public static long getAuthenticatedUserId( HttpServletRequest request, String login, String password, String authType) throws PortalException, SystemException { long userId = GetterUtil.getLong(login); Company company = PortalUtil.getCompany(request); String requestURI = request.getRequestURI(); if (requestURI.startsWith("/tunnel-web/liferay") || requestURI.startsWith("/tunnel-web/secure/liferay")) { // Tunnel requests are serialized objects and cannot manipulate the // request input stream in any way. Do not use the auth pipeline to // authenticate tunnel requests. long companyId = company.getCompanyId(); userId = UserLocalServiceUtil.authenticateForBasic( companyId, CompanyConstants.AUTH_TYPE_EA, login, password); if (userId > 0) { return userId; } userId = UserLocalServiceUtil.authenticateForBasic( companyId, CompanyConstants.AUTH_TYPE_SN, login, password); if (userId > 0) { return userId; } userId = UserLocalServiceUtil.authenticateForBasic( companyId, CompanyConstants.AUTH_TYPE_ID, login, password); if (userId <= 0) { throw new AuthException(); } } else { Map<String, String[]> headerMap = new HashMap<String, String[]>(); Enumeration<String> enu1 = request.getHeaderNames(); while (enu1.hasMoreElements()) { String name = enu1.nextElement(); Enumeration<String> enu2 = request.getHeaders(name); List<String> headers = new ArrayList<String>(); while (enu2.hasMoreElements()) { String value = enu2.nextElement(); headers.add(value); } headerMap.put(name, headers.toArray(new String[headers.size()])); } Map<String, String[]> parameterMap = request.getParameterMap(); Map<String, Object> resultsMap = new HashMap<String, Object>(); if (Validator.isNull(authType)) { authType = company.getAuthType(); } int authResult = Authenticator.FAILURE; if (authType.equals(CompanyConstants.AUTH_TYPE_EA)) { authResult = UserLocalServiceUtil.authenticateByEmailAddress( company.getCompanyId(), login, password, headerMap, parameterMap, resultsMap); userId = MapUtil.getLong(resultsMap, "userId", userId); } else if (authType.equals(CompanyConstants.AUTH_TYPE_SN)) { authResult = UserLocalServiceUtil.authenticateByScreenName( company.getCompanyId(), login, password, headerMap, parameterMap, resultsMap); userId = MapUtil.getLong(resultsMap, "userId", userId); } else if (authType.equals(CompanyConstants.AUTH_TYPE_ID)) { authResult = UserLocalServiceUtil.authenticateByUserId( company.getCompanyId(), userId, password, headerMap, parameterMap, resultsMap); } if (authResult != Authenticator.SUCCESS) { throw new AuthException(); } } return userId; }