1   /**
2    * Copyright (c) 2000-2010 Liferay, Inc. All rights reserved.
3    *
4    * The contents of this file are subject to the terms of the Liferay Enterprise
5    * Subscription License ("License"). You may not use this file except in
6    * compliance with the License. You can obtain a copy of the License by
7    * contacting Liferay, Inc. See the License for the specific language governing
8    * permissions and limitations under the License, including but not limited to
9    * distribution rights of the Software.
10   *
11   *
12   *
13   */
14  
15  package com.liferay.portal.security.auth;
16  
17  import com.liferay.portal.SystemException;
18  import com.liferay.portal.kernel.log.Log;
19  import com.liferay.portal.kernel.log.LogFactoryUtil;
20  import com.liferay.portal.kernel.util.PropsKeys;
21  import com.liferay.portal.kernel.util.StringPool;
22  import com.liferay.portal.kernel.util.Validator;
23  import com.liferay.portal.model.Company;
24  import com.liferay.portal.model.CompanyConstants;
25  import com.liferay.portal.model.User;
26  import com.liferay.portal.service.UserLocalServiceUtil;
27  import com.liferay.portal.util.PortalUtil;
28  import com.liferay.portal.util.PrefsPropsUtil;
29  import com.liferay.portal.util.PropsValues;
30  
31  import javax.servlet.http.HttpServletRequest;
32  import javax.servlet.http.HttpServletResponse;
33  
34  /**
35   * <a href="SiteMinderAutoLogin.java.html"><b><i>View Source</i></b></a>
36   *
37   * @author Mika Koivisto
38   * @author Wesley Gong
39   */
40  public class SiteMinderAutoLogin extends CASAutoLogin {
41  
42      public String[] login(
43          HttpServletRequest request, HttpServletResponse response) {
44  
45          String[] credentials = null;
46  
47          try {
48              Company company = PortalUtil.getCompany(request);
49  
50              long companyId = company.getCompanyId();
51  
52              if (!AuthSettingsUtil.isSiteMinderEnabled(companyId)) {
53                  return credentials;
54              }
55  
56              String siteMinderUserHeader = request.getHeader(
57                  PrefsPropsUtil.getString(
58                      companyId, PropsKeys.SITEMINDER_USER_HEADER,
59                      PropsValues.SITEMINDER_USER_HEADER));
60  
61              if (Validator.isNull(siteMinderUserHeader)) {
62                  return credentials;
63              }
64  
65              String authType = company.getAuthType();
66  
67              User user = null;
68  
69              if (PrefsPropsUtil.getBoolean(
70                      companyId, PropsKeys.SITEMINDER_IMPORT_FROM_LDAP,
71                      PropsValues.SITEMINDER_IMPORT_FROM_LDAP)) {
72  
73                  try {
74                      if (authType.equals(CompanyConstants.AUTH_TYPE_EA)) {
75                          user = importLDAPUser(
76                              companyId, siteMinderUserHeader, StringPool.BLANK);
77                      }
78                      else {
79                          user = importLDAPUser(
80                              companyId, StringPool.BLANK, siteMinderUserHeader);
81                      }
82                  }
83                  catch (SystemException se) {
84                  }
85              }
86  
87              if (user == null) {
88                  if (authType.equals(CompanyConstants.AUTH_TYPE_EA)) {
89                      user = UserLocalServiceUtil.getUserByEmailAddress(
90                          companyId, siteMinderUserHeader);
91                  }
92                  else {
93                      user = UserLocalServiceUtil.getUserByScreenName(
94                          companyId, siteMinderUserHeader);
95                  }
96              }
97  
98              credentials = new String[3];
99  
100             credentials[0] = String.valueOf(user.getUserId());
101             credentials[1] = user.getPassword();
102             credentials[2] = Boolean.TRUE.toString();
103 
104             return credentials;
105         }
106         catch (Exception e) {
107             _log.error(e, e);
108         }
109 
110         return credentials;
111     }
112 
113     private static Log _log = LogFactoryUtil.getLog(SiteMinderAutoLogin.class);
114 
115 }