protected void verifyLDAPProperties() throws Exception {
long[] companyIds = PortalInstances.getCompanyIdsBySQL();
for (long companyId : companyIds) {
UnicodeProperties properties = new UnicodeProperties();
long[] ldapServerIds =
StringUtil.split(PrefsPropsUtil.getString(companyId, "ldap.server.ids"), 0L);
for (long ldapServerId : ldapServerIds) {
String postfix = LDAPSettingsUtil.getPropertyPostfix(ldapServerId);
for (String key : _LDAP_KEYS) {
String value = PrefsPropsUtil.getString(companyId, key + postfix, null);
if (value == null) {
properties.put(key + postfix, StringPool.BLANK);
}
}
}
if (!properties.isEmpty()) {
CompanyLocalServiceUtil.updatePreferences(companyId, properties);
}
}
}
protected void deleteLDAPServer(ActionRequest actionRequest) throws Exception {
ThemeDisplay themeDisplay = (ThemeDisplay) actionRequest.getAttribute(WebKeys.THEME_DISPLAY);
long ldapServerId = ParamUtil.getLong(actionRequest, "ldapServerId");
// Remove preferences
String postfix = LDAPSettingsUtil.getPropertyPostfix(ldapServerId);
String[] keys = new String[_KEYS.length];
for (int i = 0; i < _KEYS.length; i++) {
keys[i] = _KEYS[i] + postfix;
}
CompanyServiceUtil.removePreferences(themeDisplay.getCompanyId(), keys);
// Update preferences
PortletPreferences preferences = PrefsPropsUtil.getPreferences(themeDisplay.getCompanyId());
UnicodeProperties properties = new UnicodeProperties();
String ldapServerIds = preferences.getValue("ldap.server.ids", StringPool.BLANK);
ldapServerIds = StringUtil.remove(ldapServerIds, String.valueOf(ldapServerId));
properties.put("ldap.server.ids", ldapServerIds);
CompanyServiceUtil.updatePreferences(themeDisplay.getCompanyId(), properties);
}
protected UnicodeProperties addLDAPServer(long companyId, UnicodeProperties properties)
throws Exception {
String defaultPostfix = LDAPSettingsUtil.getPropertyPostfix(0);
String[] defaultKeys = new String[_KEYS.length];
for (int i = 0; i < _KEYS.length; i++) {
defaultKeys[i] = _KEYS[i] + defaultPostfix;
}
long ldapServerId = CounterLocalServiceUtil.increment();
String postfix = LDAPSettingsUtil.getPropertyPostfix(ldapServerId);
String[] keys = properties.keySet().toArray(new String[0]);
for (String key : keys) {
if (ArrayUtil.contains(defaultKeys, key)) {
String value = properties.remove(key);
if (key.equals(PropsKeys.LDAP_SECURITY_CREDENTIALS + defaultPostfix)
&& value.equals(Portal.TEMP_OBFUSCATION_VALUE)) {
value = PrefsPropsUtil.getString(PropsKeys.LDAP_SECURITY_CREDENTIALS);
}
properties.setProperty(key.replace(defaultPostfix, postfix), value);
}
}
PortletPreferences preferences = PrefsPropsUtil.getPreferences(companyId);
String ldapServerIds = preferences.getValue("ldap.server.ids", StringPool.BLANK);
ldapServerIds = StringUtil.add(ldapServerIds, String.valueOf(ldapServerId));
properties.setProperty("ldap.server.ids", ldapServerIds);
return properties;
}
protected int authenticate(
long companyId, String emailAddress, String screenName, long userId, String password)
throws Exception {
if (!AuthSettingsUtil.isLDAPAuthEnabled(companyId)) {
if (_log.isDebugEnabled()) {
_log.debug("Authenticator is not enabled");
}
return SUCCESS;
}
if (_log.isDebugEnabled()) {
_log.debug("Authenticator is enabled");
}
long[] ldapServerIds =
StringUtil.split(PrefsPropsUtil.getString(companyId, "ldap.server.ids"), 0L);
for (long ldapServerId : ldapServerIds) {
int result =
authenticate(companyId, ldapServerId, emailAddress, screenName, userId, password);
if (result == SUCCESS) {
return result;
}
}
for (int ldapServerId = 0; ; ldapServerId++) {
String postfix = LDAPSettingsUtil.getPropertyPostfix(ldapServerId);
String providerUrl =
PrefsPropsUtil.getString(companyId, PropsKeys.LDAP_BASE_PROVIDER_URL + postfix);
if (Validator.isNull(providerUrl)) {
break;
}
int result =
authenticate(companyId, ldapServerId, emailAddress, screenName, userId, password);
if (result == SUCCESS) {
return result;
}
}
return authenticateRequired(companyId, userId, emailAddress, screenName, true, FAILURE);
}
protected int authenticate(
long companyId,
long ldapServerId,
String emailAddress,
String screenName,
long userId,
String password)
throws Exception {
String postfix = LDAPSettingsUtil.getPropertyPostfix(ldapServerId);
LdapContext ldapContext = PortalLDAPUtil.getContext(ldapServerId, companyId);
if (ldapContext == null) {
return FAILURE;
}
try {
String baseDN = PrefsPropsUtil.getString(companyId, PropsKeys.LDAP_BASE_DN + postfix);
// Process LDAP auth search filter
String filter =
LDAPSettingsUtil.getAuthSearchFilter(
ldapServerId, companyId, emailAddress, screenName, String.valueOf(userId));
Properties userMappings = LDAPSettingsUtil.getUserMappings(ldapServerId, companyId);
String userMappingsScreenName =
GetterUtil.getString(userMappings.getProperty("screenName")).toLowerCase();
SearchControls searchControls =
new SearchControls(
SearchControls.SUBTREE_SCOPE,
1,
0,
new String[] {userMappingsScreenName},
false,
false);
NamingEnumeration<SearchResult> enu = ldapContext.search(baseDN, filter, searchControls);
if (enu.hasMoreElements()) {
if (_log.isDebugEnabled()) {
_log.debug("Search filter returned at least one result");
}
SearchResult result = enu.nextElement();
String fullUserDN = PortalLDAPUtil.getNameInNamespace(ldapServerId, companyId, result);
Attributes attributes =
PortalLDAPUtil.getUserAttributes(ldapServerId, companyId, ldapContext, fullUserDN);
LDAPAuthResult ldapAuthResult = null;
if (PropsValues.LDAP_IMPORT_USER_PASSWORD_ENABLED) {
ldapAuthResult = authenticate(ldapContext, companyId, attributes, fullUserDN, password);
// Process LDAP failure codes
String errorMessage = ldapAuthResult.getErrorMessage();
if (errorMessage != null) {
if (errorMessage.indexOf(
PrefsPropsUtil.getString(companyId, PropsKeys.LDAP_ERROR_USER_LOCKOUT))
!= -1) {
throw new UserLockoutException();
} else if (errorMessage.indexOf(
PrefsPropsUtil.getString(companyId, PropsKeys.LDAP_ERROR_PASSWORD_EXPIRED))
!= -1) {
throw new PasswordExpiredException();
}
}
if (!ldapAuthResult.isAuthenticated() && PropsValues.LDAP_IMPORT_USER_PASSWORD_ENABLED) {
return FAILURE;
}
}
// Get user or create from LDAP
User user =
PortalLDAPImporterUtil.importLDAPUser(
ldapServerId, companyId, ldapContext, attributes, password);
// Process LDAP success codes
if (ldapAuthResult != null) {
String resultCode = ldapAuthResult.getResponseControl();
if (resultCode.equals(LDAPAuth.RESULT_PASSWORD_RESET)) {
UserLocalServiceUtil.updatePasswordReset(user.getUserId(), true);
}
}
} else {
if (_log.isDebugEnabled()) {
_log.debug("Search filter did not return any results");
}
return DNE;
}
enu.close();
} catch (Exception e) {
if (e instanceof PasswordExpiredException || e instanceof UserLockoutException) {
throw e;
}
_log.error("Problem accessing LDAP server", e);
return FAILURE;
} finally {
if (ldapContext != null) {
ldapContext.close();
}
}
return SUCCESS;
}
private long _initCompany(ServletContext servletContext, String webId) {
// Begin initializing company
if (_log.isDebugEnabled()) {
_log.debug("Begin initializing company with web id " + webId);
}
long companyId = 0;
try {
Company company = CompanyLocalServiceUtil.checkCompany(webId);
companyId = company.getCompanyId();
} catch (Exception e) {
_log.error(e, e);
}
Long currentThreadCompanyId = CompanyThreadLocal.getCompanyId();
String currentThreadPrincipalName = PrincipalThreadLocal.getName();
try {
CompanyThreadLocal.setCompanyId(companyId);
String principalName = null;
try {
User user = UserLocalServiceUtil.getUser(PrincipalThreadLocal.getUserId());
if (user.getCompanyId() == companyId) {
principalName = currentThreadPrincipalName;
}
} catch (Exception e) {
}
PrincipalThreadLocal.setName(principalName);
// Initialize display
if (_log.isDebugEnabled()) {
_log.debug("Initialize display");
}
try {
String xml =
HttpUtil.URLtoString(servletContext.getResource("/WEB-INF/liferay-display.xml"));
PortletCategory portletCategory =
(PortletCategory) WebAppPool.get(companyId, WebKeys.PORTLET_CATEGORY);
if (portletCategory == null) {
portletCategory = new PortletCategory();
}
PortletCategory newPortletCategory = PortletLocalServiceUtil.getEARDisplay(xml);
portletCategory.merge(newPortletCategory);
for (int i = 0; i < _companyIds.length; i++) {
long currentCompanyId = _companyIds[i];
PortletCategory currentPortletCategory =
(PortletCategory) WebAppPool.get(currentCompanyId, WebKeys.PORTLET_CATEGORY);
if (currentPortletCategory != null) {
portletCategory.merge(currentPortletCategory);
}
}
WebAppPool.put(companyId, WebKeys.PORTLET_CATEGORY, portletCategory);
} catch (Exception e) {
_log.error(e, e);
}
// LDAP import
try {
if (LDAPSettingsUtil.isImportOnStartup(companyId)) {
UserImporterUtil.importUsers(companyId);
}
} catch (Exception e) {
_log.error(e, e);
}
// Process application startup events
if (_log.isDebugEnabled()) {
_log.debug("Process application startup events");
}
try {
EventsProcessorUtil.process(
PropsKeys.APPLICATION_STARTUP_EVENTS,
PropsValues.APPLICATION_STARTUP_EVENTS,
new String[] {String.valueOf(companyId)});
} catch (Exception e) {
_log.error(e, e);
}
// End initializing company
if (_log.isDebugEnabled()) {
_log.debug(
"End initializing company with web id " + webId + " and company id " + companyId);
}
addCompanyId(companyId);
} finally {
CompanyThreadLocal.setCompanyId(currentThreadCompanyId);
PrincipalThreadLocal.setName(currentThreadPrincipalName);
}
return companyId;
}
