1
22
23 package com.liferay.portal.security.auth;
24
25 import com.liferay.portal.kernel.util.KeyValuePair;
26 import com.liferay.portal.kernel.util.StringPool;
27 import com.liferay.portal.kernel.util.Validator;
28 import com.liferay.portal.model.Company;
29 import com.liferay.portal.service.UserLocalServiceUtil;
30 import com.liferay.portal.util.CookieKeys;
31 import com.liferay.portal.util.PortalUtil;
32 import com.liferay.util.CookieUtil;
33
34 import javax.servlet.http.Cookie;
35 import javax.servlet.http.HttpServletRequest;
36 import javax.servlet.http.HttpServletResponse;
37
38 import org.apache.commons.logging.Log;
39 import org.apache.commons.logging.LogFactory;
40
41
47 public class RememberMeAutoLogin implements AutoLogin {
48
49 public String[] login(HttpServletRequest req, HttpServletResponse res)
50 throws AutoLoginException {
51
52 try {
53 String[] credentials = null;
54
55 String autoUserId = CookieUtil.get(req.getCookies(), CookieKeys.ID);
56 String autoPassword =
57 CookieUtil.get(req.getCookies(), CookieKeys.PASSWORD);
58
59 if (Validator.isNotNull(autoUserId) &&
60 Validator.isNotNull(autoPassword)) {
61
62 Company company = PortalUtil.getCompany(req);
63
64 KeyValuePair kvp = null;
65
66 if (company.isAutoLogin()) {
67 kvp = UserLocalServiceUtil.decryptUserId(
68 company.getCompanyId(), autoUserId, autoPassword);
69
70 credentials = new String[3];
71
72 credentials[0] = kvp.getKey();
73 credentials[1] = kvp.getValue();
74 credentials[2] = Boolean.FALSE.toString();
75 }
76 }
77
78 return credentials;
79 }
80 catch (Exception e) {
81 _log.warn(e, e);
82
83 Cookie cookie = new Cookie(CookieKeys.ID, StringPool.BLANK);
84
85 cookie.setMaxAge(0);
86 cookie.setPath(StringPool.SLASH);
87
88 CookieKeys.addCookie(res, cookie);
89
90 cookie = new Cookie(CookieKeys.PASSWORD, StringPool.BLANK);
91
92 cookie.setMaxAge(0);
93 cookie.setPath(StringPool.SLASH);
94
95 CookieKeys.addCookie(res, cookie);
96
97 throw new AutoLoginException(e);
98 }
99 }
100
101 private static Log _log = LogFactory.getLog(RememberMeAutoLogin.class);
102
103 }