1
22
23 package com.liferay.portal.servlet.taglib.security;
24
25 import com.liferay.portal.kernel.log.Log;
26 import com.liferay.portal.kernel.log.LogFactoryUtil;
27 import com.liferay.portal.kernel.util.HttpUtil;
28 import com.liferay.portal.kernel.util.Validator;
29 import com.liferay.portal.model.Company;
30 import com.liferay.portal.util.PortalUtil;
31 import com.liferay.util.Encryptor;
32 import com.liferay.util.EncryptorException;
33
34 import java.security.Key;
35
36 import java.util.Set;
37 import java.util.StringTokenizer;
38
39 import javax.servlet.http.HttpServletRequest;
40 import javax.servlet.jsp.JspException;
41 import javax.servlet.jsp.PageContext;
42
43
49 public class EncryptTagUtil {
50
51 public static void doStartTag(
52 String className, String style, String protocol,
53 Set<String> unencryptedParamsSet, String url, String target,
54 PageContext pageContext)
55 throws JspException {
56
57 try {
58 StringBuilder sb = new StringBuilder();
59
60
62 sb.append("<a ");
63
64
66 if (Validator.isNotNull(className)) {
67 sb.append("class=\"");
68 sb.append(className);
69 sb.append("\" ");
70 }
71
72
74 sb.append("href=\"").append(protocol).append("://");
75
76 int pos = url.indexOf("?");
77
78 if (pos == -1) {
79 sb.append(url);
80 }
81 else {
82 sb.append(url.substring(0, pos)).append("?");
83
84 Company company = PortalUtil.getCompany(
85 (HttpServletRequest)pageContext.getRequest());
86
87 Key key = company.getKeyObj();
88
89 StringTokenizer st = new StringTokenizer(
90 url.substring(pos + 1, url.length()), "&");
91
92 while (st.hasMoreTokens()) {
93 String paramAndValue = st.nextToken();
94
95 int x = paramAndValue.indexOf("=");
96
97 String param = paramAndValue.substring(0, x);
98 String value = paramAndValue.substring(
99 x + 1, paramAndValue.length());
100
101 sb.append(param).append("=");
102
103 if (unencryptedParamsSet.contains(param)) {
104 sb.append(HttpUtil.encodeURL(value));
105 }
106 else {
107 try {
108 sb.append(HttpUtil.encodeURL(
109 Encryptor.encrypt(key, value)));
110 }
111 catch (EncryptorException ee) {
112 _log.error(ee.getMessage());
113 }
114
115 if (st.hasMoreTokens()) {
116 sb.append("&");
117 }
118 }
119 }
120
121 sb.append("&shuo=1");
122 }
123
124 sb.append("\" ");
125
126
128 if (Validator.isNotNull(style)) {
129 sb.append("style=\"");
130 sb.append(style);
131 sb.append("\" ");
132 }
133
134
136 if (Validator.isNotNull(target)) {
137 sb.append("target=\"" + target + "\"");
138 }
139
140
142 sb.append(">");
143
144 pageContext.getOut().print(sb.toString());
145 }
146 catch (Exception e) {
147 throw new JspException(e);
148 }
149 }
150
151 public static void doEndTag(PageContext pageContext) throws JspException {
152 try {
153 pageContext.getOut().print("</a>");
154 }
155 catch (Exception e) {
156 throw new JspException(e);
157 }
158 }
159
160 private static Log _log = LogFactoryUtil.getLog(EncryptTagUtil.class);
161
162 }