001    /**
002     * Copyright (c) 2000-2013 Liferay, Inc. All rights reserved.
003     *
004     * This library is free software; you can redistribute it and/or modify it under
005     * the terms of the GNU Lesser General Public License as published by the Free
006     * Software Foundation; either version 2.1 of the License, or (at your option)
007     * any later version.
008     *
009     * This library is distributed in the hope that it will be useful, but WITHOUT
010     * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
011     * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
012     * details.
013     */
014    
015    package com.liferay.portal.security.auth;
016    
017    import com.liferay.portal.NoSuchUserException;
018    import com.liferay.portal.kernel.exception.SystemException;
019    import com.liferay.portal.kernel.log.Log;
020    import com.liferay.portal.kernel.log.LogFactoryUtil;
021    import com.liferay.portal.kernel.util.PropsKeys;
022    import com.liferay.portal.kernel.util.StringPool;
023    import com.liferay.portal.kernel.util.Validator;
024    import com.liferay.portal.model.Company;
025    import com.liferay.portal.model.CompanyConstants;
026    import com.liferay.portal.model.User;
027    import com.liferay.portal.security.ldap.PortalLDAPImporterUtil;
028    import com.liferay.portal.service.UserLocalServiceUtil;
029    import com.liferay.portal.util.PortalUtil;
030    import com.liferay.portal.util.PrefsPropsUtil;
031    import com.liferay.portal.util.PropsValues;
032    
033    import javax.servlet.http.HttpServletRequest;
034    import javax.servlet.http.HttpServletResponse;
035    
036    /**
037     * @author Mika Koivisto
038     * @author Wesley Gong
039     */
040    public class SiteMinderAutoLogin implements AutoLogin {
041    
042            @Override
043            public String[] login(
044                    HttpServletRequest request, HttpServletResponse response) {
045    
046                    String[] credentials = null;
047    
048                    try {
049                            Company company = PortalUtil.getCompany(request);
050    
051                            long companyId = company.getCompanyId();
052    
053                            if (!AuthSettingsUtil.isSiteMinderEnabled(companyId)) {
054                                    return credentials;
055                            }
056    
057                            String siteMinderUserHeader = request.getHeader(
058                                    PrefsPropsUtil.getString(
059                                            companyId, PropsKeys.SITEMINDER_USER_HEADER,
060                                            PropsValues.SITEMINDER_USER_HEADER));
061    
062                            if (Validator.isNull(siteMinderUserHeader)) {
063                                    return credentials;
064                            }
065    
066                            String authType = company.getAuthType();
067    
068                            User user = null;
069    
070                            if (PrefsPropsUtil.getBoolean(
071                                            companyId, PropsKeys.SITEMINDER_IMPORT_FROM_LDAP,
072                                            PropsValues.SITEMINDER_IMPORT_FROM_LDAP)) {
073    
074                                    try {
075                                            if (authType.equals(CompanyConstants.AUTH_TYPE_EA)) {
076                                                    user = PortalLDAPImporterUtil.importLDAPUser(
077                                                            companyId, siteMinderUserHeader, StringPool.BLANK);
078                                            }
079                                            else {
080                                                    user = PortalLDAPImporterUtil.importLDAPUser(
081                                                            companyId, StringPool.BLANK, siteMinderUserHeader);
082                                            }
083                                    }
084                                    catch (SystemException se) {
085                                    }
086                            }
087    
088                            if (user == null) {
089                                    try {
090                                            if (authType.equals(CompanyConstants.AUTH_TYPE_EA)) {
091                                                    user = UserLocalServiceUtil.getUserByEmailAddress(
092                                                            companyId, siteMinderUserHeader);
093                                            }
094                                            else {
095                                                    user = UserLocalServiceUtil.getUserByScreenName(
096                                                            companyId, siteMinderUserHeader);
097                                            }
098                                    }
099                                    catch (NoSuchUserException nsue) {
100                                            return credentials;
101                                    }
102                            }
103    
104                            credentials = new String[3];
105    
106                            credentials[0] = String.valueOf(user.getUserId());
107                            credentials[1] = user.getPassword();
108                            credentials[2] = Boolean.TRUE.toString();
109    
110                            return credentials;
111                    }
112                    catch (Exception e) {
113                            _log.error(e, e);
114                    }
115    
116                    return credentials;
117            }
118    
119            private static Log _log = LogFactoryUtil.getLog(SiteMinderAutoLogin.class);
120    
121    }