1
19
20 package com.liferay.portal.security.auth;
21
22 import com.liferay.portal.kernel.util.GetterUtil;
23 import com.liferay.portal.kernel.util.ParamUtil;
24 import com.liferay.portal.kernel.util.Validator;
25 import com.liferay.portal.model.Company;
26 import com.liferay.portal.model.CompanyConstants;
27 import com.liferay.portal.model.User;
28 import com.liferay.portal.security.pwd.PwdEncryptor;
29 import com.liferay.portal.service.UserLocalServiceUtil;
30 import com.liferay.portal.util.PortalUtil;
31
32 import javax.servlet.http.HttpServletRequest;
33 import javax.servlet.http.HttpServletResponse;
34
35
41 public class ParameterAutoLogin implements AutoLogin {
42
43 public String[] login(
44 HttpServletRequest request, HttpServletResponse response)
45 throws AutoLoginException {
46
47 try {
48 String login = ParamUtil.getString(request, getLoginParam());
49
50 if (Validator.isNull(login)) {
51 return null;
52 }
53
54 String password = ParamUtil.getString(request, getPasswordParam());
55
56 if (Validator.isNull(password)) {
57 return null;
58 }
59
60 Company company = PortalUtil.getCompany(request);
61
62 String authType = company.getAuthType();
63
64 long userId = 0;
65
66 if (authType.equals(CompanyConstants.AUTH_TYPE_EA)) {
67 userId = UserLocalServiceUtil.getUserIdByEmailAddress(
68 company.getCompanyId(), login);
69 }
70 else if (authType.equals(CompanyConstants.AUTH_TYPE_SN)) {
71 userId = UserLocalServiceUtil.getUserIdByScreenName(
72 company.getCompanyId(), login);
73 }
74 else if (authType.equals(CompanyConstants.AUTH_TYPE_ID)) {
75 userId = GetterUtil.getLong(login);
76 }
77 else {
78 return null;
79 }
80
81 if (userId > 0) {
82 User user = UserLocalServiceUtil.getUserById(userId);
83
84 String userPassword = user.getPassword();
85
86 if (!user.isPasswordEncrypted()) {
87 userPassword = PwdEncryptor.encrypt(userPassword);
88 }
89
90 String encPassword = PwdEncryptor.encrypt(password);
91
92 if (!userPassword.equals(password) &&
93 !userPassword.equals(encPassword)) {
94
95 return null;
96 }
97 }
98
99 String[] credentials = new String[] {
100 String.valueOf(userId), password, Boolean.FALSE.toString()
101 };
102
103 return credentials;
104 }
105 catch (Exception e) {
106 throw new AutoLoginException(e);
107 }
108 }
109
110 protected String getLoginParam() {
111 return _LOGIN_PARAM;
112 }
113
114 protected String getPasswordParam() {
115 return _PASSWORD_PARAM;
116 }
117
118 private static final String _LOGIN_PARAM = "parameterAutoLoginLogin";
119
120 private static final String _PASSWORD_PARAM = "parameterAutoLoginPassword";
121
122 }