001
014
015 package com.liferay.portal.action;
016
017 import com.liferay.portal.kernel.portlet.WindowStateFactory;
018 import com.liferay.portal.kernel.util.CharPool;
019 import com.liferay.portal.kernel.util.HttpUtil;
020 import com.liferay.portal.kernel.util.ParamUtil;
021 import com.liferay.portal.kernel.util.PropsKeys;
022 import com.liferay.portal.kernel.util.StringBundler;
023 import com.liferay.portal.kernel.util.StringPool;
024 import com.liferay.portal.kernel.util.StringUtil;
025 import com.liferay.portal.kernel.util.Validator;
026 import com.liferay.portal.theme.ThemeDisplay;
027 import com.liferay.portal.util.PortalUtil;
028 import com.liferay.portal.util.PortletKeys;
029 import com.liferay.portal.util.PrefsPropsUtil;
030 import com.liferay.portal.util.PropsValues;
031 import com.liferay.portal.util.WebKeys;
032 import com.liferay.portlet.PortletURLFactoryUtil;
033 import com.liferay.portlet.login.util.LoginUtil;
034
035 import javax.portlet.PortletMode;
036 import javax.portlet.PortletRequest;
037 import javax.portlet.PortletURL;
038 import javax.portlet.WindowState;
039
040 import javax.servlet.http.HttpServletRequest;
041 import javax.servlet.http.HttpServletResponse;
042 import javax.servlet.http.HttpSession;
043
044 import org.apache.struts.action.Action;
045 import org.apache.struts.action.ActionForm;
046 import org.apache.struts.action.ActionForward;
047 import org.apache.struts.action.ActionMapping;
048
049
053 public class LoginAction extends Action {
054
055 @Override
056 public ActionForward execute(
057 ActionMapping actionMapping, ActionForm actionForm,
058 HttpServletRequest request, HttpServletResponse response)
059 throws Exception {
060
061 ThemeDisplay themeDisplay = (ThemeDisplay)request.getAttribute(
062 WebKeys.THEME_DISPLAY);
063
064 if (PropsValues.AUTH_LOGIN_DISABLED) {
065 response.sendRedirect(
066 themeDisplay.getPathMain() +
067 PropsValues.AUTH_LOGIN_DISABLED_PATH);
068
069 return null;
070 }
071
072 if (PropsValues.COMPANY_SECURITY_AUTH_REQUIRES_HTTPS &&
073 !request.isSecure()) {
074
075 StringBundler sb = new StringBundler(4);
076
077 sb.append(PortalUtil.getPortalURL(request, true));
078 sb.append(request.getRequestURI());
079 sb.append(StringPool.QUESTION);
080 sb.append(request.getQueryString());
081
082 response.sendRedirect(sb.toString());
083
084 return null;
085 }
086
087 String login = ParamUtil.getString(request, "login");
088 String password = request.getParameter("password");
089 boolean rememberMe = ParamUtil.getBoolean(request, "rememberMe");
090 String authType = ParamUtil.getString(request, "authType");
091
092 if (Validator.isNotNull(login) && Validator.isNotNull(password)) {
093 LoginUtil.login(
094 request, response, login, password, rememberMe, authType);
095 }
096
097 HttpSession session = request.getSession();
098
099 if ((session.getAttribute("j_username") != null) &&
100 (session.getAttribute("j_password") != null)) {
101
102 if (PropsValues.PORTAL_JAAS_ENABLE) {
103 return actionMapping.findForward("/portal/touch_protected.jsp");
104 }
105
106 String redirect = ParamUtil.getString(request, "redirect");
107
108 redirect = PortalUtil.escapeRedirect(redirect);
109
110 if (Validator.isNull(redirect)) {
111 redirect = themeDisplay.getPathMain();
112 }
113
114 if (redirect.charAt(0) == CharPool.SLASH) {
115 String portalURL = PortalUtil.getPortalURL(
116 request, request.isSecure());
117
118 if (Validator.isNotNull(portalURL)) {
119 redirect = portalURL.concat(redirect);
120 }
121 }
122
123 response.sendRedirect(redirect);
124
125 return null;
126 }
127
128 String redirect = PortalUtil.getSiteLoginURL(themeDisplay);
129
130 if (Validator.isNull(redirect)) {
131 redirect = PropsValues.AUTH_LOGIN_URL;
132 }
133
134 if (Validator.isNull(redirect)) {
135 PortletURL portletURL = PortletURLFactoryUtil.create(
136 request, PortletKeys.LOGIN, themeDisplay.getPlid(),
137 PortletRequest.RENDER_PHASE);
138
139 portletURL.setParameter("saveLastPath", Boolean.FALSE.toString());
140 portletURL.setParameter("struts_action", "/login/login");
141 portletURL.setPortletMode(PortletMode.VIEW);
142 portletURL.setWindowState(getWindowState(request));
143
144 redirect = portletURL.toString();
145 }
146
147 if (PropsValues.COMPANY_SECURITY_AUTH_REQUIRES_HTTPS) {
148 String portalURL = PortalUtil.getPortalURL(request);
149 String portalURLSecure = PortalUtil.getPortalURL(request, true);
150
151 if (!portalURL.equals(portalURLSecure)) {
152 redirect = StringUtil.replaceFirst(
153 redirect, portalURL, portalURLSecure);
154 }
155 }
156
157 String loginRedirect = ParamUtil.getString(request, "redirect");
158
159 loginRedirect = PortalUtil.escapeRedirect(loginRedirect);
160
161 if (Validator.isNotNull(loginRedirect)) {
162 if (PrefsPropsUtil.getBoolean(
163 themeDisplay.getCompanyId(), PropsKeys.CAS_AUTH_ENABLED,
164 PropsValues.CAS_AUTH_ENABLED)) {
165
166 redirect = loginRedirect;
167 }
168 else {
169 String loginPortletNamespace = PortalUtil.getPortletNamespace(
170 PropsValues.AUTH_LOGIN_PORTLET_NAME);
171
172 String loginRedirectParameter =
173 loginPortletNamespace + "redirect";
174
175 redirect = HttpUtil.setParameter(
176 redirect, "p_p_id", PropsValues.AUTH_LOGIN_PORTLET_NAME);
177 redirect = HttpUtil.setParameter(
178 redirect, "p_p_lifecycle", "0");
179 redirect = HttpUtil.setParameter(
180 redirect, loginRedirectParameter, loginRedirect);
181 }
182 }
183
184 response.sendRedirect(redirect);
185
186 return null;
187 }
188
189 protected WindowState getWindowState(HttpServletRequest request) {
190 WindowState windowState = WindowState.MAXIMIZED;
191
192 String windowStateString = ParamUtil.getString(request, "windowState");
193
194 if (Validator.isNotNull(windowStateString)) {
195 windowState = WindowStateFactory.getWindowState(windowStateString);
196 }
197
198 return windowState;
199 }
200
201 }