1
14
15 package com.liferay.portal.security.auth;
16
17 import com.liferay.portal.kernel.util.GetterUtil;
18 import com.liferay.portal.kernel.util.ParamUtil;
19 import com.liferay.portal.kernel.util.Validator;
20 import com.liferay.portal.model.Company;
21 import com.liferay.portal.model.CompanyConstants;
22 import com.liferay.portal.model.User;
23 import com.liferay.portal.security.pwd.PwdEncryptor;
24 import com.liferay.portal.service.UserLocalServiceUtil;
25 import com.liferay.portal.util.PortalUtil;
26
27 import javax.servlet.http.HttpServletRequest;
28 import javax.servlet.http.HttpServletResponse;
29
30
35 public class ParameterAutoLogin implements AutoLogin {
36
37 public String[] login(
38 HttpServletRequest request, HttpServletResponse response)
39 throws AutoLoginException {
40
41 try {
42 String login = ParamUtil.getString(request, getLoginParam());
43
44 if (Validator.isNull(login)) {
45 return null;
46 }
47
48 String password = ParamUtil.getString(request, getPasswordParam());
49
50 if (Validator.isNull(password)) {
51 return null;
52 }
53
54 Company company = PortalUtil.getCompany(request);
55
56 String authType = company.getAuthType();
57
58 long userId = 0;
59
60 if (authType.equals(CompanyConstants.AUTH_TYPE_EA)) {
61 userId = UserLocalServiceUtil.getUserIdByEmailAddress(
62 company.getCompanyId(), login);
63 }
64 else if (authType.equals(CompanyConstants.AUTH_TYPE_SN)) {
65 userId = UserLocalServiceUtil.getUserIdByScreenName(
66 company.getCompanyId(), login);
67 }
68 else if (authType.equals(CompanyConstants.AUTH_TYPE_ID)) {
69 userId = GetterUtil.getLong(login);
70 }
71 else {
72 return null;
73 }
74
75 if (userId > 0) {
76 User user = UserLocalServiceUtil.getUserById(userId);
77
78 String userPassword = user.getPassword();
79
80 if (!user.isPasswordEncrypted()) {
81 userPassword = PwdEncryptor.encrypt(userPassword);
82 }
83
84 String encPassword = PwdEncryptor.encrypt(password);
85
86 if (!userPassword.equals(password) &&
87 !userPassword.equals(encPassword)) {
88
89 return null;
90 }
91 }
92
93 String[] credentials = new String[] {
94 String.valueOf(userId), password, Boolean.FALSE.toString()
95 };
96
97 return credentials;
98 }
99 catch (Exception e) {
100 throw new AutoLoginException(e);
101 }
102 }
103
104 protected String getLoginParam() {
105 return _LOGIN_PARAM;
106 }
107
108 protected String getPasswordParam() {
109 return _PASSWORD_PARAM;
110 }
111
112 private static final String _LOGIN_PARAM = "parameterAutoLoginLogin";
113
114 private static final String _PASSWORD_PARAM = "parameterAutoLoginPassword";
115
116 }