2. EPMO Open Source Coordination Office Redaction File Detail Report

Produced by Araxis Merge on 7/10/2017 1:01:42 PM Central Daylight Time. See www.araxis.com for information about Merge. This report uses XHTML and CSS2, and is best viewed with a modern standards-compliant browser. For optimum results when printing this report, use landscape orientation and enable printing of background images and colours in your browser.

2.1 Files compared

#	Location	File	Last Modified
1	C:\AraxisMergeCompare\Pri_un\IV-ehmp_cif\AwivClientWebApp\main\src\java\gov\va\med\imaging\awiv\server	UserAuthenticationServiceImpl.java	Thu Jun 29 17:22:53 2017 UTC
2	C:\AraxisMergeCompare\Pri_re\IV-ehmp_cif\AwivClientWebApp\main\src\java\gov\va\med\imaging\awiv\server	UserAuthenticationServiceImpl.java	Fri Jul 7 16:33:08 2017 UTC

2.2 Comparison summary

Description	Between Files 1 and 2
Description	Text Blocks	Lines
Unchanged	2	388
Changed	1	2
Inserted	0	0
Removed	0	0

2.3 Comparison options

Whitespace
Character case	Differences in character case are significant
Line endings	Differences in line endings (`CR` and `LF` characters) are ignored
CR/LF characters	Not shown in the comparison detail

2.4 Active regular expressions

No regular expressions were active.

2.5 Comparison detail

	1	/**
	2	*
	3	Package: MAG - Vis tA Imaging
	4	WARNING: Per VHA D irective 2 004-038, t his routin e should n ot be modi fied.
	5	Date Cre ated:
	6	Site Nam e: Washin gton OI Fi eld Office , Silver S pring, MD
	7	Developer: R E DACTED
	8	Descript ion:
	9
	10	;; +-------- ---------- ---------- ---------- ---------- ---------- ---------- +
	11	;; Property of the US Government .
	12	;; No permis sion to co py or redi stribute t his softwa re is give n.
	13	;; Use of un released v ersions of this soft ware requi res the us er
	14	;; to execu te a writt en test ag reement wi th the Vis tA Imaging
	15	;; Developm ent Office of the De partment o f Veterans Affairs,
	16	;; telephon e (301) 73 4-0100.
	17	;;
	18	;; The Food and Drug A dministrat ion classi fies this software a s
	19	;; a Class I I medical device. A s such, it may not b e changed
	20	;; in any wa y. Modifi cations to this soft ware may r esult in a n
	21	;; adulterat ed medical device un der 21CFR8 20, the us e of which
	22	;; is consid ered to be a violati on of US F ederal Sta tutes.
	23	;; +-------- ---------- ---------- ---------- ---------- ---------- ---------- +
	24
	25	*/
	26	package go v.va.med.i maging.awi v.server;
	27
	28	import jav a.util.Arr ayList;
	29	import jav a.util.Col lections;
	30	import jav a.util.Has hMap;
	31	import jav a.util.Lis t;
	32
	33	import jav ax.servlet .http.Cook ie;
	34
	35	import gov .va.med.Ro utingToken ;
	36	import gov .va.med.ex ceptions.R outingToke nFormatExc eption;
	37	import gov .va.med.im aging.arti factsource .ResolvedA rtifactSou rce;
	38	import gov .va.med.im aging.awiv .AWIVClien tContext;
	39	import gov .va.med.im aging.awiv .AWIVClien tContextHo lder;
	40	import gov .va.med.im aging.awiv .AWIVClien tRouter;
	41	import gov .va.med.im aging.awiv .business. AwivAuthen ticationSi tesInforma tion;
	42	import gov .va.med.im aging.awiv .business. AwivWelcom eMessage;
	43	import gov .va.med.im aging.awiv .client.Us erAuthenti cationServ ice;
	44	import gov .va.med.im aging.awiv .client.ui .widgets.A wivConstan ts;
	45	import gov .va.med.im aging.awiv .configura tion.AwivC lientConfi guration;
	46	import gov .va.med.im aging.awiv .exception s.AwivConn ectionExce ption;
	47	import gov .va.med.im aging.awiv .exception s.AwivCred entialsExp iredExcept ion;
	48	import gov .va.med.im aging.awiv .exception s.AwivInva lidUserCre dentialsEx ception;
	49	import gov .va.med.im aging.awiv .exception s.AwivMeth odExceptio n;
	50	import gov .va.med.im aging.awiv .server.tr anslator.A wivClientT ranslator;
	51	import gov .va.med.im aging.core .interface s.exceptio ns.Connect ionExcepti on;
	52	import gov .va.med.im aging.core .interface s.exceptio ns.Credent ialsExpire dException ;
	53	import gov .va.med.im aging.core .interface s.exceptio ns.Invalid UserCreden tialsExcep tion;
	54	import gov .va.med.im aging.core .interface s.exceptio ns.MethodE xception;
	55	import gov .va.med.im aging.encr yption.exc eptions.Ae sEncryptio nException ;
	56	import gov .va.med.im aging.exch ange.Routi ngTokenHel per;
	57	import gov .va.med.im aging.exch ange.busin ess.Welcom eMessage;
	58	import gov .va.med.im aging.tomc at.vistare alm.VistaR ealmSecuri tyContext;
	59	import gov .va.med.im aging.tomc at.vistare alm.VistaR ealmPrinci pal.Authen ticationCr edentialsT ype;
	60	import gov .va.med.im aging.tomc at.vistare alm.encryp tion.Encry ptionToken ;
	61	import gov .va.med.im aging.tran sactioncon text.Clien tPrincipal ;
	62	import gov .va.med.im aging.tran sactioncon text.Trans actionCont ext;
	63	import gov .va.med.im aging.tran sactioncon text.Trans actionCont extFactory ;
	64	import gov .va.med.im aging.url. vista.Stri ngUtils;
	65
	66	public cla ss UserAut henticatio nServiceIm pl
	67	extends Ab stractAwiv ClientRemo teServiceS ervlet
	68	implements UserAuthe nticationS ervice
	69	{
	70	pr ivate stat ic final l ong serial VersionUID = 5440456 6879069920 28L;
	71
	72	@O verride
	73	pu blic boole an authent icateUser( String tra nsactionId , String s iteNumber, String us ername,
	74	String password)
	75	th rows AwivM ethodExcep tion, Awiv Connection Exception, AwivInval idUserCred entialsExc eption,
	76	Aw ivCredenti alsExpired Exception
	77	{
	78	try
	79	{
	80	if(use rname != n ull && (pa ssword == null \|\| pa ssword.len gth() <= 0 ))
	81	{
	82	// if th e username has a val ue and the password does not t he user mi ght have p ut the ent ire
	83	// acces s/verify c ode pair i nto the us ername fie ld (VistA supports t his). In t his case t he two
	84	// are s eparated b y a semico lon
	85	if(usern ame.contai ns(new Str ing(";")))
	86	{
	87	password = StringUti ls.MagPiec e(username , StringUt ils.SEMICO LON, 2);
	88	username = StringUti ls.MagPiec e(username , StringUt ils.SEMICO LON, 1);
	89	}
	90	}
	91
	92	Client Principal principal = new Clie ntPrincipa l(
	93	siteNumber , true,Aut henticatio nCredentia lsType.Pas sword,
	94	username, password,
	95	null, null , null, nu ll, null,
	96	new ArrayL ist<String >(),
	97	new HashMa p<String, Object>()
	98	);
	99	princi pal.setAut henticated ByVista(tr ue); // if all works this will be true
	100	VistaR ealmSecuri tyContext. set(princi pal);
	101	//Tran sactionCon textFactor y.createCl ientTransa ctionConte xt(princip al);
	102	Transa ctionConte xt transac tionContex t = Transa ctionConte xtFactory. get();
	103	transa ctionConte xt.setBrok erSecurity Applicatio nName("VIS TA IMAGING VIX");
	104	transa ctionConte xt.setAcce ssCode(use rname);
	105	transa ctionConte xt.setVeri fyCode(pas sword);
	106	transa ctionConte xt.setSite Number(sit eNumber);
	107
	108	AWIVCl ientRouter router = AWIVClient Context.ge tRouter();
	109	Routin gToken rou tingToken = RoutingT okenHelper .createSit eAppropria teRoutingT oken(siteN umber);
	110	setTra nsactionCo ntextPrope rties(tran sactionId, "authenti cateUser") ;
	111	router .authentic ateUser(ro utingToken );
	112	Cookie cookie = new Cookie (AwivConst ants.userC ookieName,
	113	Encryption Token.encr yptUserCre dentials() );
	114	cookie .setPath(" /Awiv");
	115	//cook ie.setSecu re(true);
	116	cookie .setMaxAge (-1); // d on't persi st between sessions
	117	getThr eadLocalRe sponse().a ddCookie(c ookie);
	118	return true;
	119	}
	120	catc h(RoutingT okenFormat Exception rtfX)
	121	{
	122	throw new AwivMe thodExcept ion(rtfX);
	123	}
	124	catc h(Connecti onExceptio n cX)
	125	{
	126	throw new AwivCo nnectionEx ception(cX );
	127	}
	128	catc h(InvalidU serCredent ialsExcept ion iucX)
	129	{
	130	throw new AwivIn validUserC redentials Exception( iucX);
	131	}
	132	catc h(Credenti alsExpired Exception ceX)
	133	{
	134	throw new AwivCr edentialsE xpiredExce ption(ceX) ;
	135	}
	136	catc h(MethodEx ception mX )
	137	{
	138	throw new AwivMe thodExcept ion(mX);
	139	}
	140	catc h(AesEncry ptionExcep tion arX)
	141	{
	142	throw new AwivMe thodExcept ion(arX);
	143	}
	144	}
	145
	146	@O verride
	147	pu blic AwivW elcomeMess age getWel comeMessag e(String t ransaction Id,
	148	String siteNumbe r)
	149	th rows AwivM ethodExcep tion, Awiv Connection Exception
	150	{
	151	try
	152	{
	153	AWIVCl ientRouter router = AWIVClient Context.ge tRouter();
	154	setTra nsactionCo ntextPrope rties(tran sactionId, "getWelco meMessage" );
	155	Routin gToken rou tingToken = RoutingT okenHelper .createSit eAppropria teRoutingT oken(siteN umber);
	156	Welcom eMessage w elcomeMess age = rout er.getCach edWelcomeM essage(rou tingToken) ;
	157	return AwivClien tTranslato r.translat e(welcomeM essage);
	158	}
	159	catc h(RoutingT okenFormat Exception rtfX)
	160	{
	161	throw new AwivMe thodExcept ion(rtfX);
	162	}
	163	catc h(Connecti onExceptio n cX)
	164	{
	165	throw new AwivCo nnectionEx ception(cX );
	166	}
	167	catc h(MethodEx ception mX )
	168	{
	169	throw new AwivMe thodExcept ion(mX);
	170	}
	171	}
	172
	173	@O verride
	174	pu blic AwivA uthenticat ionSitesIn formation getUserAut henticatio nSites(Str ing transa ctionId)
	175	th rows AwivM ethodExcep tion, Awiv Connection Exception
	176	{
	177	try
	178	{
	179	AWIVCl ientRouter router = AWIVClient Context.ge tRouter();
	180	setTra nsactionCo ntextPrope rties(tran sactionId, "getUserA uthenticat ionSites") ;
	181	List<R esolvedArt ifactSourc e> artifac tSources = router.ge tResolvedA rtifactSou rceList();
	182	Collec tions.sort (artifactS ources, ne w Resolved ArtifactSo urceCompar ator());
	183	String version = AWIVClien tContextHo lder.getAw ivClientCo ntext().ge tApplicati onConfigur ation().ge tVixSoftwa reVersion( );
	184	return AwivClien tTranslato r.translat e(artifact Sources, A wivClientC onfigurati on.getConf iguration( ), version );
	185	}
	186	catc h(Connecti onExceptio n cX)
	187	{
	188	throw new AwivCo nnectionEx ception(cX );
	189	}
	190	catc h(MethodEx ception mX )
	191	{
	192	throw new AwivMe thodExcept ion(mX);
	193	}
	194	}
	195	}