1
22
23 package com.liferay.portal.security.auth;
24
25 import com.liferay.portal.kernel.log.Log;
26 import com.liferay.portal.kernel.log.LogFactoryUtil;
27 import com.liferay.portal.kernel.util.StringPool;
28 import com.liferay.portal.model.User;
29 import com.liferay.portal.security.ldap.PortalLDAPUtil;
30 import com.liferay.portal.util.PortalUtil;
31 import com.liferay.portal.util.WebKeys;
32
33 import javax.naming.directory.SearchResult;
34 import javax.naming.ldap.LdapContext;
35
36 import javax.servlet.http.HttpServletRequest;
37 import javax.servlet.http.HttpServletResponse;
38
39
45 public class NtlmAutoLogin implements AutoLogin {
46
47 public String[] login(
48 HttpServletRequest request, HttpServletResponse response) {
49
50 String[] credentials = null;
51
52 try {
53 long companyId = PortalUtil.getCompanyId(request);
54
55 if (!PortalLDAPUtil.isNtlmEnabled(companyId)) {
56 return credentials;
57 }
58
59 String screenName = (String)request.getAttribute(
60 WebKeys.NTLM_REMOTE_USER);
61
62 if (screenName == null) {
63 return credentials;
64 }
65
66 request.removeAttribute(WebKeys.NTLM_REMOTE_USER);
67
68 User user = getUser(companyId, screenName);
69
70 if (user != null) {
71 credentials = new String[3];
72
73 credentials[0] = String.valueOf(user.getUserId());
74 credentials[1] = user.getPassword();
75 credentials[2] = Boolean.TRUE.toString();
76 }
77 }
78 catch (Exception e) {
79 _log.error(e, e);
80 }
81
82 return credentials;
83 }
84
85 protected User getUser(long companyId, String screenName) throws Exception {
86 SearchResult result = (SearchResult)PortalLDAPUtil.getUser(
87 companyId, screenName);
88
89 if (result == null) {
90 if (_log.isWarnEnabled()) {
91 _log.warn(
92 "No user was found in LDAP with screenName " + screenName);
93 }
94
95 return null;
96 }
97
98 LdapContext ctx = PortalLDAPUtil.getContext(companyId);
99
100 User user = PortalLDAPUtil.importLDAPUser(
101 companyId, ctx, result.getAttributes(), StringPool.BLANK, false);
102
103 ctx.close();
104
105 return user;
106 }
107
108 private static Log _log = LogFactoryUtil.getLog(NtlmAutoLogin.class);
109
110 }