1
14
15 package com.liferay.portal.security.auth;
16
17 import com.liferay.portal.kernel.log.Log;
18 import com.liferay.portal.kernel.log.LogFactoryUtil;
19 import com.liferay.portal.kernel.util.ParamUtil;
20 import com.liferay.portal.kernel.util.StringPool;
21 import com.liferay.portal.kernel.util.Validator;
22 import com.liferay.portal.model.User;
23 import com.liferay.portal.security.ldap.PortalLDAPUtil;
24 import com.liferay.portal.util.PortalUtil;
25 import com.liferay.portal.util.WebKeys;
26
27 import javax.naming.directory.SearchResult;
28 import javax.naming.ldap.LdapContext;
29
30 import javax.servlet.http.HttpServletRequest;
31 import javax.servlet.http.HttpServletResponse;
32
33
38 public class NtlmAutoLogin implements AutoLogin {
39
40 public String[] login(
41 HttpServletRequest request, HttpServletResponse response) {
42
43 String[] credentials = null;
44
45 try {
46 long companyId = PortalUtil.getCompanyId(request);
47
48 if (!PortalLDAPUtil.isNtlmEnabled(companyId)) {
49 return credentials;
50 }
51
52 String screenName = (String)request.getAttribute(
53 WebKeys.NTLM_REMOTE_USER);
54
55 if (screenName == null) {
56 return credentials;
57 }
58
59 request.removeAttribute(WebKeys.NTLM_REMOTE_USER);
60
61 User user = getUser(companyId, screenName);
62
63 if (user != null) {
64 String redirect = ParamUtil.getString(request, "redirect");
65
66 if (Validator.isNotNull(redirect)) {
67 request.setAttribute(
68 AutoLogin.AUTO_LOGIN_REDIRECT_AND_CONTINUE, redirect);
69 }
70
71 credentials = new String[3];
72
73 credentials[0] = String.valueOf(user.getUserId());
74 credentials[1] = user.getPassword();
75 credentials[2] = Boolean.TRUE.toString();
76 }
77 }
78 catch (Exception e) {
79 _log.error(e, e);
80 }
81
82 return credentials;
83 }
84
85 protected User getUser(long companyId, String screenName) throws Exception {
86 SearchResult result = (SearchResult)PortalLDAPUtil.getUser(
87 companyId, screenName);
88
89 if (result == null) {
90 if (_log.isWarnEnabled()) {
91 _log.warn(
92 "No user was found in LDAP with screenName " + screenName);
93 }
94
95 return null;
96 }
97
98 LdapContext ctx = PortalLDAPUtil.getContext(companyId);
99
100 User user = PortalLDAPUtil.importLDAPUser(
101 companyId, ctx, result.getAttributes(), StringPool.BLANK, false);
102
103 ctx.close();
104
105 return user;
106 }
107
108 private static Log _log = LogFactoryUtil.getLog(NtlmAutoLogin.class);
109
110 }