001    /**
002     * Copyright (c) 2000-2012 Liferay, Inc. All rights reserved.
003     *
004     * This library is free software; you can redistribute it and/or modify it under
005     * the terms of the GNU Lesser General Public License as published by the Free
006     * Software Foundation; either version 2.1 of the License, or (at your option)
007     * any later version.
008     *
009     * This library is distributed in the hope that it will be useful, but WITHOUT
010     * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
011     * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
012     * details.
013     */
014    
015    package com.liferay.portal.action;
016    
017    import com.liferay.portal.kernel.portlet.WindowStateFactory;
018    import com.liferay.portal.kernel.util.HttpUtil;
019    import com.liferay.portal.kernel.util.ParamUtil;
020    import com.liferay.portal.kernel.util.PropsKeys;
021    import com.liferay.portal.kernel.util.StringUtil;
022    import com.liferay.portal.kernel.util.Validator;
023    import com.liferay.portal.theme.ThemeDisplay;
024    import com.liferay.portal.util.PortalUtil;
025    import com.liferay.portal.util.PortletKeys;
026    import com.liferay.portal.util.PrefsPropsUtil;
027    import com.liferay.portal.util.PropsValues;
028    import com.liferay.portal.util.WebKeys;
029    import com.liferay.portlet.PortletURLFactoryUtil;
030    import com.liferay.portlet.login.util.LoginUtil;
031    
032    import javax.portlet.PortletMode;
033    import javax.portlet.PortletRequest;
034    import javax.portlet.PortletURL;
035    import javax.portlet.WindowState;
036    
037    import javax.servlet.http.HttpServletRequest;
038    import javax.servlet.http.HttpServletResponse;
039    import javax.servlet.http.HttpSession;
040    
041    import org.apache.struts.action.Action;
042    import org.apache.struts.action.ActionForm;
043    import org.apache.struts.action.ActionForward;
044    import org.apache.struts.action.ActionMapping;
045    
046    /**
047     * @author Brian Wing Shun Chan
048     * @author Scott Lee
049     */
050    public class LoginAction extends Action {
051    
052            @Override
053            public ActionForward execute(
054                            ActionMapping mapping, ActionForm form, HttpServletRequest request,
055                            HttpServletResponse response)
056                    throws Exception {
057    
058                    ThemeDisplay themeDisplay = (ThemeDisplay)request.getAttribute(
059                            WebKeys.THEME_DISPLAY);
060    
061                    if (PropsValues.AUTH_LOGIN_DISABLED) {
062                            response.sendRedirect(
063                                    themeDisplay.getPathMain() +
064                                            PropsValues.AUTH_LOGIN_DISABLED_PATH);
065    
066                            return null;
067                    }
068    
069                    String login = ParamUtil.getString(request, "login");
070                    String password = request.getParameter("password");
071                    boolean rememberMe = ParamUtil.getBoolean(request, "rememberMe");
072                    String authType = ParamUtil.getString(request, "authType");
073    
074                    if (Validator.isNotNull(login) && Validator.isNotNull(password)) {
075                            LoginUtil.login(
076                                    request, response, login, password, rememberMe, authType);
077                    }
078    
079                    HttpSession session = request.getSession();
080    
081                    if ((session.getAttribute("j_username") != null) &&
082                            (session.getAttribute("j_password") != null)) {
083    
084                            if (PropsValues.PORTAL_JAAS_ENABLE) {
085                                    return mapping.findForward("/portal/touch_protected.jsp");
086                            }
087                            else {
088                                    response.sendRedirect(themeDisplay.getPathMain());
089    
090                                    return null;
091                            }
092                    }
093    
094                    String redirect = PortalUtil.getSiteLoginURL(themeDisplay);
095    
096                    if (Validator.isNull(redirect)) {
097                            redirect = PropsValues.AUTH_LOGIN_URL;
098                    }
099    
100                    if (Validator.isNull(redirect)) {
101                            PortletURL portletURL = PortletURLFactoryUtil.create(
102                                    request, PortletKeys.LOGIN, themeDisplay.getPlid(),
103                                    PortletRequest.RENDER_PHASE);
104    
105                            portletURL.setWindowState(getWindowState(request));
106                            portletURL.setPortletMode(PortletMode.VIEW);
107    
108                            portletURL.setParameter("saveLastPath", "0");
109                            portletURL.setParameter("struts_action", "/login/login");
110    
111                            redirect = portletURL.toString();
112                    }
113    
114                    if (PropsValues.COMPANY_SECURITY_AUTH_REQUIRES_HTTPS) {
115                            String portalURL = PortalUtil.getPortalURL(request);
116    
117                            String portalURLSecure = PortalUtil.getPortalURL(request, true);
118    
119                            if (!portalURL.equals(portalURLSecure)) {
120                                    redirect = StringUtil.replaceFirst(
121                                            redirect, portalURL, portalURLSecure);
122                            }
123                    }
124    
125                    String loginRedirect = ParamUtil.getString(request, "redirect");
126    
127                    if (Validator.isNotNull(loginRedirect)) {
128                            if (PrefsPropsUtil.getBoolean(
129                                            themeDisplay.getCompanyId(), PropsKeys.CAS_AUTH_ENABLED,
130                                            PropsValues.CAS_AUTH_ENABLED)) {
131    
132                                    redirect = loginRedirect;
133                            }
134                            else {
135                                    String loginPortletNamespace = PortalUtil.getPortletNamespace(
136                                            PropsValues.AUTH_LOGIN_PORTLET_NAME);
137    
138                                    String loginRedirectParameter =
139                                            loginPortletNamespace + "redirect";
140    
141                                    redirect = HttpUtil.setParameter(
142                                            redirect, "p_p_id", PropsValues.AUTH_LOGIN_PORTLET_NAME);
143                                    redirect = HttpUtil.setParameter(
144                                            redirect, "p_p_lifecycle", "0");
145                                    redirect = HttpUtil.setParameter(
146                                            redirect, loginRedirectParameter, loginRedirect);
147                            }
148                    }
149    
150                    response.sendRedirect(redirect);
151    
152                    return null;
153            }
154    
155            protected WindowState getWindowState(HttpServletRequest request) {
156                    WindowState windowState = WindowState.MAXIMIZED;
157    
158                    String windowStateString = ParamUtil.getString(request, "windowState");
159    
160                    if (Validator.isNotNull(windowStateString)) {
161                            windowState = WindowStateFactory.getWindowState(windowStateString);
162                    }
163    
164                    return windowState;
165            }
166    
167    }