1
22
23 package com.liferay.portal.security.auth;
24
25 import com.liferay.portal.model.User;
26 import com.liferay.portal.security.ldap.PortalLDAPUtil;
27 import com.liferay.portal.util.PortalUtil;
28 import com.liferay.portal.util.WebKeys;
29
30 import javax.naming.directory.SearchResult;
31 import javax.naming.ldap.LdapContext;
32
33 import javax.servlet.http.HttpServletRequest;
34 import javax.servlet.http.HttpServletResponse;
35
36 import org.apache.commons.logging.Log;
37 import org.apache.commons.logging.LogFactory;
38
39
45 public class NtlmAutoLogin implements AutoLogin {
46
47 public String[] login(HttpServletRequest req, HttpServletResponse res)
48 throws AutoLoginException {
49
50 String[] credentials = null;
51
52 try {
53 long companyId = PortalUtil.getCompanyId(req);
54
55 if (!PortalLDAPUtil.isNtlmEnabled(companyId)) {
56 return credentials;
57 }
58
59 String screenName = (String)req.getAttribute(
60 WebKeys.NTLM_REMOTE_USER);
61
62 if (screenName == null) {
63 return credentials;
64 }
65
66 req.removeAttribute(WebKeys.NTLM_REMOTE_USER);
67
68 User user = getUser(companyId, screenName);
69
70 if (user != null) {
71 credentials = new String[3];
72
73 credentials[0] = String.valueOf(user.getUserId());
74 credentials[1] = user.getPassword();
75 credentials[2] = Boolean.TRUE.toString();
76 }
77 }
78 catch (Exception e) {
79 _log.error(e.getMessage());
80 }
81
82 return credentials;
83 }
84
85 protected User getUser(long companyId, String screenName) throws Exception {
86 SearchResult result = (SearchResult)PortalLDAPUtil.getUser(
87 companyId, screenName);
88
89 if (result == null) {
90 if (_log.isWarnEnabled()) {
91 _log.warn(
92 "No user was found in LDAP with screenName " + screenName);
93 }
94
95 return null;
96 }
97
98 LdapContext ctx = PortalLDAPUtil.getContext(companyId);
99
100 User user = PortalLDAPUtil.importLDAPUser(
101 companyId, ctx, result.getAttributes(), false);
102
103 return user;
104 }
105
106 private static Log _log = LogFactory.getLog(NtlmAutoLogin.class);
107
108 }