1   /**
2    * Copyright (c) 2000-2010 Liferay, Inc. All rights reserved.
3    *
4    * This library is free software; you can redistribute it and/or modify it under
5    * the terms of the GNU Lesser General Public License as published by the Free
6    * Software Foundation; either version 2.1 of the License, or (at your option)
7    * any later version.
8    *
9    * This library is distributed in the hope that it will be useful, but WITHOUT
10   * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
11   * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
12   * details.
13   */
14  
15  package com.liferay.portal.security.auth;
16  
17  import com.liferay.portal.kernel.exception.SystemException;
18  import com.liferay.portal.kernel.log.Log;
19  import com.liferay.portal.kernel.log.LogFactoryUtil;
20  import com.liferay.portal.kernel.util.PropsKeys;
21  import com.liferay.portal.kernel.util.StringPool;
22  import com.liferay.portal.kernel.util.Validator;
23  import com.liferay.portal.model.Company;
24  import com.liferay.portal.model.CompanyConstants;
25  import com.liferay.portal.model.User;
26  import com.liferay.portal.security.ldap.LDAPSettingsUtil;
27  import com.liferay.portal.service.UserLocalServiceUtil;
28  import com.liferay.portal.util.PortalUtil;
29  import com.liferay.portal.util.PrefsPropsUtil;
30  import com.liferay.portal.util.PropsValues;
31  
32  import javax.servlet.http.HttpServletRequest;
33  import javax.servlet.http.HttpServletResponse;
34  
35  /**
36   * <a href="SiteMinderAutoLogin.java.html"><b><i>View Source</i></b></a>
37   *
38   * @author Mika Koivisto
39   * @author Wesley Gong
40   */
41  public class SiteMinderAutoLogin extends CASAutoLogin {
42  
43      public String[] login(
44          HttpServletRequest request, HttpServletResponse response) {
45  
46          String[] credentials = null;
47  
48          try {
49              Company company = PortalUtil.getCompany(request);
50  
51              long companyId = company.getCompanyId();
52  
53              if (!LDAPSettingsUtil.isSiteMinderEnabled(companyId)) {
54                  return credentials;
55              }
56  
57              String siteMinderUserHeader = request.getHeader(
58                  PrefsPropsUtil.getString(
59                      companyId, PropsKeys.SITEMINDER_USER_HEADER,
60                      PropsValues.SITEMINDER_USER_HEADER));
61  
62              if (Validator.isNull(siteMinderUserHeader)) {
63                  return credentials;
64              }
65  
66              String authType = company.getAuthType();
67  
68              User user = null;
69  
70              if (PrefsPropsUtil.getBoolean(
71                      companyId, PropsKeys.SITEMINDER_IMPORT_FROM_LDAP,
72                      PropsValues.SITEMINDER_IMPORT_FROM_LDAP)) {
73  
74                  try {
75                      if (authType.equals(CompanyConstants.AUTH_TYPE_EA)) {
76                          user = importLDAPUser(
77                              companyId, siteMinderUserHeader, StringPool.BLANK);
78                      }
79                      else {
80                          user = importLDAPUser(
81                              companyId, StringPool.BLANK, siteMinderUserHeader);
82                      }
83                  }
84                  catch (SystemException se) {
85                  }
86              }
87  
88              if (user == null) {
89                  if (authType.equals(CompanyConstants.AUTH_TYPE_EA)) {
90                      user = UserLocalServiceUtil.getUserByEmailAddress(
91                          companyId, siteMinderUserHeader);
92                  }
93                  else {
94                      user = UserLocalServiceUtil.getUserByScreenName(
95                          companyId, siteMinderUserHeader);
96                  }
97              }
98  
99              credentials = new String[3];
100 
101             credentials[0] = String.valueOf(user.getUserId());
102             credentials[1] = user.getPassword();
103             credentials[2] = Boolean.TRUE.toString();
104 
105             return credentials;
106         }
107         catch (Exception e) {
108             _log.error(e, e);
109         }
110 
111         return credentials;
112     }
113 
114     private static Log _log = LogFactoryUtil.getLog(SiteMinderAutoLogin.class);
115 
116 }