1
19
20 package com.liferay.portal.servlet.taglib.security;
21
22 import com.liferay.portal.kernel.log.Log;
23 import com.liferay.portal.kernel.log.LogFactoryUtil;
24 import com.liferay.portal.kernel.util.HttpUtil;
25 import com.liferay.portal.kernel.util.Validator;
26 import com.liferay.portal.model.Company;
27 import com.liferay.portal.util.PortalUtil;
28 import com.liferay.util.Encryptor;
29 import com.liferay.util.EncryptorException;
30
31 import java.security.Key;
32
33 import java.util.Set;
34 import java.util.StringTokenizer;
35
36 import javax.servlet.http.HttpServletRequest;
37 import javax.servlet.jsp.JspException;
38 import javax.servlet.jsp.PageContext;
39
40
46 public class EncryptTagUtil {
47
48 public static void doStartTag(
49 String className, String style, String protocol,
50 Set<String> unencryptedParamsSet, String url, String target,
51 PageContext pageContext)
52 throws JspException {
53
54 try {
55 StringBuilder sb = new StringBuilder();
56
57
59 sb.append("<a ");
60
61
63 if (Validator.isNotNull(className)) {
64 sb.append("class=\"");
65 sb.append(className);
66 sb.append("\" ");
67 }
68
69
71 sb.append("href=\"").append(protocol).append("://");
72
73 int pos = url.indexOf("?");
74
75 if (pos == -1) {
76 sb.append(url);
77 }
78 else {
79 sb.append(url.substring(0, pos)).append("?");
80
81 Company company = PortalUtil.getCompany(
82 (HttpServletRequest)pageContext.getRequest());
83
84 Key key = company.getKeyObj();
85
86 StringTokenizer st = new StringTokenizer(
87 url.substring(pos + 1, url.length()), "&");
88
89 while (st.hasMoreTokens()) {
90 String paramAndValue = st.nextToken();
91
92 int x = paramAndValue.indexOf("=");
93
94 String param = paramAndValue.substring(0, x);
95 String value = paramAndValue.substring(
96 x + 1, paramAndValue.length());
97
98 sb.append(param).append("=");
99
100 if (unencryptedParamsSet.contains(param)) {
101 sb.append(HttpUtil.encodeURL(value));
102 }
103 else {
104 try {
105 sb.append(HttpUtil.encodeURL(
106 Encryptor.encrypt(key, value)));
107 }
108 catch (EncryptorException ee) {
109 _log.error(ee.getMessage());
110 }
111
112 if (st.hasMoreTokens()) {
113 sb.append("&");
114 }
115 }
116 }
117
118 sb.append("&shuo=1");
119 }
120
121 sb.append("\" ");
122
123
125 if (Validator.isNotNull(style)) {
126 sb.append("style=\"");
127 sb.append(style);
128 sb.append("\" ");
129 }
130
131
133 if (Validator.isNotNull(target)) {
134 sb.append("target=\"" + target + "\"");
135 }
136
137
139 sb.append(">");
140
141 pageContext.getOut().print(sb.toString());
142 }
143 catch (Exception e) {
144 throw new JspException(e);
145 }
146 }
147
148 public static void doEndTag(PageContext pageContext) throws JspException {
149 try {
150 pageContext.getOut().print("</a>");
151 }
152 catch (Exception e) {
153 throw new JspException(e);
154 }
155 }
156
157 private static Log _log = LogFactoryUtil.getLog(EncryptTagUtil.class);
158
159 }