1   /**
2    * Copyright (c) 2000-2010 Liferay, Inc. All rights reserved.
3    *
4    * This library is free software; you can redistribute it and/or modify it under
5    * the terms of the GNU Lesser General Public License as published by the Free
6    * Software Foundation; either version 2.1 of the License, or (at your option)
7    * any later version.
8    *
9    * This library is distributed in the hope that it will be useful, but WITHOUT
10   * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
11   * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
12   * details.
13   */
14  
15  package com.liferay.portal.security.auth;
16  
17  import com.liferay.portal.kernel.log.Log;
18  import com.liferay.portal.kernel.log.LogFactoryUtil;
19  import com.liferay.portal.kernel.util.KeyValuePair;
20  import com.liferay.portal.kernel.util.StringPool;
21  import com.liferay.portal.kernel.util.Validator;
22  import com.liferay.portal.model.Company;
23  import com.liferay.portal.service.UserLocalServiceUtil;
24  import com.liferay.portal.util.CookieKeys;
25  import com.liferay.portal.util.PortalUtil;
26  
27  import javax.servlet.http.Cookie;
28  import javax.servlet.http.HttpServletRequest;
29  import javax.servlet.http.HttpServletResponse;
30  
31  /**
32   * <a href="RememberMeAutoLogin.java.html"><b><i>View Source</i></b></a>
33   *
34   * @author Brian Wing Shun Chan
35   */
36  public class RememberMeAutoLogin implements AutoLogin {
37  
38      public String[] login(
39              HttpServletRequest request, HttpServletResponse response)
40          throws AutoLoginException {
41  
42          try {
43              String[] credentials = null;
44  
45              String autoUserId = CookieKeys.getCookie(request, CookieKeys.ID);
46              String autoPassword = CookieKeys.getCookie(
47                  request, CookieKeys.PASSWORD);
48              String rememberMe = CookieKeys.getCookie(
49                  request, CookieKeys.REMEMBER_ME);
50  
51              // LEP-5188
52  
53              if (!PortalUtil.getPathContext().equals(request.getContextPath())) {
54                  rememberMe = Boolean.TRUE.toString();
55              }
56  
57              if (Validator.isNotNull(autoUserId) &&
58                  Validator.isNotNull(autoPassword) &&
59                  Validator.isNotNull(rememberMe)) {
60  
61                  Company company = PortalUtil.getCompany(request);
62  
63                  KeyValuePair kvp = null;
64  
65                  if (company.isAutoLogin()) {
66                      kvp = UserLocalServiceUtil.decryptUserId(
67                          company.getCompanyId(), autoUserId, autoPassword);
68  
69                      credentials = new String[3];
70  
71                      credentials[0] = kvp.getKey();
72                      credentials[1] = kvp.getValue();
73                      credentials[2] = Boolean.FALSE.toString();
74                  }
75              }
76  
77              return credentials;
78          }
79          catch (Exception e) {
80              _log.warn(e, e);
81  
82              Cookie cookie = new Cookie(CookieKeys.ID, StringPool.BLANK);
83  
84              cookie.setMaxAge(0);
85              cookie.setPath(StringPool.SLASH);
86  
87              CookieKeys.addCookie(request, response, cookie);
88  
89              cookie = new Cookie(CookieKeys.PASSWORD, StringPool.BLANK);
90  
91              cookie.setMaxAge(0);
92              cookie.setPath(StringPool.SLASH);
93  
94              CookieKeys.addCookie(request, response, cookie);
95  
96              throw new AutoLoginException(e);
97          }
98      }
99  
100     private static Log _log = LogFactoryUtil.getLog(RememberMeAutoLogin.class);
101 
102 }