001
014
015 package com.liferay.portal.security.auth;
016
017 import com.liferay.portal.NoSuchUserException;
018 import com.liferay.portal.kernel.exception.SystemException;
019 import com.liferay.portal.kernel.log.Log;
020 import com.liferay.portal.kernel.log.LogFactoryUtil;
021 import com.liferay.portal.kernel.util.ParamUtil;
022 import com.liferay.portal.kernel.util.PropsKeys;
023 import com.liferay.portal.kernel.util.StringPool;
024 import com.liferay.portal.kernel.util.Validator;
025 import com.liferay.portal.model.CompanyConstants;
026 import com.liferay.portal.model.User;
027 import com.liferay.portal.security.ldap.PortalLDAPImporterUtil;
028 import com.liferay.portal.service.UserLocalServiceUtil;
029 import com.liferay.portal.util.PortalUtil;
030 import com.liferay.portal.util.PrefsPropsUtil;
031 import com.liferay.portal.util.PropsValues;
032 import com.liferay.portal.util.WebKeys;
033
034 import javax.servlet.http.HttpServletRequest;
035 import javax.servlet.http.HttpServletResponse;
036 import javax.servlet.http.HttpSession;
037
038
044 public class CASAutoLogin extends BaseAutoLogin {
045
046
050 protected User addUser(long companyId, String screenName) throws Exception {
051 return PortalLDAPImporterUtil.importLDAPUser(
052 companyId, StringPool.BLANK, screenName);
053 }
054
055 @Override
056 protected String[] doHandleException(
057 HttpServletRequest request, HttpServletResponse response, Exception e) {
058
059 HttpSession session = request.getSession();
060
061 if (e instanceof NoSuchUserException) {
062 session.removeAttribute(WebKeys.CAS_LOGIN);
063
064 session.setAttribute(
065 WebKeys.CAS_NO_SUCH_USER_EXCEPTION, Boolean.TRUE);
066 }
067
068 _log.error(e, e);
069
070 return null;
071 }
072
073 @Override
074 protected String[] doLogin(
075 HttpServletRequest request, HttpServletResponse response)
076 throws Exception {
077
078 HttpSession session = request.getSession();
079
080 long companyId = PortalUtil.getCompanyId(request);
081
082 if (!PrefsPropsUtil.getBoolean(
083 companyId, PropsKeys.CAS_AUTH_ENABLED,
084 PropsValues.CAS_AUTH_ENABLED)) {
085
086 return null;
087 }
088
089 String login = (String)session.getAttribute(WebKeys.CAS_LOGIN);
090
091 if (Validator.isNull(login)) {
092 Object noSuchUserException = session.getAttribute(
093 WebKeys.CAS_NO_SUCH_USER_EXCEPTION);
094
095 if (noSuchUserException == null) {
096 return null;
097 }
098
099 session.removeAttribute(WebKeys.CAS_NO_SUCH_USER_EXCEPTION);
100
101 session.setAttribute(WebKeys.CAS_FORCE_LOGOUT, Boolean.TRUE);
102
103 String redirect = PrefsPropsUtil.getString(
104 companyId, PropsKeys.CAS_NO_SUCH_USER_REDIRECT_URL,
105 PropsValues.CAS_NO_SUCH_USER_REDIRECT_URL);
106
107 request.setAttribute(AutoLogin.AUTO_LOGIN_REDIRECT, redirect);
108
109 return null;
110 }
111
112 String authType = PrefsPropsUtil.getString(
113 companyId, PropsKeys.COMPANY_SECURITY_AUTH_TYPE,
114 PropsValues.COMPANY_SECURITY_AUTH_TYPE);
115
116 User user = null;
117
118 if (PrefsPropsUtil.getBoolean(
119 companyId, PropsKeys.CAS_IMPORT_FROM_LDAP,
120 PropsValues.CAS_IMPORT_FROM_LDAP)) {
121
122 try {
123 if (authType.equals(CompanyConstants.AUTH_TYPE_SN)) {
124 user = PortalLDAPImporterUtil.importLDAPUser(
125 companyId, StringPool.BLANK, login);
126 }
127 else {
128 user = PortalLDAPImporterUtil.importLDAPUser(
129 companyId, login, StringPool.BLANK);
130 }
131 }
132 catch (SystemException se) {
133 }
134 }
135
136 if (user == null) {
137 if (authType.equals(CompanyConstants.AUTH_TYPE_SN)) {
138 user = UserLocalServiceUtil.getUserByScreenName(
139 companyId, login);
140 }
141 else {
142 user = UserLocalServiceUtil.getUserByEmailAddress(
143 companyId, login);
144 }
145 }
146
147 String redirect = ParamUtil.getString(request, "redirect");
148
149 if (Validator.isNotNull(redirect)) {
150 request.setAttribute(
151 AutoLogin.AUTO_LOGIN_REDIRECT_AND_CONTINUE,
152 PortalUtil.escapeRedirect(redirect));
153 }
154
155 String[] credentials = new String[3];
156
157 credentials[0] = String.valueOf(user.getUserId());
158 credentials[1] = user.getPassword();
159 credentials[2] = Boolean.TRUE.toString();
160
161 return credentials;
162 }
163
164 private static Log _log = LogFactoryUtil.getLog(CASAutoLogin.class);
165
166 }