1
22
23 package com.liferay.portal.servlet.taglib.security;
24
25 import com.liferay.portal.kernel.util.HttpUtil;
26 import com.liferay.portal.kernel.util.StringMaker;
27 import com.liferay.portal.kernel.util.Validator;
28 import com.liferay.portal.model.Company;
29 import com.liferay.portal.util.PortalUtil;
30 import com.liferay.util.Encryptor;
31 import com.liferay.util.EncryptorException;
32
33 import java.security.Key;
34
35 import java.util.Set;
36 import java.util.StringTokenizer;
37
38 import javax.servlet.http.HttpServletRequest;
39 import javax.servlet.jsp.JspException;
40 import javax.servlet.jsp.PageContext;
41
42 import org.apache.commons.logging.Log;
43 import org.apache.commons.logging.LogFactory;
44
45
51 public class EncryptTagUtil {
52
53 public static void doStartTag(
54 String className, String style, String protocol,
55 Set<String> unencryptedParamsSet, String url, String target,
56 PageContext pageContext)
57 throws JspException {
58
59 try {
60 StringMaker sm = new StringMaker();
61
62
64 sm.append("<a ");
65
66
68 if (Validator.isNotNull(className)) {
69 sm.append("class=\"");
70 sm.append(className);
71 sm.append("\" ");
72 }
73
74
76 sm.append("href=\"").append(protocol).append("://");
77
78 int pos = url.indexOf("?");
79
80 if (pos == -1) {
81 sm.append(url);
82 }
83 else {
84 sm.append(url.substring(0, pos)).append("?");
85
86 Company company = PortalUtil.getCompany(
87 (HttpServletRequest)pageContext.getRequest());
88
89 Key key = company.getKeyObj();
90
91 StringTokenizer st = new StringTokenizer(
92 url.substring(pos + 1, url.length()), "&");
93
94 while (st.hasMoreTokens()) {
95 String paramAndValue = st.nextToken();
96
97 int x = paramAndValue.indexOf("=");
98
99 String param = paramAndValue.substring(0, x);
100 String value = paramAndValue.substring(
101 x + 1, paramAndValue.length());
102
103 sm.append(param).append("=");
104
105 if (unencryptedParamsSet.contains(param)) {
106 sm.append(HttpUtil.encodeURL(value));
107 }
108 else {
109 try {
110 sm.append(HttpUtil.encodeURL(
111 Encryptor.encrypt(key, value)));
112 }
113 catch (EncryptorException ee) {
114 _log.error(ee.getMessage());
115 }
116
117 if (st.hasMoreTokens()) {
118 sm.append("&");
119 }
120 }
121 }
122
123 sm.append("&shuo=1");
124 }
125
126 sm.append("\" ");
127
128
130 if (Validator.isNotNull(style)) {
131 sm.append("style=\"");
132 sm.append(style);
133 sm.append("\" ");
134 }
135
136
138 if (Validator.isNotNull(target)) {
139 sm.append("target=\"" + target + "\"");
140 }
141
142
144 sm.append(">");
145
146 pageContext.getOut().print(sm.toString());
147 }
148 catch (Exception e) {
149 throw new JspException(e);
150 }
151 }
152
153 public static void doEndTag(PageContext pageContext) throws JspException {
154 try {
155 pageContext.getOut().print("</a>");
156 }
157 catch (Exception e) {
158 throw new JspException(e);
159 }
160 }
161
162 private static Log _log = LogFactory.getLog(EncryptTagUtil.class);
163
164 }