1
19
20 package com.liferay.portal.security.auth;
21
22 import com.liferay.portal.kernel.log.Log;
23 import com.liferay.portal.kernel.log.LogFactoryUtil;
24 import com.liferay.portal.kernel.util.StringPool;
25 import com.liferay.portal.model.User;
26 import com.liferay.portal.security.ldap.PortalLDAPUtil;
27 import com.liferay.portal.util.PortalUtil;
28 import com.liferay.portal.util.WebKeys;
29
30 import javax.naming.directory.SearchResult;
31 import javax.naming.ldap.LdapContext;
32
33 import javax.servlet.http.HttpServletRequest;
34 import javax.servlet.http.HttpServletResponse;
35
36
42 public class NtlmAutoLogin implements AutoLogin {
43
44 public String[] login(
45 HttpServletRequest request, HttpServletResponse response) {
46
47 String[] credentials = null;
48
49 try {
50 long companyId = PortalUtil.getCompanyId(request);
51
52 if (!PortalLDAPUtil.isNtlmEnabled(companyId)) {
53 return credentials;
54 }
55
56 String screenName = (String)request.getAttribute(
57 WebKeys.NTLM_REMOTE_USER);
58
59 if (screenName == null) {
60 return credentials;
61 }
62
63 request.removeAttribute(WebKeys.NTLM_REMOTE_USER);
64
65 User user = getUser(companyId, screenName);
66
67 if (user != null) {
68 credentials = new String[3];
69
70 credentials[0] = String.valueOf(user.getUserId());
71 credentials[1] = user.getPassword();
72 credentials[2] = Boolean.TRUE.toString();
73 }
74 }
75 catch (Exception e) {
76 _log.error(e, e);
77 }
78
79 return credentials;
80 }
81
82 protected User getUser(long companyId, String screenName) throws Exception {
83 SearchResult result = (SearchResult)PortalLDAPUtil.getUser(
84 companyId, screenName);
85
86 if (result == null) {
87 if (_log.isWarnEnabled()) {
88 _log.warn(
89 "No user was found in LDAP with screenName " + screenName);
90 }
91
92 return null;
93 }
94
95 LdapContext ctx = PortalLDAPUtil.getContext(companyId);
96
97 User user = PortalLDAPUtil.importLDAPUser(
98 companyId, ctx, result.getAttributes(), StringPool.BLANK, false);
99
100 ctx.close();
101
102 return user;
103 }
104
105 private static Log _log = LogFactoryUtil.getLog(NtlmAutoLogin.class);
106
107 }