001: /**
002: * Copyright (c) 2000-2008 Liferay, Inc. All rights reserved.
003: *
004: * Permission is hereby granted, free of charge, to any person obtaining a copy
005: * of this software and associated documentation files (the "Software"), to deal
006: * in the Software without restriction, including without limitation the rights
007: * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
008: * copies of the Software, and to permit persons to whom the Software is
009: * furnished to do so, subject to the following conditions:
010: *
011: * The above copyright notice and this permission notice shall be included in
012: * all copies or substantial portions of the Software.
013: *
014: * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
015: * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
016: * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
017: * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
018: * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
019: * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
020: * SOFTWARE.
021: */package com.liferay.portal.security.auth;
022:
023: import com.liferay.portal.NoSuchUserException;
024: import com.liferay.portal.PortalException;
025: import com.liferay.portal.SystemException;
026: import com.liferay.portal.kernel.util.StringPool;
027: import com.liferay.portal.kernel.util.StringUtil;
028: import com.liferay.portal.model.User;
029: import com.liferay.portal.security.ldap.PortalLDAPUtil;
030: import com.liferay.portal.service.UserLocalServiceUtil;
031: import com.liferay.portal.util.PortalUtil;
032: import com.liferay.portal.util.PrefsPropsUtil;
033: import com.liferay.portal.util.PropsUtil;
034: import com.liferay.portal.util.PropsValues;
035:
036: import edu.yale.its.tp.cas.client.filter.CASFilter;
037:
038: import javax.naming.Binding;
039: import javax.naming.NamingEnumeration;
040: import javax.naming.directory.Attributes;
041: import javax.naming.directory.SearchControls;
042: import javax.naming.ldap.LdapContext;
043:
044: import javax.servlet.http.HttpServletRequest;
045: import javax.servlet.http.HttpServletResponse;
046: import javax.servlet.http.HttpSession;
047:
048: import org.apache.commons.logging.Log;
049: import org.apache.commons.logging.LogFactory;
050:
051: /**
052: * <a href="CASAutoLogin.java.html"><b><i>View Source</i></b></a>
053: *
054: * @author Brian Wing Shun Chan
055: * @author Jorge Ferrer
056: *
057: */
058: public class CASAutoLogin implements AutoLogin {
059:
060: public String[] login(HttpServletRequest req,
061: HttpServletResponse res) throws AutoLoginException {
062:
063: try {
064: String[] credentials = null;
065:
066: long companyId = PortalUtil.getCompanyId(req);
067:
068: if (!PrefsPropsUtil.getBoolean(companyId,
069: PropsUtil.CAS_AUTH_ENABLED,
070: PropsValues.CAS_AUTH_ENABLED)) {
071:
072: return credentials;
073: }
074:
075: HttpSession ses = req.getSession();
076:
077: String screenName = (String) ses
078: .getAttribute(CASFilter.CAS_FILTER_USER);
079:
080: if (screenName != null) {
081: User user = null;
082:
083: try {
084: user = UserLocalServiceUtil.getUserByScreenName(
085: companyId, screenName);
086: } catch (NoSuchUserException nsue) {
087: if (PrefsPropsUtil.getBoolean(companyId,
088: PropsUtil.CAS_IMPORT_FROM_LDAP)) {
089:
090: user = addUser(companyId, screenName);
091: } else {
092: throw nsue;
093: }
094: }
095:
096: credentials = new String[3];
097:
098: credentials[0] = String.valueOf(user.getUserId());
099: credentials[1] = user.getPassword();
100: credentials[2] = Boolean.TRUE.toString();
101: }
102:
103: return credentials;
104: } catch (Exception e) {
105: throw new AutoLoginException(e);
106: }
107: }
108:
109: protected User addUser(long companyId, String screenName)
110: throws PortalException, SystemException {
111:
112: try {
113: String baseDN = PrefsPropsUtil.getString(companyId,
114: PropsUtil.LDAP_BASE_DN);
115:
116: LdapContext ctx = PortalLDAPUtil.getContext(companyId);
117:
118: if (ctx == null) {
119: throw new SystemException(
120: "Failed to bind to the LDAP server");
121: }
122:
123: String filter = PrefsPropsUtil.getString(companyId,
124: PropsUtil.LDAP_AUTH_SEARCH_FILTER);
125:
126: if (_log.isDebugEnabled()) {
127: _log.debug("Search filter before transformation "
128: + filter);
129: }
130:
131: filter = StringUtil.replace(filter,
132: new String[] { "@company_id@", "@email_address@",
133: "@screen_name@" }, new String[] {
134: String.valueOf(companyId),
135: StringPool.BLANK, screenName });
136:
137: if (_log.isDebugEnabled()) {
138: _log.debug("Search filter after transformation "
139: + filter);
140: }
141:
142: SearchControls cons = new SearchControls(
143: SearchControls.SUBTREE_SCOPE, 1, 0, null, false,
144: false);
145:
146: NamingEnumeration enu = ctx.search(baseDN, filter, cons);
147:
148: if (enu.hasMore()) {
149: if (_log.isDebugEnabled()) {
150: _log
151: .debug("Search filter returned at least one result");
152: }
153:
154: Binding binding = (Binding) enu.next();
155:
156: Attributes attrs = ctx.getAttributes(binding.getName());
157:
158: return PortalLDAPUtil.importLDAPUser(companyId, ctx,
159: attrs, StringPool.BLANK, true);
160: } else {
161: throw new NoSuchUserException("User " + screenName
162: + " was not found in the LDAP server");
163: }
164: } catch (Exception e) {
165: _log.error("Problem accessing LDAP server ", e);
166:
167: throw new SystemException("Problem accessign LDAP server "
168: + e.getMessage());
169: }
170: }
171:
172: private static Log _log = LogFactory.getLog(CASAutoLogin.class);
173:
174: }
|