplete,IsAllowLogging,AD_Column_UU,IsAllowCopy,SeqNoSelection,IsToolbarButton,IsSecure,FKConstraintType) VALUES (212098,0,'Days Reuse Password','Define number of day can reuser password','Each time change password, old password keep in history
Example this value = 60. user can''t reuse password in history has age < 60
',200005,'Days_Reuse_Password',10,'N','N','N','N','N',0,'N',11,0,0,'Y',TO_TIMESTAMP('2015-04-06 18:42:43','YYYY-MM-DD HH24:MI:SS'),100,TO_TIMESTAMP('2015-04-06 18:42:43','YYYY-MM-DD HH24:MI:SS'),100,202868,'Y','N','D','Y','N','N','Y','57073b2e-e457-4445-96fd-4390d48fdd20','Y',0,'N','N','N')
;
-- Apr 6, 2015 6:42:43 PM ICT
ALTER TABLE AD_PasswordRule ADD COLUMN Days_Reuse_Password NUMERIC(10) DEFAULT NULL
;
-- Apr 6, 2015 6:42:43 PM ICT
UPDATE AD_Field SET SeqNo=0,Updated=TO_TIMESTAMP('2015-04-06 18:42:43','YYYY-MM-DD HH24:MI:SS'),UpdatedBy=100 WHERE AD_Field_ID=200075
;
-- Apr 6, 2015 6:42:43 PM ICT
INSERT INTO AD_Field (AD_Field_ID,Name,Description,Help,AD_Tab_ID,AD_Column_ID,IsDisplayed,DisplayLength,SeqNo,SortNo,IsSameLine,IsHeading,IsFieldOnly,IsEncrypted,AD_Client_ID,AD_Org_ID,IsActive,Created,CreatedBy,Updated,UpdatedBy,IsReadOnly,IsCentrallyMaintained,EntityType,AD_Field_UU,IsDisplayedGrid,SeqNoGrid,XPosition,ColumnSpan,NumLines,IsQuickEntry,IsDefaultFocus,IsAdvancedField) VALUES (203782,'Days Reuse Password','Define number of day can reuser password','Each time change password, old password keep in history
Example this value = 60. user can''t reuse password in history has age < 60
',200004,212098,'Y',0,150,0,'N','N','N','N',0,0,'Y',TO_TIMESTAMP('2015-04-06 18:42:43','YYYY-MM-DD HH24:MI:SS'),100,TO_TIMESTAMP('2015-04-06 18:42:43','YYYY-MM-DD HH24:MI:SS'),100,'N','Y','D','8585820b-9be4-4161-8d96-10a05ed80b10','Y',220,1,2,1,'N','N','N')
;
-- Apr 6, 2015 6:42:43 PM ICT
UPDATE AD_Field SET SeqNo=160,Updated=TO_TIMESTAMP('2015-04-06 18:42:43','YYYY-MM-DD HH24:MI:SS'),UpdatedBy=100 WHERE AD_Field_ID=200090
;
-- Apr 6, 2015 6:42:43 PM ICT
UPDATE AD_Field SET SeqNo=170,Updated=TO_TIMESTAMP('2015-04-06 18:42:43','YYYY-MM-DD HH24:MI:SS'),UpdatedBy=100 WHERE AD_Field_ID=200094
;
-- Apr 6, 2015 6:42:43 PM ICT
UPDATE AD_Field SET SeqNo=180,Updated=TO_TIMESTAMP('2015-04-06 18:42:43','YYYY-MM-DD HH24:MI:SS'),UpdatedBy=100 WHERE AD_Field_ID=200093
;
-- Apr 6, 2015 6:42:43 PM ICT
UPDATE AD_Field SET SeqNo=190,Updated=TO_TIMESTAMP('2015-04-06 18:42:43','YYYY-MM-DD HH24:MI:SS'),UpdatedBy=100 WHERE AD_Field_ID=200079
;
-- Apr 6, 2015 6:42:43 PM ICT
UPDATE AD_Field SET IsActive='N',Updated=TO_TIMESTAMP('2015-04-06 18:42:43','YYYY-MM-DD HH24:MI:SS'),UpdatedBy=100 WHERE AD_Field_ID=200080
;
-- Apr 6, 2015 6:42:43 PM ICT
UPDATE AD_Field SET SeqNo=200,Updated=TO_TIMESTAMP('2015-04-06 18:42:43','YYYY-MM-DD HH24:MI:SS'),UpdatedBy=100 WHERE AD_Field_ID=200254
;
SELECT register_migration_script('201504061605-IDEMPIERE-2558.sql') FROM dual
;

View File

@ -122,6 +122,19 @@ public interface I_AD_PasswordRule
*/ */
public int getCreatedBy(); public int getCreatedBy();
/** Column name Days_Reuse_Password */
public static final String COLUMNNAME_Days_Reuse_Password = "Days_Reuse_Password";
/** Set Days Reuse Password.
* Define number of day can reuser password
*/
public void setDays_Reuse_Password (int Days_Reuse_Password);
/** Get Days Reuse Password.
* Define number of day can reuser password
*/
public int getDays_Reuse_Password();
/** Column name DictWordLength */ /** Column name DictWordLength */
public static final String COLUMNNAME_DictWordLength = "DictWordLength"; public static final String COLUMNNAME_DictWordLength = "DictWordLength";

View File

@ -0,0 +1,132 @@
/******************************************************************************
* Product: iDempiere ERP & CRM Smart Business Solution *
* Copyright (C) 1999-2012 ComPiere, Inc. All Rights Reserved. *
* This program is free software, you can redistribute it and/or modify it *
* under the terms version 2 of the GNU General Public License as published *
* by the Free Software Foundation. This program is distributed in the hope *
* that it will be useful, but WITHOUT ANY WARRANTY, without even the implied *
* warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. *
* See the GNU General Public License for more details. *
* You should have received a copy of the GNU General Public License along *
* with this program, if not, write to the Free Software Foundation, Inc., *
* 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA. *
* For the text or an alternative of this public license, you may reach us *
* ComPiere, Inc., 2620 Augustine Dr. #245, Santa Clara, CA 95054, USA *
* or via info@compiere.org or http://www.compiere.org/license.html *
*****************************************************************************/
package org.compiere.model;
import java.math.BigDecimal;
import java.sql.Timestamp;
import org.compiere.util.KeyNamePair;
/** Generated Interface for AD_Password_History
* @author iDempiere (generated)
* @version Release 2.1
*/
public interface I_AD_Password_History
{
/** TableName=AD_Password_History */
public static final String Table_Name = "AD_Password_History";
/** AD_Table_ID=200171 */
public static final int Table_ID = 200171;
KeyNamePair Model = new KeyNamePair(Table_ID, Table_Name);
/** AccessLevel = 4 - System
*/
BigDecimal accessLevel = BigDecimal.valueOf(4);
/** Load Meta Data */
/** Column name AD_Client_ID */
public static final String COLUMNNAME_AD_Client_ID = "AD_Client_ID";
/** Get Client.
* Client/Tenant for this installation.
*/
public int getAD_Client_ID();
/** Column name AD_Org_ID */
public static final String COLUMNNAME_AD_Org_ID = "AD_Org_ID";
/** Set Organization.
* Organizational entity within client
*/
public void setAD_Org_ID (int AD_Org_ID);
/** Get Organization.
* Organizational entity within client
*/
public int getAD_Org_ID();
/** Column name AD_Password_History_ID */
public static final String COLUMNNAME_AD_Password_History_ID = "AD_Password_History_ID";
/** Set Password History ID */
public void setAD_Password_History_ID (int AD_Password_History_ID);
/** Get Password History ID */
public int getAD_Password_History_ID();
/** Column name AD_Password_History_UU */
public static final String COLUMNNAME_AD_Password_History_UU = "AD_Password_History_UU";
/** Set AD_Password_History_UU */
public void setAD_Password_History_UU (String AD_Password_History_UU);
/** Get AD_Password_History_UU */
public String getAD_Password_History_UU();
/** Column name AD_User_ID */
public static final String COLUMNNAME_AD_User_ID = "AD_User_ID";
/** Set User/Contact.
* User within the system - Internal or Business Partner Contact
*/
public void setAD_User_ID (int AD_User_ID);
/** Get User/Contact.
* User within the system - Internal or Business Partner Contact
*/
public int getAD_User_ID();
public org.compiere.model.I_AD_User getAD_User() throws RuntimeException;
/** Column name DatePasswordChanged */
public static final String COLUMNNAME_DatePasswordChanged = "DatePasswordChanged";
/** Set Date Password Changed */
public void setDatePasswordChanged (Timestamp DatePasswordChanged);
/** Get Date Password Changed */
public Timestamp getDatePasswordChanged();
/** Column name Password */
public static final String COLUMNNAME_Password = "Password";
/** Set Password.
* Password of any length (case sensitive)
*/
public void setPassword (String Password);
/** Get Password.
* Password of any length (case sensitive)
*/
public String getPassword();
/** Column name Salt */
public static final String COLUMNNAME_Salt = "Salt";
/** Set Salt.
* Random data added to improve password hash effectiveness
*/
public void setSalt (String Salt);
/** Get Salt.
* Random data added to improve password hash effectiveness
*/
public String getSalt();
}

View File

@ -0,0 +1,58 @@
package org.compiere.model;
import java.sql.ResultSet;
import java.util.List;
import java.util.Properties;
import org.compiere.util.Env;
public class MPasswordHistory extends X_AD_Password_History {
/**
*
*/
private static final long serialVersionUID = 3480028808276906947L;
public MPasswordHistory(Properties ctx, int AD_Password_History_ID,
String trxName) {
super(ctx, AD_Password_History_ID, trxName);
}
public MPasswordHistory(Properties ctx, ResultSet rs, String trxName) {
super(ctx, rs, trxName);
}
public MPasswordHistory(String salt, String password) {
super(Env.getCtx(), 0, null);
this.setSalt(salt);
this.setPassword(password);
}
/**
* get list password history has age <= passwordMaxDay + daysReuse
* @param passwordMaxDay max day a password is validate, get from configuration
* @param daysReuse max day can't reuse password, get from password rule
* @param userId
* @return
*/
public static List<MPasswordHistory> getPasswordHistoryForCheck (int passwordMaxDay, int daysReuse, int userId){
StringBuilder whereClause = new StringBuilder();
// note: because we use current_date, it's date => subtract make a interval of date + house + ...
// extrack day will get day range
// TODO:need recheck in oracle
whereClause.append("extract (day from (current_date - ");
whereClause.append(MPasswordHistory.COLUMNNAME_DatePasswordChanged);
whereClause.append(")) <= ");
whereClause.append(daysReuse + passwordMaxDay);
whereClause.append(" AND ");
whereClause.append(MPasswordHistory.COLUMNNAME_AD_User_ID);
whereClause.append(" = ");
whereClause.append(userId);
Query query = new Query(Env.getCtx(), MPasswordHistory.Table_Name, whereClause.toString(), null);
query.setClient_ID(true);
return query.list();
}
}

View File

@ -24,12 +24,14 @@ import java.io.IOException;
import java.io.InputStream; import java.io.InputStream;
import java.sql.ResultSet; import java.sql.ResultSet;
import java.util.ArrayList; import java.util.ArrayList;
import java.util.List;
import java.util.Properties; import java.util.Properties;
import org.adempiere.exceptions.AdempiereException; import org.adempiere.exceptions.AdempiereException;
import org.compiere.util.Env; import org.compiere.util.Env;
import org.compiere.util.Msg; import org.compiere.util.Msg;
import org.compiere.util.Util; import org.compiere.util.Util;
import org.idempiere.util.HistoryRuleSupportHash;
import org.passay.AlphabeticalCharacterRule; import org.passay.AlphabeticalCharacterRule;
import org.passay.AlphabeticalSequenceRule; import org.passay.AlphabeticalSequenceRule;
import org.passay.CharacterCharacteristicsRule; import org.passay.CharacterCharacteristicsRule;
@ -116,7 +118,7 @@ public class MPasswordRule extends X_AD_PasswordRule {
return true; return true;
} }
public void validate(String username, String newPassword) throws AdempiereException { public void validate(String username, String newPassword, List<MPasswordHistory> passwordHistorys) throws AdempiereException {
ArrayList<Rule> ruleList = new ArrayList<Rule>(); ArrayList<Rule> ruleList = new ArrayList<Rule>();
@ -213,10 +215,18 @@ public class MPasswordRule extends X_AD_PasswordRule {
} }
} }
// history password check
List<PasswordData.Reference> historyData = new ArrayList<PasswordData.Reference>();
for (MPasswordHistory passwordHistory : passwordHistorys){
historyData.add(new PasswordData.HistoricalReference(passwordHistory.getSalt(), passwordHistory.getPassword()));
}
HistoryRuleSupportHash historyRule = new HistoryRuleSupportHash();
ruleList.add(historyRule);
// validator all rule
if (!ruleList.isEmpty()) { if (!ruleList.isEmpty()) {
PasswordValidator validator = new PasswordValidator(getCustomResolver(), ruleList); PasswordValidator validator = new PasswordValidator(getCustomResolver(), ruleList);
PasswordData passwordData = new PasswordData(newPassword); PasswordData passwordData = PasswordData.newInstance(newPassword, username, historyData);
passwordData.setUsername(username);
RuleResult result = validator.validate(passwordData); RuleResult result = validator.validate(passwordData);
if (!result.isValid()) { if (!result.isValid()) {
StringBuilder error = new StringBuilder(Msg.getMsg(getCtx(), "PasswordErrors")); StringBuilder error = new StringBuilder(Msg.getMsg(getCtx(), "PasswordErrors"));

View File

@ -448,31 +448,7 @@ public class MUser extends X_AD_User
* check if hashed password matches * check if hashed password matches
*/ */
public boolean authenticateHash (String password) { public boolean authenticateHash (String password) {
return SecureEngine.isMatchHash (getPassword(), getSalt(), password);
String hash = null;
String salt = null;
boolean valid=false;
hash = getPassword();
salt = getSalt();
// always do calculation to prevent timing based attacks
if ( hash == null )
hash = "0000000000000000";
if ( salt == null )
salt = "0000000000000000";
try {
valid= SecureEngine.getSHA512Hash(1000, password, Secure.convertHexString(salt)).equals(hash);
} catch (NoSuchAlgorithmException ignored) {
log.log(Level.WARNING, "Password hashing not supported by JVM");
} catch (UnsupportedEncodingException ignored) {
log.log(Level.WARNING, "Password hashing not supported by JVM");
}
return valid;
} }
/** /**
@ -933,8 +909,19 @@ public class MUser extends X_AD_User
; ;
} else { } else {
MPasswordRule pwdrule = MPasswordRule.getRules(getCtx(), get_TrxName()); MPasswordRule pwdrule = MPasswordRule.getRules(getCtx(), get_TrxName());
if (pwdrule != null) if (pwdrule != null){
pwdrule.validate((getLDAPUser() != null ? getLDAPUser() : getName()), getPassword()); List<MPasswordHistory> passwordHistorys = MPasswordHistory.getPasswordHistoryForCheck(MSysConfig.getIntValue(MSysConfig.USER_LOCKING_MAX_PASSWORD_AGE_DAY, 0), pwdrule.getDays_Reuse_Password(), this.getAD_User_ID());
// for long time user don't use this system, because all password in history table is out of check range. but we will want new password must difference latest password
if (passwordHistorys.size() == 0 && !this.is_new() && this.get_ValueOld(MUser.COLUMNNAME_Password) != null){
Object oldSalt = this.get_ValueOld(MUser.COLUMNNAME_Salt);
Object oldPassword = this.get_ValueOld(MUser.COLUMNNAME_Password);
MPasswordHistory latestPassword = new MPasswordHistory(oldSalt == null?null:oldSalt.toString(), oldPassword == null?null:oldPassword.toString());
passwordHistorys.add(latestPassword);
}
pwdrule.validate((getLDAPUser() != null ? getLDAPUser() : getName()), getPassword(), passwordHistorys);
}
} }
// Hash password - IDEMPIERE-347 // Hash password - IDEMPIERE-347
@ -1067,4 +1054,24 @@ public class MUser extends X_AD_User
} }
} }
/**
* save new pass to history
*/
@Override
protected boolean afterSave(boolean newRecord, boolean success) {
if (getPassword() != null && getPassword().length() > 0 && (newRecord || is_ValueChanged("Password"))) {
MPasswordHistory passwordHistory = new MPasswordHistory(this.getCtx(), 0, this.get_TrxName());
passwordHistory.setSalt(this.getSalt());
passwordHistory.setPassword(this.getPassword());
// http://wiki.idempiere.org/en/System_user
if (!this.is_new() && this.getAD_User_ID() == 0){
passwordHistory.set_Value(MPasswordHistory.COLUMNNAME_AD_User_ID, 0);
}else{
passwordHistory.setAD_User_ID(this.getAD_User_ID());
}
passwordHistory.setDatePasswordChanged(this.getUpdated());
passwordHistory.saveEx();
}
return super.afterSave(newRecord, success);
}
} // MUser } // MUser

View File

@ -30,7 +30,7 @@ public class X_AD_PasswordRule extends PO implements I_AD_PasswordRule, I_Persis
/** /**
* *
*/ */
private static final long serialVersionUID = -6204385406753580912L; private static final long serialVersionUID = 20150406L;
/** Standard Constructor */ /** Standard Constructor */
public X_AD_PasswordRule (Properties ctx, int AD_PasswordRule_ID, String trxName) public X_AD_PasswordRule (Properties ctx, int AD_PasswordRule_ID, String trxName)
@ -153,6 +153,26 @@ public class X_AD_PasswordRule extends PO implements I_AD_PasswordRule, I_Persis
return ii.intValue(); return ii.intValue();
} }
/** Set Days Reuse Password.
@param Days_Reuse_Password
Define number of day can reuser password
*/
public void setDays_Reuse_Password (int Days_Reuse_Password)
{
set_Value (COLUMNNAME_Days_Reuse_Password, Integer.valueOf(Days_Reuse_Password));
}
/** Get Days Reuse Password.
@return Define number of day can reuser password
*/
public int getDays_Reuse_Password ()
{
Integer ii = (Integer)get_Value(COLUMNNAME_Days_Reuse_Password);
if (ii == null)
return 0;
return ii.intValue();
}
/** Set Word Length Dictionary. /** Set Word Length Dictionary.
@param DictWordLength Word Length Dictionary @param DictWordLength Word Length Dictionary
@deprecated by update library */ @deprecated by update library */
@ -163,7 +183,7 @@ public class X_AD_PasswordRule extends PO implements I_AD_PasswordRule, I_Persis
/** Get Word Length Dictionary. /** Get Word Length Dictionary.
@return Word Length Dictionary @return Word Length Dictionary
@deprecated by update library*/ @deprecated by update library */
public int getDictWordLength () public int getDictWordLength ()
{ {
Integer ii = (Integer)get_Value(COLUMNNAME_DictWordLength); Integer ii = (Integer)get_Value(COLUMNNAME_DictWordLength);

View File

@ -0,0 +1,181 @@
/******************************************************************************
* Product: iDempiere ERP & CRM Smart Business Solution *
* Copyright (C) 1999-2012 ComPiere, Inc. All Rights Reserved. *
* This program is free software, you can redistribute it and/or modify it *
* under the terms version 2 of the GNU General Public License as published *
* by the Free Software Foundation. This program is distributed in the hope *
* that it will be useful, but WITHOUT ANY WARRANTY, without even the implied *
* warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. *
* See the GNU General Public License for more details. *
* You should have received a copy of the GNU General Public License along *
* with this program, if not, write to the Free Software Foundation, Inc., *
* 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA. *
* For the text or an alternative of this public license, you may reach us *
* ComPiere, Inc., 2620 Augustine Dr. #245, Santa Clara, CA 95054, USA *
* or via info@compiere.org or http://www.compiere.org/license.html *
*****************************************************************************/
/** Generated Model - DO NOT CHANGE */
package org.compiere.model;
import java.sql.ResultSet;
import java.sql.Timestamp;
import java.util.Properties;
/** Generated Model for AD_Password_History
* @author iDempiere (generated)
* @version Release 2.1 - $Id$ */
public class X_AD_Password_History extends PO implements I_AD_Password_History, I_Persistent
{
/**
*
*/
private static final long serialVersionUID = 20150406L;
/** Standard Constructor */
public X_AD_Password_History (Properties ctx, int AD_Password_History_ID, String trxName)
{
super (ctx, AD_Password_History_ID, trxName);
/** if (AD_Password_History_ID == 0)
{
} */
}
/** Load Constructor */
public X_AD_Password_History (Properties ctx, ResultSet rs, String trxName)
{
super (ctx, rs, trxName);
}
/** AccessLevel
* @return 4 - System
*/
protected int get_AccessLevel()
{
return accessLevel.intValue();
}
/** Load Meta Data */
protected POInfo initPO (Properties ctx)
{
POInfo poi = POInfo.getPOInfo (ctx, Table_ID, get_TrxName());
return poi;
}
public String toString()
{
StringBuffer sb = new StringBuffer ("X_AD_Password_History[")
.append(get_ID()).append("]");
return sb.toString();
}
/** Set Password History ID.
@param AD_Password_History_ID Password History ID */
public void setAD_Password_History_ID (int AD_Password_History_ID)
{
if (AD_Password_History_ID < 1)
set_ValueNoCheck (COLUMNNAME_AD_Password_History_ID, null);
else
set_ValueNoCheck (COLUMNNAME_AD_Password_History_ID, Integer.valueOf(AD_Password_History_ID));
}
/** Get Password History ID.
@return Password History ID */
public int getAD_Password_History_ID ()
{
Integer ii = (Integer)get_Value(COLUMNNAME_AD_Password_History_ID);
if (ii == null)
return 0;
return ii.intValue();
}
/** Set AD_Password_History_UU.
@param AD_Password_History_UU AD_Password_History_UU */
public void setAD_Password_History_UU (String AD_Password_History_UU)
{
set_ValueNoCheck (COLUMNNAME_AD_Password_History_UU, AD_Password_History_UU);
}
/** Get AD_Password_History_UU.
@return AD_Password_History_UU */
public String getAD_Password_History_UU ()
{
return (String)get_Value(COLUMNNAME_AD_Password_History_UU);
}
public org.compiere.model.I_AD_User getAD_User() throws RuntimeException
{
return (org.compiere.model.I_AD_User)MTable.get(getCtx(), org.compiere.model.I_AD_User.Table_Name)
.getPO(getAD_User_ID(), get_TrxName()); }
/** Set User/Contact.
@param AD_User_ID
User within the system - Internal or Business Partner Contact
*/
public void setAD_User_ID (int AD_User_ID)
{
if (AD_User_ID < 1)
set_ValueNoCheck (COLUMNNAME_AD_User_ID, null);
else
set_ValueNoCheck (COLUMNNAME_AD_User_ID, Integer.valueOf(AD_User_ID));
}
/** Get User/Contact.
@return User within the system - Internal or Business Partner Contact
*/
public int getAD_User_ID ()
{
Integer ii = (Integer)get_Value(COLUMNNAME_AD_User_ID);
if (ii == null)
return 0;
return ii.intValue();
}
/** Set Date Password Changed.
@param DatePasswordChanged Date Password Changed */
public void setDatePasswordChanged (Timestamp DatePasswordChanged)
{
set_Value (COLUMNNAME_DatePasswordChanged, DatePasswordChanged);
}
/** Get Date Password Changed.
@return Date Password Changed */
public Timestamp getDatePasswordChanged ()
{
return (Timestamp)get_Value(COLUMNNAME_DatePasswordChanged);
}
/** Set Password.
@param Password
Password of any length (case sensitive)
*/
public void setPassword (String Password)
{
set_Value (COLUMNNAME_Password, Password);
}
/** Get Password.
@return Password of any length (case sensitive)
*/
public String getPassword ()
{
return (String)get_Value(COLUMNNAME_Password);
}
/** Set Salt.
@param Salt
Random data added to improve password hash effectiveness
*/
public void setSalt (String Salt)
{
set_ValueNoCheck (COLUMNNAME_Salt, Salt);
}
/** Get Salt.
@return Random data added to improve password hash effectiveness
*/
public String getSalt ()
{
return (String)get_Value(COLUMNNAME_Salt);
}
}

View File

@ -217,6 +217,34 @@ public class SecureEngine
if (log.isLoggable(Level.CONFIG)) log.config (realClass + " initialized - " + implementation); if (log.isLoggable(Level.CONFIG)) log.config (realClass + " initialized - " + implementation);
} // SecureEngine } // SecureEngine
/**
* use salt in hex form and text hashed compare with plan text
* when has exception in hash, log to server
* @param hashedText
* @param hexSalt
* @param planText
* @param log
* @return
*/
public static boolean isMatchHash (String hashedText, String hexSalt, String planText){
boolean valid=false;
// always do calculation to prevent timing based attacks
if ( hashedText == null )
hashedText = "0000000000000000";
if ( hexSalt == null )
hexSalt = "0000000000000000";
try {
valid= SecureEngine.getSHA512Hash(1000, planText, Secure.convertHexString(hexSalt)).equals(hashedText);
} catch (NoSuchAlgorithmException ignored) {
log.log(Level.WARNING, "Password hashing not supported by JVM");
} catch (UnsupportedEncodingException ignored) {
log.log(Level.WARNING, "Password hashing not supported by JVM");
}
return valid;
}
/** Test String */ /** Test String */
private static final String TEST = "This is a 0123456789 .,; -= Test!"; private static final String TEST = "This is a 0123456789 .,; -= Test!";

View File

@ -0,0 +1,45 @@
/******************************************************************************
* Copyright (C) 2015 iDempiere *
* Product: iDempiere ERP & CRM Smart Business Solution *
* This program is free software; you can redistribute it and/or modify it *
* under the terms version 2 of the GNU General Public License as published *
* by the Free Software Foundation. This program is distributed in the hope *
* that it will be useful, but WITHOUT ANY WARRANTY; without even the implied *
* warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. *
* See the GNU General Public License for more details. *
* You should have received a copy of the GNU General Public License along *
* with this program; if not, write to the Free Software Foundation, Inc., *
* 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA. *
*****************************************************************************/
package org.idempiere.util;
import org.adempiere.exceptions.AdempiereException;
import org.compiere.util.SecureEngine;
import org.passay.HistoryRule;
import org.passay.PasswordData.HistoricalReference;
import org.passay.PasswordData.Reference;
/**
* implement history password rule support hash password
* @author hieplq
*
*/
public class HistoryRuleSupportHash extends HistoryRule {
/**
* use salt in hex form and password hashed in reference compare with plant password
*/
@Override
protected boolean matches(String password, Reference reference) {
if (reference instanceof HistoricalReference){
String salt = ((HistoricalReference) reference).getLabel();
if (salt != null){
return SecureEngine.isMatchHash (reference.getPassword(), ((HistoricalReference) reference).getLabel(), password);
}else{
return reference.getPassword().equals(password);
}
}else{
throw new AdempiereException("Wrong sub type of org.passay.PasswordData.Reference");
}
}
}