--- /dev/null
+/**\r
+ * Copyright (c) 2000-2012 Liferay, Inc. All rights reserved.\r
+ *\r
+ * This library is free software; you can redistribute it and/or modify it under\r
+ * the terms of the GNU Lesser General Public License as published by the Free\r
+ * Software Foundation; either version 2.1 of the License, or (at your option)\r
+ * any later version.\r
+ *\r
+ * This library is distributed in the hope that it will be useful, but WITHOUT\r
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS\r
+ * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more\r
+ * details.\r
+ */\r
+\r
+package com.liferay.portal.security.auth;\r
+\r
+import javax.servlet.http.HttpServletRequest;\r
+import javax.servlet.http.HttpServletResponse;\r
+import javax.servlet.http.HttpSession;\r
+\r
+import com.liferay.portal.NoSuchUserException;\r
+import com.liferay.portal.kernel.exception.SystemException;\r
+import com.liferay.portal.kernel.log.Log;\r
+import com.liferay.portal.kernel.log.LogFactoryUtil;\r
+import com.liferay.portal.kernel.util.ParamUtil;\r
+import com.liferay.portal.kernel.util.PropsKeys;\r
+import com.liferay.portal.kernel.util.StringPool;\r
+import com.liferay.portal.kernel.util.Validator;\r
+import com.liferay.portal.model.CompanyConstants;\r
+import com.liferay.portal.model.User;\r
+import com.liferay.portal.security.ldap.PortalLDAPImporterUtil;\r
+import com.liferay.portal.service.UserLocalServiceUtil;\r
+import com.liferay.portal.util.PortalUtil;\r
+import com.liferay.portal.util.PrefsPropsUtil;\r
+import com.liferay.portal.util.PropsValues;\r
+import com.liferay.portal.util.WebKeys;\r
+\r
+/**\r
+ * @author Brian Wing Shun Chan\r
+ * @author Jorge Ferrer\r
+ * @author Wesley Gong\r
+ * @author Daeyoung Song\r
+ */\r
+public class CASAutoLogin implements AutoLogin {\r
+\r
+ public String[] login (\r
+ HttpServletRequest request, HttpServletResponse response) throws AutoLoginException{\r
+ _log.debug("Launch CASAutoLogin");\r
+ \r
+ HttpSession session = request.getSession();\r
+ String[] credentials = null;\r
+\r
+ try {\r
+ long companyId = PortalUtil.getCompanyId(request);\r
+ /*\r
+ * remove filter on Cas Login Enable which terminate the login function. Cas login always needed\r
+ * see previoux version for more information\r
+ */\r
+\r
+ String login = (String)session.getAttribute(WebKeys.CAS_LOGIN);\r
+ \r
+ if (Validator.isNull(login)) {\r
+ Object noSuchUserException = session.getAttribute(\r
+ WebKeys.CAS_NO_SUCH_USER_EXCEPTION);\r
+\r
+ if (noSuchUserException == null) {\r
+ return credentials;\r
+ }\r
+\r
+ session.removeAttribute(WebKeys.CAS_NO_SUCH_USER_EXCEPTION);\r
+\r
+ session.setAttribute(WebKeys.CAS_FORCE_LOGOUT, Boolean.TRUE);\r
+\r
+ String redirect = PrefsPropsUtil.getString(\r
+ companyId, PropsKeys.CAS_NO_SUCH_USER_REDIRECT_URL,\r
+ PropsValues.CAS_NO_SUCH_USER_REDIRECT_URL);\r
+\r
+ request.setAttribute(AutoLogin.AUTO_LOGIN_REDIRECT, redirect);\r
+\r
+ return credentials;\r
+ }\r
+\r
+ String authType = PrefsPropsUtil.getString(\r
+ companyId, PropsKeys.COMPANY_SECURITY_AUTH_TYPE,\r
+ PropsValues.COMPANY_SECURITY_AUTH_TYPE);\r
+ User user = null;\r
+ \r
+ if (PrefsPropsUtil.getBoolean(\r
+ companyId, PropsKeys.CAS_IMPORT_FROM_LDAP,\r
+ PropsValues.CAS_IMPORT_FROM_LDAP)) {\r
+\r
+ try {\r
+ if (authType.equals(CompanyConstants.AUTH_TYPE_SN)) {\r
+ user = PortalLDAPImporterUtil.importLDAPUser(\r
+ companyId, StringPool.BLANK, login);\r
+ }\r
+ else {\r
+ user = PortalLDAPImporterUtil.importLDAPUser(\r
+ companyId, login, StringPool.BLANK);\r
+ }\r
+ }\r
+ catch (SystemException se) {\r
+ }\r
+ }\r
+\r
+ if (user == null) {\r
+ if (authType.equals(CompanyConstants.AUTH_TYPE_SN)) {\r
+ user = UserLocalServiceUtil.getUserByScreenName(\r
+ companyId, login);\r
+ }\r
+ else {\r
+ user = UserLocalServiceUtil.getUserByEmailAddress(\r
+ companyId, login);\r
+ }\r
+ }\r
+\r
+ String redirect = ParamUtil.getString(request, "redirect");\r
+\r
+ if (Validator.isNotNull(redirect)) {\r
+ request.setAttribute(AutoLogin.AUTO_LOGIN_REDIRECT, redirect);\r
+ }\r
+\r
+ credentials = new String[3];\r
+\r
+ credentials[0] = String.valueOf(user.getUserId());\r
+ credentials[1] = user.getPassword();\r
+ credentials[2] = Boolean.TRUE.toString();\r
+\r
+ return credentials;\r
+ }\r
+ catch (NoSuchUserException nsue) {\r
+ session.removeAttribute(WebKeys.CAS_LOGIN);\r
+\r
+ session.setAttribute(\r
+ WebKeys.CAS_NO_SUCH_USER_EXCEPTION, Boolean.TRUE);\r
+\r
+ throw new AutoLoginException(nsue);\r
+ }\r
+ catch (Exception e) {\r
+ _log.error(e, e);\r
+ throw new AutoLoginException(e);\r
+ }\r
+ }\r
+\r
+ /**\r
+ * @deprecated Use <code>importLDAPUser</code>.\r
+ */\r
+ protected User addUser(long companyId, String screenName) throws Exception {\r
+ return PortalLDAPImporterUtil.importLDAPUser(\r
+ companyId, StringPool.BLANK, screenName);\r
+ }\r
+\r
+ private static Log _log = LogFactoryUtil.getLog(CASAutoLogin.class);\r
+\r
+}
\ No newline at end of file