1
22
23 package com.liferay.portal.security.auth;
24
25 import com.liferay.portal.kernel.util.StringPool;
26 import com.liferay.portal.model.User;
27 import com.liferay.portal.security.ldap.PortalLDAPUtil;
28 import com.liferay.portal.util.PortalUtil;
29 import com.liferay.portal.util.WebKeys;
30
31 import javax.naming.directory.SearchResult;
32 import javax.naming.ldap.LdapContext;
33
34 import javax.servlet.http.HttpServletRequest;
35 import javax.servlet.http.HttpServletResponse;
36
37 import org.apache.commons.logging.Log;
38 import org.apache.commons.logging.LogFactory;
39
40
46 public class NtlmAutoLogin implements AutoLogin {
47
48 public String[] login(
49 HttpServletRequest request, HttpServletResponse response) {
50
51 String[] credentials = null;
52
53 try {
54 long companyId = PortalUtil.getCompanyId(request);
55
56 if (!PortalLDAPUtil.isNtlmEnabled(companyId)) {
57 return credentials;
58 }
59
60 String screenName = (String)request.getAttribute(
61 WebKeys.NTLM_REMOTE_USER);
62
63 if (screenName == null) {
64 return credentials;
65 }
66
67 request.removeAttribute(WebKeys.NTLM_REMOTE_USER);
68
69 User user = getUser(companyId, screenName);
70
71 if (user != null) {
72 credentials = new String[3];
73
74 credentials[0] = String.valueOf(user.getUserId());
75 credentials[1] = user.getPassword();
76 credentials[2] = Boolean.TRUE.toString();
77 }
78 }
79 catch (Exception e) {
80 _log.error(e.getMessage());
81 }
82
83 return credentials;
84 }
85
86 protected User getUser(long companyId, String screenName) throws Exception {
87 SearchResult result = (SearchResult)PortalLDAPUtil.getUser(
88 companyId, screenName);
89
90 if (result == null) {
91 if (_log.isWarnEnabled()) {
92 _log.warn(
93 "No user was found in LDAP with screenName " + screenName);
94 }
95
96 return null;
97 }
98
99 LdapContext ctx = PortalLDAPUtil.getContext(companyId);
100
101 User user = PortalLDAPUtil.importLDAPUser(
102 companyId, ctx, result.getAttributes(), StringPool.BLANK, false);
103
104 ctx.close();
105
106 return user;
107 }
108
109 private static Log _log = LogFactory.getLog(NtlmAutoLogin.class);
110
111 }