1   /**
2    * Copyright (c) 2000-2009 Liferay, Inc. All rights reserved.
3    *
4    * Permission is hereby granted, free of charge, to any person obtaining a copy
5    * of this software and associated documentation files (the "Software"), to deal
6    * in the Software without restriction, including without limitation the rights
7    * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
8    * copies of the Software, and to permit persons to whom the Software is
9    * furnished to do so, subject to the following conditions:
10   *
11   * The above copyright notice and this permission notice shall be included in
12   * all copies or substantial portions of the Software.
13   *
14   * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
15   * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
16   * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
17   * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
18   * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
19   * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
20   * SOFTWARE.
21   */
22  
23  package com.liferay.portal.servlet.filters.sso.cas;
24  
25  import com.liferay.portal.kernel.log.Log;
26  import com.liferay.portal.kernel.log.LogFactoryUtil;
27  import com.liferay.portal.kernel.servlet.BaseFilter;
28  import com.liferay.portal.kernel.util.Validator;
29  import com.liferay.portal.util.PortalUtil;
30  import com.liferay.portal.util.PrefsPropsUtil;
31  import com.liferay.portal.util.PropsKeys;
32  import com.liferay.portal.util.PropsValues;
33  import com.liferay.util.servlet.filters.DynamicFilterConfig;
34  
35  import java.util.Map;
36  import java.util.concurrent.ConcurrentHashMap;
37  
38  import javax.servlet.Filter;
39  import javax.servlet.FilterChain;
40  import javax.servlet.ServletContext;
41  import javax.servlet.http.HttpServletRequest;
42  import javax.servlet.http.HttpServletResponse;
43  import javax.servlet.http.HttpSession;
44  
45  /**
46   * <a href="CASFilter.java.html"><b><i>View Source</i></b></a>
47   *
48   * @author Michael Young
49   * @author Brian Wing Shun Chan
50   * @author Raymond Augé
51   *
52   */
53  public class CASFilter extends BaseFilter {
54  
55      public static void reload(long companyId) {
56          _casFilters.remove(companyId);
57      }
58  
59      protected Filter getCASFilter(long companyId) throws Exception {
60          edu.yale.its.tp.cas.client.filter.CASFilter casFilter =
61              _casFilters.get(companyId);
62  
63          if (casFilter == null) {
64              casFilter = new edu.yale.its.tp.cas.client.filter.CASFilter();
65  
66              DynamicFilterConfig config = new DynamicFilterConfig(
67                  _filterName, _servletContext);
68  
69              String serverName = PrefsPropsUtil.getString(
70                  companyId, PropsKeys.CAS_SERVER_NAME,
71                  PropsValues.CAS_SERVER_NAME);
72              String serviceUrl = PrefsPropsUtil.getString(
73                  companyId, PropsKeys.CAS_SERVICE_URL,
74                  PropsValues.CAS_SERVICE_URL);
75  
76              config.addInitParameter(
77                  edu.yale.its.tp.cas.client.filter.CASFilter.LOGIN_INIT_PARAM,
78                  PrefsPropsUtil.getString(
79                      companyId, PropsKeys.CAS_LOGIN_URL,
80                      PropsValues.CAS_LOGIN_URL));
81  
82              if (Validator.isNotNull(serviceUrl)) {
83                  config.addInitParameter(
84                      edu.yale.its.tp.cas.client.filter.CASFilter.
85                          SERVICE_INIT_PARAM,
86                      serviceUrl);
87              }
88              else {
89                  config.addInitParameter(
90                      edu.yale.its.tp.cas.client.filter.CASFilter.
91                          SERVERNAME_INIT_PARAM,
92                      serverName);
93              }
94  
95              config.addInitParameter(
96                  edu.yale.its.tp.cas.client.filter.CASFilter.VALIDATE_INIT_PARAM,
97                  PrefsPropsUtil.getString(
98                      companyId, PropsKeys.CAS_VALIDATE_URL,
99                      PropsValues.CAS_VALIDATE_URL));
100 
101             casFilter.init(config);
102 
103             _casFilters.put(companyId, casFilter);
104         }
105 
106         return casFilter;
107     }
108 
109     protected Log getLog() {
110         return _log;
111     }
112 
113     protected void processFilter(
114         HttpServletRequest request, HttpServletResponse response,
115         FilterChain filterChain) {
116 
117         try {
118             long companyId = PortalUtil.getCompanyId(request);
119 
120             if (PrefsPropsUtil.getBoolean(
121                     companyId, PropsKeys.CAS_AUTH_ENABLED,
122                     PropsValues.CAS_AUTH_ENABLED)) {
123 
124                 String pathInfo = request.getPathInfo();
125 
126                 if (pathInfo.indexOf("/portal/logout") != -1) {
127                     HttpSession session = request.getSession();
128 
129                     session.invalidate();
130 
131                     String logoutUrl = PrefsPropsUtil.getString(
132                         companyId, PropsKeys.CAS_LOGOUT_URL,
133                         PropsValues.CAS_LOGOUT_URL);
134 
135                     response.sendRedirect(logoutUrl);
136                 }
137                 else {
138                     Filter casFilter = getCASFilter(companyId);
139 
140                     casFilter.doFilter(request, response, filterChain);
141                 }
142             }
143             else {
144                 processFilter(CASFilter.class, request, response, filterChain);
145             }
146         }
147         catch (Exception e) {
148             _log.error(e, e);
149         }
150     }
151 
152     private static Log _log = LogFactoryUtil.getLog(CASFilter.class);
153 
154     private static Map<Long, edu.yale.its.tp.cas.client.filter.CASFilter>
155         _casFilters = new ConcurrentHashMap
156             <Long, edu.yale.its.tp.cas.client.filter.CASFilter>();
157 
158     private String _filterName;
159     private ServletContext _servletContext;
160 
161 }