1
22
23 package com.liferay.portal.security.auth;
24
25 import com.liferay.portal.kernel.util.GetterUtil;
26 import com.liferay.portal.kernel.util.ParamUtil;
27 import com.liferay.portal.kernel.util.Validator;
28 import com.liferay.portal.model.Company;
29 import com.liferay.portal.model.CompanyConstants;
30 import com.liferay.portal.model.User;
31 import com.liferay.portal.security.pwd.PwdEncryptor;
32 import com.liferay.portal.service.UserLocalServiceUtil;
33 import com.liferay.portal.util.PortalUtil;
34
35 import javax.servlet.http.HttpServletRequest;
36 import javax.servlet.http.HttpServletResponse;
37
38
44 public class ParameterAutoLogin implements AutoLogin {
45
46 public String[] login(
47 HttpServletRequest request, HttpServletResponse response)
48 throws AutoLoginException {
49
50 try {
51 String login = ParamUtil.getString(request, getLoginParam());
52
53 if (Validator.isNull(login)) {
54 return null;
55 }
56
57 String password = ParamUtil.getString(request, getPasswordParam());
58
59 if (Validator.isNull(password)) {
60 return null;
61 }
62
63 Company company = PortalUtil.getCompany(request);
64
65 String authType = company.getAuthType();
66
67 long userId = 0;
68
69 if (authType.equals(CompanyConstants.AUTH_TYPE_EA)) {
70 userId = UserLocalServiceUtil.getUserIdByEmailAddress(
71 company.getCompanyId(), login);
72 }
73 else if (authType.equals(CompanyConstants.AUTH_TYPE_SN)) {
74 userId = UserLocalServiceUtil.getUserIdByScreenName(
75 company.getCompanyId(), login);
76 }
77 else if (authType.equals(CompanyConstants.AUTH_TYPE_ID)) {
78 userId = GetterUtil.getLong(login);
79 }
80 else {
81 return null;
82 }
83
84 if (userId > 0) {
85 User user = UserLocalServiceUtil.getUserById(userId);
86
87 String userPassword = user.getPassword();
88
89 if (!user.isPasswordEncrypted()) {
90 userPassword = PwdEncryptor.encrypt(userPassword);
91 }
92
93 String encPassword = PwdEncryptor.encrypt(password);
94
95 if (!userPassword.equals(password) &&
96 !userPassword.equals(encPassword)) {
97
98 return null;
99 }
100 }
101
102 String[] credentials = new String[] {
103 String.valueOf(userId), password, Boolean.FALSE.toString()
104 };
105
106 return credentials;
107 }
108 catch (Exception e) {
109 throw new AutoLoginException(e);
110 }
111 }
112
113 protected String getLoginParam() {
114 return _LOGIN_PARAM;
115 }
116
117 protected String getPasswordParam() {
118 return _PASSWORD_PARAM;
119 }
120
121 private static final String _LOGIN_PARAM = "parameterAutoLoginLogin";
122
123 private static final String _PASSWORD_PARAM = "parameterAutoLoginPassword";
124
125 }