001    /**
002     * Copyright (c) 2000-2010 Liferay, Inc. All rights reserved.
003     *
004     * The contents of this file are subject to the terms of the Liferay Enterprise
005     * Subscription License ("License"). You may not use this file except in
006     * compliance with the License. You can obtain a copy of the License by
007     * contacting Liferay, Inc. See the License for the specific language governing
008     * permissions and limitations under the License, including but not limited to
009     * distribution rights of the Software.
010     *
011     *
012     *
013     */
014    
015    package com.liferay.portal.security.auth;
016    
017    import com.liferay.portal.kernel.exception.SystemException;
018    import com.liferay.portal.kernel.log.Log;
019    import com.liferay.portal.kernel.log.LogFactoryUtil;
020    import com.liferay.portal.kernel.util.PropsKeys;
021    import com.liferay.portal.kernel.util.StringPool;
022    import com.liferay.portal.kernel.util.Validator;
023    import com.liferay.portal.model.Company;
024    import com.liferay.portal.model.CompanyConstants;
025    import com.liferay.portal.model.User;
026    import com.liferay.portal.security.ldap.LDAPSettingsUtil;
027    import com.liferay.portal.service.UserLocalServiceUtil;
028    import com.liferay.portal.util.PortalUtil;
029    import com.liferay.portal.util.PrefsPropsUtil;
030    import com.liferay.portal.util.PropsValues;
031    
032    import javax.servlet.http.HttpServletRequest;
033    import javax.servlet.http.HttpServletResponse;
034    
035    /**
036     * @author Mika Koivisto
037     * @author Wesley Gong
038     */
039    public class SiteMinderAutoLogin extends CASAutoLogin {
040    
041            public String[] login(
042                    HttpServletRequest request, HttpServletResponse response) {
043    
044                    String[] credentials = null;
045    
046                    try {
047                            Company company = PortalUtil.getCompany(request);
048    
049                            long companyId = company.getCompanyId();
050    
051                            if (!LDAPSettingsUtil.isSiteMinderEnabled(companyId)) {
052                                    return credentials;
053                            }
054    
055                            String siteMinderUserHeader = request.getHeader(
056                                    PrefsPropsUtil.getString(
057                                            companyId, PropsKeys.SITEMINDER_USER_HEADER,
058                                            PropsValues.SITEMINDER_USER_HEADER));
059    
060                            if (Validator.isNull(siteMinderUserHeader)) {
061                                    return credentials;
062                            }
063    
064                            String authType = company.getAuthType();
065    
066                            User user = null;
067    
068                            if (PrefsPropsUtil.getBoolean(
069                                            companyId, PropsKeys.SITEMINDER_IMPORT_FROM_LDAP,
070                                            PropsValues.SITEMINDER_IMPORT_FROM_LDAP)) {
071    
072                                    try {
073                                            if (authType.equals(CompanyConstants.AUTH_TYPE_EA)) {
074                                                    user = importLDAPUser(
075                                                            companyId, siteMinderUserHeader, StringPool.BLANK);
076                                            }
077                                            else {
078                                                    user = importLDAPUser(
079                                                            companyId, StringPool.BLANK, siteMinderUserHeader);
080                                            }
081                                    }
082                                    catch (SystemException se) {
083                                    }
084                            }
085    
086                            if (user == null) {
087                                    if (authType.equals(CompanyConstants.AUTH_TYPE_EA)) {
088                                            user = UserLocalServiceUtil.getUserByEmailAddress(
089                                                    companyId, siteMinderUserHeader);
090                                    }
091                                    else {
092                                            user = UserLocalServiceUtil.getUserByScreenName(
093                                                    companyId, siteMinderUserHeader);
094                                    }
095                            }
096    
097                            credentials = new String[3];
098    
099                            credentials[0] = String.valueOf(user.getUserId());
100                            credentials[1] = user.getPassword();
101                            credentials[2] = Boolean.TRUE.toString();
102    
103                            return credentials;
104                    }
105                    catch (Exception e) {
106                            _log.error(e, e);
107                    }
108    
109                    return credentials;
110            }
111    
112            private static Log _log = LogFactoryUtil.getLog(SiteMinderAutoLogin.class);
113    
114    }