1
14
15 package com.liferay.portal.security.auth;
16
17 import com.liferay.portal.kernel.log.Log;
18 import com.liferay.portal.kernel.log.LogFactoryUtil;
19 import com.liferay.portal.kernel.util.ParamUtil;
20 import com.liferay.portal.kernel.util.StringPool;
21 import com.liferay.portal.kernel.util.Validator;
22 import com.liferay.portal.model.User;
23 import com.liferay.portal.security.ldap.LDAPSettingsUtil;
24 import com.liferay.portal.security.ldap.PortalLDAPImporterUtil;
25 import com.liferay.portal.security.ldap.PortalLDAPUtil;
26 import com.liferay.portal.util.PortalUtil;
27 import com.liferay.portal.util.WebKeys;
28
29 import javax.naming.directory.SearchResult;
30 import javax.naming.ldap.LdapContext;
31
32 import javax.servlet.http.HttpServletRequest;
33 import javax.servlet.http.HttpServletResponse;
34
35
40 public class NtlmAutoLogin implements AutoLogin {
41
42 public String[] login(
43 HttpServletRequest request, HttpServletResponse response) {
44
45 String[] credentials = null;
46
47 try {
48 long companyId = PortalUtil.getCompanyId(request);
49
50 if (!LDAPSettingsUtil.isNtlmEnabled(companyId)) {
51 return credentials;
52 }
53
54 String screenName = (String)request.getAttribute(
55 WebKeys.NTLM_REMOTE_USER);
56
57 if (screenName == null) {
58 return credentials;
59 }
60
61 request.removeAttribute(WebKeys.NTLM_REMOTE_USER);
62
63 User user = getUser(companyId, screenName);
64
65 if (user != null) {
66 String redirect = ParamUtil.getString(request, "redirect");
67
68 if (Validator.isNotNull(redirect)) {
69 request.setAttribute(
70 AutoLogin.AUTO_LOGIN_REDIRECT_AND_CONTINUE, redirect);
71 }
72
73 credentials = new String[3];
74
75 credentials[0] = String.valueOf(user.getUserId());
76 credentials[1] = user.getPassword();
77 credentials[2] = Boolean.TRUE.toString();
78 }
79 }
80 catch (Exception e) {
81 _log.error(e, e);
82 }
83
84 return credentials;
85 }
86
87 protected User getUser(long companyId, String screenName) throws Exception {
88 long ldapServerId = PortalLDAPUtil.getLdapServerId(
89 companyId, screenName);
90
91 SearchResult result = (SearchResult)PortalLDAPUtil.getUser(
92 ldapServerId, companyId, screenName);
93
94 if (result == null) {
95 if (_log.isWarnEnabled()) {
96 _log.warn(
97 "No user was found in LDAP with screenName " + screenName);
98 }
99
100 return null;
101 }
102
103 LdapContext ctx = PortalLDAPUtil.getContext(ldapServerId, companyId);
104
105 User user = PortalLDAPImporterUtil.importLDAPUser(
106 ldapServerId, companyId, ctx, result.getAttributes(),
107 StringPool.BLANK, false);
108
109 ctx.close();
110
111 return user;
112 }
113
114 private static Log _log = LogFactoryUtil.getLog(NtlmAutoLogin.class);
115
116 }