1
22
23 package com.liferay.portal.servlet.taglib.security;
24
25 import com.liferay.portal.kernel.util.HttpUtil;
26 import com.liferay.portal.kernel.util.Validator;
27 import com.liferay.portal.model.Company;
28 import com.liferay.portal.util.PortalUtil;
29 import com.liferay.util.Encryptor;
30 import com.liferay.util.EncryptorException;
31
32 import java.security.Key;
33
34 import java.util.Set;
35 import java.util.StringTokenizer;
36
37 import javax.servlet.http.HttpServletRequest;
38 import javax.servlet.jsp.JspException;
39 import javax.servlet.jsp.PageContext;
40
41 import org.apache.commons.logging.Log;
42 import org.apache.commons.logging.LogFactory;
43
44
50 public class EncryptTagUtil {
51
52 public static void doStartTag(
53 String className, String style, String protocol,
54 Set<String> unencryptedParamsSet, String url, String target,
55 PageContext pageContext)
56 throws JspException {
57
58 try {
59 StringBuilder sb = new StringBuilder();
60
61
63 sb.append("<a ");
64
65
67 if (Validator.isNotNull(className)) {
68 sb.append("class=\"");
69 sb.append(className);
70 sb.append("\" ");
71 }
72
73
75 sb.append("href=\"").append(protocol).append("://");
76
77 int pos = url.indexOf("?");
78
79 if (pos == -1) {
80 sb.append(url);
81 }
82 else {
83 sb.append(url.substring(0, pos)).append("?");
84
85 Company company = PortalUtil.getCompany(
86 (HttpServletRequest)pageContext.getRequest());
87
88 Key key = company.getKeyObj();
89
90 StringTokenizer st = new StringTokenizer(
91 url.substring(pos + 1, url.length()), "&");
92
93 while (st.hasMoreTokens()) {
94 String paramAndValue = st.nextToken();
95
96 int x = paramAndValue.indexOf("=");
97
98 String param = paramAndValue.substring(0, x);
99 String value = paramAndValue.substring(
100 x + 1, paramAndValue.length());
101
102 sb.append(param).append("=");
103
104 if (unencryptedParamsSet.contains(param)) {
105 sb.append(HttpUtil.encodeURL(value));
106 }
107 else {
108 try {
109 sb.append(HttpUtil.encodeURL(
110 Encryptor.encrypt(key, value)));
111 }
112 catch (EncryptorException ee) {
113 _log.error(ee.getMessage());
114 }
115
116 if (st.hasMoreTokens()) {
117 sb.append("&");
118 }
119 }
120 }
121
122 sb.append("&shuo=1");
123 }
124
125 sb.append("\" ");
126
127
129 if (Validator.isNotNull(style)) {
130 sb.append("style=\"");
131 sb.append(style);
132 sb.append("\" ");
133 }
134
135
137 if (Validator.isNotNull(target)) {
138 sb.append("target=\"" + target + "\"");
139 }
140
141
143 sb.append(">");
144
145 pageContext.getOut().print(sb.toString());
146 }
147 catch (Exception e) {
148 throw new JspException(e);
149 }
150 }
151
152 public static void doEndTag(PageContext pageContext) throws JspException {
153 try {
154 pageContext.getOut().print("</a>");
155 }
156 catch (Exception e) {
157 throw new JspException(e);
158 }
159 }
160
161 private static Log _log = LogFactory.getLog(EncryptTagUtil.class);
162
163 }