1
22
23 package com.liferay.portal.security.auth;
24
25 import com.liferay.portal.NoSuchUserException;
26 import com.liferay.portal.SystemException;
27 import com.liferay.portal.kernel.log.Log;
28 import com.liferay.portal.kernel.log.LogFactoryUtil;
29 import com.liferay.portal.kernel.util.StringPool;
30 import com.liferay.portal.kernel.util.StringUtil;
31 import com.liferay.portal.kernel.util.Validator;
32 import com.liferay.portal.model.User;
33 import com.liferay.portal.security.ldap.PortalLDAPUtil;
34 import com.liferay.portal.service.UserLocalServiceUtil;
35 import com.liferay.portal.util.PortalUtil;
36 import com.liferay.portal.util.PrefsPropsUtil;
37 import com.liferay.portal.util.PropsKeys;
38 import com.liferay.portal.util.PropsValues;
39
40 import edu.yale.its.tp.cas.client.filter.CASFilter;
41
42 import javax.naming.Binding;
43 import javax.naming.NamingEnumeration;
44 import javax.naming.directory.Attributes;
45 import javax.naming.directory.SearchControls;
46 import javax.naming.directory.SearchResult;
47 import javax.naming.ldap.LdapContext;
48
49 import javax.servlet.http.HttpServletRequest;
50 import javax.servlet.http.HttpServletResponse;
51 import javax.servlet.http.HttpSession;
52
53
60 public class CASAutoLogin implements AutoLogin {
61
62 public String[] login(
63 HttpServletRequest request, HttpServletResponse response) {
64
65 String[] credentials = null;
66
67 try {
68 long companyId = PortalUtil.getCompanyId(request);
69
70 if (!PrefsPropsUtil.getBoolean(
71 companyId, PropsKeys.CAS_AUTH_ENABLED,
72 PropsValues.CAS_AUTH_ENABLED)) {
73
74 return credentials;
75 }
76
77 HttpSession session = request.getSession();
78
79 String screenName = (String)session.getAttribute(
80 CASFilter.CAS_FILTER_USER);
81
82 if (Validator.isNull(screenName)) {
83 return credentials;
84 }
85
86 User user = null;
87
88 try {
89 user = UserLocalServiceUtil.getUserByScreenName(
90 companyId, screenName);
91 }
92 catch (NoSuchUserException nsue) {
93 if (PrefsPropsUtil.getBoolean(
94 companyId, PropsKeys.CAS_IMPORT_FROM_LDAP,
95 PropsValues.CAS_IMPORT_FROM_LDAP)) {
96
97 user = addUser(companyId, screenName);
98 }
99 else {
100 throw nsue;
101 }
102 }
103
104 credentials = new String[3];
105
106 credentials[0] = String.valueOf(user.getUserId());
107 credentials[1] = user.getPassword();
108 credentials[2] = Boolean.TRUE.toString();
109
110 return credentials;
111 }
112 catch (Exception e) {
113 _log.error(e, e);
114 }
115
116 return credentials;
117 }
118
119 protected User addUser(long companyId, String screenName)
120 throws SystemException {
121
122 try {
123 String baseDN = PrefsPropsUtil.getString(
124 companyId, PropsKeys.LDAP_BASE_DN);
125
126 LdapContext ctx = PortalLDAPUtil.getContext(companyId);
127
128 if (ctx == null) {
129 throw new SystemException("Failed to bind to the LDAP server");
130 }
131
132 String filter = PrefsPropsUtil.getString(
133 companyId, PropsKeys.LDAP_AUTH_SEARCH_FILTER);
134
135 if (_log.isDebugEnabled()) {
136 _log.debug("Search filter before transformation " + filter);
137 }
138
139 filter = StringUtil.replace(
140 filter,
141 new String[] {
142 "@company_id@", "@email_address@", "@screen_name@"
143 },
144 new String[] {
145 String.valueOf(companyId), StringPool.BLANK, screenName
146 });
147
148 if (_log.isDebugEnabled()) {
149 _log.debug("Search filter after transformation " + filter);
150 }
151
152 SearchControls cons = new SearchControls(
153 SearchControls.SUBTREE_SCOPE, 1, 0, null, false, false);
154
155 NamingEnumeration<SearchResult> enu = ctx.search(
156 baseDN, filter, cons);
157
158 if (enu.hasMoreElements()) {
159 if (_log.isDebugEnabled()) {
160 _log.debug("Search filter returned at least one result");
161 }
162
163 Binding binding = enu.nextElement();
164
165 Attributes attrs = PortalLDAPUtil.getUserAttributes(
166 companyId, ctx,
167 PortalLDAPUtil.getNameInNamespace(companyId, binding));
168
169 return PortalLDAPUtil.importLDAPUser(
170 companyId, ctx, attrs, StringPool.BLANK, true);
171 }
172 else {
173 throw new NoSuchUserException(
174 "User " + screenName + " was not found in the LDAP server");
175 }
176 }
177 catch (Exception e) {
178 _log.error("Problem accessing LDAP server ", e);
179
180 throw new SystemException(
181 "Problem accessign LDAP server " + e.getMessage());
182 }
183 }
184
185 private static Log _log = LogFactoryUtil.getLog(CASAutoLogin.class);
186
187 }