2 * Copyright (c) 2000-2012 Liferay, Inc. All rights reserved.
\r
4 * This library is free software; you can redistribute it and/or modify it under
\r
5 * the terms of the GNU Lesser General Public License as published by the Free
\r
6 * Software Foundation; either version 2.1 of the License, or (at your option)
\r
9 * This library is distributed in the hope that it will be useful, but WITHOUT
\r
10 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
\r
11 * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
\r
15 package com.liferay.portal.security.auth;
\r
17 import javax.servlet.http.HttpServletRequest;
\r
18 import javax.servlet.http.HttpServletResponse;
\r
19 import javax.servlet.http.HttpSession;
\r
21 import com.liferay.portal.NoSuchUserException;
\r
22 import com.liferay.portal.kernel.log.Log;
\r
23 import com.liferay.portal.kernel.log.LogFactoryUtil;
\r
24 import com.liferay.portal.kernel.util.ParamUtil;
\r
25 import com.liferay.portal.kernel.util.PropsKeys;
\r
26 import com.liferay.portal.kernel.util.StringPool;
\r
27 import com.liferay.portal.kernel.util.Validator;
\r
28 import com.liferay.portal.model.CompanyConstants;
\r
29 import com.liferay.portal.model.User;
\r
30 import com.liferay.portal.security.ldap.LDAPLocalServiceUtil;
\r
31 import com.liferay.portal.security.ldap.PortalLDAPImporterUtil;
\r
32 import com.liferay.portal.service.UserLocalServiceUtil;
\r
33 import com.liferay.portal.util.PortalUtil;
\r
34 import com.liferay.portal.util.PrefsPropsUtil;
\r
35 import com.liferay.portal.util.PropsValues;
\r
36 import com.liferay.portal.util.WebKeys;
\r
39 * @author Brian Wing Shun Chan
\r
40 * @author Jorge Ferrer
\r
41 * @author Wesley Gong
\r
42 * @author Daeyoung Song
\r
44 public class CASAutoLoginVMSopraNero implements AutoLogin {
\r
46 public String[] login(
\r
47 HttpServletRequest request, HttpServletResponse response) {
\r
49 HttpSession session = request.getSession();
\r
51 String[] credentials = null;
\r
54 long companyId = PortalUtil.getCompanyId(request);
\r
56 if (!PrefsPropsUtil.getBoolean(
\r
57 companyId, PropsKeys.CAS_AUTH_ENABLED,
\r
58 PropsValues.CAS_AUTH_ENABLED)) {
\r
63 // Login is 'UTxxxxxYYY' with xxxxx numeric and YYY the academic code (3 numeric)
\r
64 String login = (String)session.getAttribute(WebKeys.CAS_LOGIN);
\r
66 if (Validator.isNull(login)) {
\r
67 Object noSuchUserException = session.getAttribute(
\r
68 WebKeys.CAS_NO_SUCH_USER_EXCEPTION);
\r
70 if (noSuchUserException == null) {
\r
74 session.removeAttribute(WebKeys.CAS_NO_SUCH_USER_EXCEPTION);
\r
76 session.setAttribute(WebKeys.CAS_FORCE_LOGOUT, Boolean.TRUE);
\r
78 String redirect = PrefsPropsUtil.getString(
\r
79 companyId, PropsKeys.CAS_NO_SUCH_USER_REDIRECT_URL,
\r
80 PropsValues.CAS_NO_SUCH_USER_REDIRECT_URL);
\r
82 request.setAttribute(AutoLogin.AUTO_LOGIN_REDIRECT, redirect);
\r
87 String authType = PrefsPropsUtil.getString(
\r
88 companyId, PropsKeys.COMPANY_SECURITY_AUTH_TYPE,
\r
89 PropsValues.COMPANY_SECURITY_AUTH_TYPE);
\r
93 // At this point, the LDAP is built like this:
\r
94 // - uid is xxxxxYYY with xxxxx numeric and YYY the academic code (3 numeric)
\r
95 // - entPersonJointure is xxxxx (numeric) (and original entPersonJointure with Sopra)
\r
97 // First try : the full login 'UTxxxxxYYY'
\r
99 //user = LDAPLocalServiceUtil.getUser(companyId, "entPersonJointure", login);
\r
100 user = LDAPLocalServiceUtil.getUser(companyId, "uid", login);
\r
102 catch(Exception e){
\r
107 // Second try : 'xxxxxYYY'
\r
110 login = login.substring(2);
\r
111 user = LDAPLocalServiceUtil.getUser(companyId, "uid", login);
\r
112 } catch(Exception e){
\r
118 // Third try : 'UTxxxxx'
\r
121 login = login.substring(0, login.length()-3);
\r
122 user = LDAPLocalServiceUtil.getUser(companyId, "uid", login);
\r
123 } catch(Exception e){
\r
129 // if (PrefsPropsUtil.getBoolean(
\r
130 // companyId, PropsKeys.CAS_IMPORT_FROM_LDAP,
\r
131 // PropsValues.CAS_IMPORT_FROM_LDAP)) {
\r
134 // if (authType.equals(CompanyConstants.AUTH_TYPE_SN)) {
\r
135 // user = PortalLDAPImporterUtil.importLDAPUser(
\r
136 // companyId, StringPool.BLANK, login);
\r
139 // user = PortalLDAPImporterUtil.importLDAPUser(
\r
140 // companyId, login, StringPool.BLANK);
\r
143 // catch (SystemException se) {
\r
148 // Fourth try : screen name or email adress
\r
149 if (user == null) {
\r
150 if (authType.equals(CompanyConstants.AUTH_TYPE_SN)) {
\r
151 user = UserLocalServiceUtil.getUserByScreenName(
\r
155 user = UserLocalServiceUtil.getUserByEmailAddress(
\r
160 System.out.println("User "+user.getFullName() + " is logged.");
\r
162 String redirect = ParamUtil.getString(request, "redirect");
\r
164 if (Validator.isNotNull(redirect)) {
\r
165 request.setAttribute(AutoLogin.AUTO_LOGIN_REDIRECT, redirect);
\r
168 credentials = new String[3];
\r
170 credentials[0] = String.valueOf(user.getUserId());
\r
171 credentials[1] = user.getPassword();
\r
172 credentials[2] = Boolean.TRUE.toString();
\r
174 return credentials;
\r
176 catch (NoSuchUserException nsue) {
\r
177 session.removeAttribute(WebKeys.CAS_LOGIN);
\r
179 session.setAttribute(
\r
180 WebKeys.CAS_NO_SUCH_USER_EXCEPTION, Boolean.TRUE);
\r
182 catch (Exception e) {
\r
186 return credentials;
\r
190 * @deprecated Use <code>importLDAPUser</code>.
\r
192 protected User addUser(long companyId, String screenName) throws Exception {
\r
193 return PortalLDAPImporterUtil.importLDAPUser(
\r
194 companyId, StringPool.BLANK, screenName);
\r
197 private static Log _log = LogFactoryUtil.getLog(CASAutoLogin.class);
\r