--- /dev/null
+/**\r
+ * Copyright (c) 2000-2012 Liferay, Inc. All rights reserved.\r
+ *\r
+ * This library is free software; you can redistribute it and/or modify it under\r
+ * the terms of the GNU Lesser General Public License as published by the Free\r
+ * Software Foundation; either version 2.1 of the License, or (at your option)\r
+ * any later version.\r
+ *\r
+ * This library is distributed in the hope that it will be useful, but WITHOUT\r
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS\r
+ * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more\r
+ * details.\r
+ */\r
+\r
+package com.liferay.portal.security.auth;\r
+\r
+import javax.servlet.http.HttpServletRequest;\r
+import javax.servlet.http.HttpServletResponse;\r
+import javax.servlet.http.HttpSession;\r
+\r
+import com.liferay.portal.NoSuchUserException;\r
+import com.liferay.portal.kernel.log.Log;\r
+import com.liferay.portal.kernel.log.LogFactoryUtil;\r
+import com.liferay.portal.kernel.util.ParamUtil;\r
+import com.liferay.portal.kernel.util.PropsKeys;\r
+import com.liferay.portal.kernel.util.StringPool;\r
+import com.liferay.portal.kernel.util.Validator;\r
+import com.liferay.portal.model.CompanyConstants;\r
+import com.liferay.portal.model.User;\r
+import com.liferay.portal.security.ldap.LDAPLocalServiceUtil;\r
+import com.liferay.portal.security.ldap.PortalLDAPImporterUtil;\r
+import com.liferay.portal.service.UserLocalServiceUtil;\r
+import com.liferay.portal.util.PortalUtil;\r
+import com.liferay.portal.util.PrefsPropsUtil;\r
+import com.liferay.portal.util.PropsValues;\r
+import com.liferay.portal.util.WebKeys;\r
+\r
+/**\r
+ * @author Brian Wing Shun Chan\r
+ * @author Jorge Ferrer\r
+ * @author Wesley Gong\r
+ * @author Daeyoung Song\r
+ */\r
+public class CASAutoLoginVMSopraNero implements AutoLogin {\r
+\r
+ public String[] login(\r
+ HttpServletRequest request, HttpServletResponse response) {\r
+\r
+ HttpSession session = request.getSession();\r
+\r
+ String[] credentials = null;\r
+\r
+ try {\r
+ long companyId = PortalUtil.getCompanyId(request);\r
+\r
+ if (!PrefsPropsUtil.getBoolean(\r
+ companyId, PropsKeys.CAS_AUTH_ENABLED,\r
+ PropsValues.CAS_AUTH_ENABLED)) {\r
+\r
+ return credentials;\r
+ }\r
+\r
+ // Login is 'UTxxxxxYYY' with xxxxx numeric and YYY the academic code (3 numeric)\r
+ String login = (String)session.getAttribute(WebKeys.CAS_LOGIN);\r
+\r
+ if (Validator.isNull(login)) {\r
+ Object noSuchUserException = session.getAttribute(\r
+ WebKeys.CAS_NO_SUCH_USER_EXCEPTION);\r
+\r
+ if (noSuchUserException == null) {\r
+ return credentials;\r
+ }\r
+\r
+ session.removeAttribute(WebKeys.CAS_NO_SUCH_USER_EXCEPTION);\r
+\r
+ session.setAttribute(WebKeys.CAS_FORCE_LOGOUT, Boolean.TRUE);\r
+\r
+ String redirect = PrefsPropsUtil.getString(\r
+ companyId, PropsKeys.CAS_NO_SUCH_USER_REDIRECT_URL,\r
+ PropsValues.CAS_NO_SUCH_USER_REDIRECT_URL);\r
+\r
+ request.setAttribute(AutoLogin.AUTO_LOGIN_REDIRECT, redirect);\r
+\r
+ return credentials;\r
+ }\r
+\r
+ String authType = PrefsPropsUtil.getString(\r
+ companyId, PropsKeys.COMPANY_SECURITY_AUTH_TYPE,\r
+ PropsValues.COMPANY_SECURITY_AUTH_TYPE);\r
+\r
+ User user = null;\r
+\r
+ // At this point, the LDAP is built like this:\r
+ // - uid is xxxxxYYY with xxxxx numeric and YYY the academic code (3 numeric)\r
+ // - entPersonJointure is xxxxx (numeric) (and original entPersonJointure with Sopra)\r
+ \r
+ // First try : the full login 'UTxxxxxYYY'\r
+ try {\r
+ //user = LDAPLocalServiceUtil.getUser(companyId, "entPersonJointure", login);\r
+ user = LDAPLocalServiceUtil.getUser(companyId, "uid", login);\r
+ }\r
+ catch(Exception e){\r
+ _log.debug(login);\r
+ _log.debug(e);\r
+ }\r
+ \r
+ // Second try : 'xxxxxYYY'\r
+ if(user == null){\r
+ try {\r
+ login = login.substring(2);\r
+ user = LDAPLocalServiceUtil.getUser(companyId, "uid", login);\r
+ } catch(Exception e){\r
+ _log.debug(login);\r
+ _log.debug(e);\r
+ }\r
+ }\r
+ \r
+ // Third try : 'UTxxxxx'\r
+ if(user == null){\r
+ try {\r
+ login = login.substring(0, login.length()-3);\r
+ user = LDAPLocalServiceUtil.getUser(companyId, "uid", login);\r
+ } catch(Exception e){\r
+ _log.debug(login);\r
+ _log.debug(e);\r
+ }\r
+ }\r
+ \r
+// if (PrefsPropsUtil.getBoolean(\r
+// companyId, PropsKeys.CAS_IMPORT_FROM_LDAP,\r
+// PropsValues.CAS_IMPORT_FROM_LDAP)) {\r
+//\r
+// try {\r
+// if (authType.equals(CompanyConstants.AUTH_TYPE_SN)) {\r
+// user = PortalLDAPImporterUtil.importLDAPUser(\r
+// companyId, StringPool.BLANK, login);\r
+// }\r
+// else {\r
+// user = PortalLDAPImporterUtil.importLDAPUser(\r
+// companyId, login, StringPool.BLANK);\r
+// }\r
+// }\r
+// catch (SystemException se) {\r
+// }\r
+// }\r
+//\r
+ \r
+ // Fourth try : screen name or email adress\r
+ if (user == null) {\r
+ if (authType.equals(CompanyConstants.AUTH_TYPE_SN)) {\r
+ user = UserLocalServiceUtil.getUserByScreenName(\r
+ companyId, login);\r
+ }\r
+ else {\r
+ user = UserLocalServiceUtil.getUserByEmailAddress(\r
+ companyId, login);\r
+ }\r
+ }\r
+\r
+ System.out.println("User "+user.getFullName() + " is logged.");\r
+ \r
+ String redirect = ParamUtil.getString(request, "redirect");\r
+\r
+ if (Validator.isNotNull(redirect)) {\r
+ request.setAttribute(AutoLogin.AUTO_LOGIN_REDIRECT, redirect);\r
+ }\r
+\r
+ credentials = new String[3];\r
+\r
+ credentials[0] = String.valueOf(user.getUserId());\r
+ credentials[1] = user.getPassword();\r
+ credentials[2] = Boolean.TRUE.toString();\r
+\r
+ return credentials;\r
+ }\r
+ catch (NoSuchUserException nsue) {\r
+ session.removeAttribute(WebKeys.CAS_LOGIN);\r
+ _log.debug(nsue);\r
+ session.setAttribute(\r
+ WebKeys.CAS_NO_SUCH_USER_EXCEPTION, Boolean.TRUE);\r
+ }\r
+ catch (Exception e) {\r
+ _log.error(e, e);\r
+ }\r
+\r
+ return credentials;\r
+ }\r
+\r
+ /**\r
+ * @deprecated Use <code>importLDAPUser</code>.\r
+ */\r
+ protected User addUser(long companyId, String screenName) throws Exception {\r
+ return PortalLDAPImporterUtil.importLDAPUser(\r
+ companyId, StringPool.BLANK, screenName);\r
+ }\r
+\r
+ private static Log _log = LogFactoryUtil.getLog(CASAutoLogin.class);\r
+\r
+}
\ No newline at end of file