package com.sibvisions.apps.vaadin.web; public class LoggingSecurityManager extends DBSecurityManager { private PreparedStatement psLockedUsers; @Override protected boolean isPasswordValid(ISession pSession, String pPassword) throws Exception { // additional check: locked user ResultSet resultSet = null; try { psLockedUsers.clearParameters(); psLockedUsers.setString(1, pSession.getUserName()); psLockedUsers.execute(); resultSet = psLockedUsers.getResultSet(); if (resultSet.next()) { throw new SilentAbortException(); } } finally { CommonUtil.close(resultSet); } return super.isPasswordValid(pSession, pPassword); } @Override public synchronized void validateAuthentication(ISession pSession) throws Exception { String result = null; Throwable error = null; try { super.validateAuthentication(pSession); result = Constants.RESULT_OK; } catch (SilentAbortException sae) { result = Constants.RESULT_IGNORE; error = sae; throw sae; } catch (SecurityException se) { result = Constants.RESULT_DENIED; error = se; throw se; } catch (Exception ex) { result = Constants.RESULT_ERROR; error = ex; error(ex); throw ex; } finally { try { pSession.callAction("dbLog", Constants.TYPE_LOGIN, error, result); } catch (Throwable thr) { error(thr); } } } @Override public synchronized void logout(ISession pSession) { String result = null; Throwable error = null; try { super.logout(pSession); if (Boolean.parseBoolean((String)pSession.getProperty("userlogout"))) { result = Constants.RESULT_OK; } else { result = Constants.RESULT_EXPIRED; } } catch (Exception ex) { result = Constants.RESULT_ERROR; error = ex; error(ex); } finally { try { pSession.callAction("dbLog", Constants.TYPE_LOGOUT, error, result); } catch (Throwable eLog) { error(eLog); } } } @Override protected void initStatements(Connection pConnection) throws Exception { super.initStatements(pConnection); psLockedUsers = prepareStatement(pConnection, "select * from LOCKS where USERNAME = ?"); } } // LoggingSecurityManager