protected void verifyLDAPProperties() throws Exception {
    long[] companyIds = PortalInstances.getCompanyIdsBySQL();

    for (long companyId : companyIds) {
      UnicodeProperties properties = new UnicodeProperties();

      long[] ldapServerIds =
          StringUtil.split(PrefsPropsUtil.getString(companyId, "ldap.server.ids"), 0L);

      for (long ldapServerId : ldapServerIds) {
        String postfix = LDAPSettingsUtil.getPropertyPostfix(ldapServerId);

        for (String key : _LDAP_KEYS) {
          String value = PrefsPropsUtil.getString(companyId, key + postfix, null);

          if (value == null) {
            properties.put(key + postfix, StringPool.BLANK);
          }
        }
      }

      if (!properties.isEmpty()) {
        CompanyLocalServiceUtil.updatePreferences(companyId, properties);
      }
    }
  }
  protected void deleteLDAPServer(ActionRequest actionRequest) throws Exception {

    ThemeDisplay themeDisplay = (ThemeDisplay) actionRequest.getAttribute(WebKeys.THEME_DISPLAY);

    long ldapServerId = ParamUtil.getLong(actionRequest, "ldapServerId");

    // Remove preferences

    String postfix = LDAPSettingsUtil.getPropertyPostfix(ldapServerId);

    String[] keys = new String[_KEYS.length];

    for (int i = 0; i < _KEYS.length; i++) {
      keys[i] = _KEYS[i] + postfix;
    }

    CompanyServiceUtil.removePreferences(themeDisplay.getCompanyId(), keys);

    // Update preferences

    PortletPreferences preferences = PrefsPropsUtil.getPreferences(themeDisplay.getCompanyId());

    UnicodeProperties properties = new UnicodeProperties();

    String ldapServerIds = preferences.getValue("ldap.server.ids", StringPool.BLANK);

    ldapServerIds = StringUtil.remove(ldapServerIds, String.valueOf(ldapServerId));

    properties.put("ldap.server.ids", ldapServerIds);

    CompanyServiceUtil.updatePreferences(themeDisplay.getCompanyId(), properties);
  }
  protected UnicodeProperties addLDAPServer(long companyId, UnicodeProperties properties)
      throws Exception {

    String defaultPostfix = LDAPSettingsUtil.getPropertyPostfix(0);

    String[] defaultKeys = new String[_KEYS.length];

    for (int i = 0; i < _KEYS.length; i++) {
      defaultKeys[i] = _KEYS[i] + defaultPostfix;
    }

    long ldapServerId = CounterLocalServiceUtil.increment();

    String postfix = LDAPSettingsUtil.getPropertyPostfix(ldapServerId);

    String[] keys = properties.keySet().toArray(new String[0]);

    for (String key : keys) {
      if (ArrayUtil.contains(defaultKeys, key)) {
        String value = properties.remove(key);

        if (key.equals(PropsKeys.LDAP_SECURITY_CREDENTIALS + defaultPostfix)
            && value.equals(Portal.TEMP_OBFUSCATION_VALUE)) {

          value = PrefsPropsUtil.getString(PropsKeys.LDAP_SECURITY_CREDENTIALS);
        }

        properties.setProperty(key.replace(defaultPostfix, postfix), value);
      }
    }

    PortletPreferences preferences = PrefsPropsUtil.getPreferences(companyId);

    String ldapServerIds = preferences.getValue("ldap.server.ids", StringPool.BLANK);

    ldapServerIds = StringUtil.add(ldapServerIds, String.valueOf(ldapServerId));

    properties.setProperty("ldap.server.ids", ldapServerIds);

    return properties;
  }
  protected int authenticate(
      long companyId, String emailAddress, String screenName, long userId, String password)
      throws Exception {

    if (!AuthSettingsUtil.isLDAPAuthEnabled(companyId)) {
      if (_log.isDebugEnabled()) {
        _log.debug("Authenticator is not enabled");
      }

      return SUCCESS;
    }

    if (_log.isDebugEnabled()) {
      _log.debug("Authenticator is enabled");
    }

    long[] ldapServerIds =
        StringUtil.split(PrefsPropsUtil.getString(companyId, "ldap.server.ids"), 0L);

    for (long ldapServerId : ldapServerIds) {
      int result =
          authenticate(companyId, ldapServerId, emailAddress, screenName, userId, password);

      if (result == SUCCESS) {
        return result;
      }
    }

    for (int ldapServerId = 0; ; ldapServerId++) {
      String postfix = LDAPSettingsUtil.getPropertyPostfix(ldapServerId);

      String providerUrl =
          PrefsPropsUtil.getString(companyId, PropsKeys.LDAP_BASE_PROVIDER_URL + postfix);

      if (Validator.isNull(providerUrl)) {
        break;
      }

      int result =
          authenticate(companyId, ldapServerId, emailAddress, screenName, userId, password);

      if (result == SUCCESS) {
        return result;
      }
    }

    return authenticateRequired(companyId, userId, emailAddress, screenName, true, FAILURE);
  }
  protected int authenticate(
      long companyId,
      long ldapServerId,
      String emailAddress,
      String screenName,
      long userId,
      String password)
      throws Exception {

    String postfix = LDAPSettingsUtil.getPropertyPostfix(ldapServerId);

    LdapContext ldapContext = PortalLDAPUtil.getContext(ldapServerId, companyId);

    if (ldapContext == null) {
      return FAILURE;
    }

    try {
      String baseDN = PrefsPropsUtil.getString(companyId, PropsKeys.LDAP_BASE_DN + postfix);

      //  Process LDAP auth search filter

      String filter =
          LDAPSettingsUtil.getAuthSearchFilter(
              ldapServerId, companyId, emailAddress, screenName, String.valueOf(userId));

      Properties userMappings = LDAPSettingsUtil.getUserMappings(ldapServerId, companyId);

      String userMappingsScreenName =
          GetterUtil.getString(userMappings.getProperty("screenName")).toLowerCase();

      SearchControls searchControls =
          new SearchControls(
              SearchControls.SUBTREE_SCOPE,
              1,
              0,
              new String[] {userMappingsScreenName},
              false,
              false);

      NamingEnumeration<SearchResult> enu = ldapContext.search(baseDN, filter, searchControls);

      if (enu.hasMoreElements()) {
        if (_log.isDebugEnabled()) {
          _log.debug("Search filter returned at least one result");
        }

        SearchResult result = enu.nextElement();

        String fullUserDN = PortalLDAPUtil.getNameInNamespace(ldapServerId, companyId, result);

        Attributes attributes =
            PortalLDAPUtil.getUserAttributes(ldapServerId, companyId, ldapContext, fullUserDN);

        LDAPAuthResult ldapAuthResult = null;

        if (PropsValues.LDAP_IMPORT_USER_PASSWORD_ENABLED) {
          ldapAuthResult = authenticate(ldapContext, companyId, attributes, fullUserDN, password);

          // Process LDAP failure codes

          String errorMessage = ldapAuthResult.getErrorMessage();

          if (errorMessage != null) {
            if (errorMessage.indexOf(
                    PrefsPropsUtil.getString(companyId, PropsKeys.LDAP_ERROR_USER_LOCKOUT))
                != -1) {

              throw new UserLockoutException();
            } else if (errorMessage.indexOf(
                    PrefsPropsUtil.getString(companyId, PropsKeys.LDAP_ERROR_PASSWORD_EXPIRED))
                != -1) {

              throw new PasswordExpiredException();
            }
          }

          if (!ldapAuthResult.isAuthenticated() && PropsValues.LDAP_IMPORT_USER_PASSWORD_ENABLED) {

            return FAILURE;
          }
        }

        // Get user or create from LDAP

        User user =
            PortalLDAPImporterUtil.importLDAPUser(
                ldapServerId, companyId, ldapContext, attributes, password);

        // Process LDAP success codes

        if (ldapAuthResult != null) {
          String resultCode = ldapAuthResult.getResponseControl();

          if (resultCode.equals(LDAPAuth.RESULT_PASSWORD_RESET)) {
            UserLocalServiceUtil.updatePasswordReset(user.getUserId(), true);
          }
        }
      } else {
        if (_log.isDebugEnabled()) {
          _log.debug("Search filter did not return any results");
        }

        return DNE;
      }

      enu.close();
    } catch (Exception e) {
      if (e instanceof PasswordExpiredException || e instanceof UserLockoutException) {

        throw e;
      }

      _log.error("Problem accessing LDAP server", e);

      return FAILURE;
    } finally {
      if (ldapContext != null) {
        ldapContext.close();
      }
    }

    return SUCCESS;
  }
Пример #6
0
  private long _initCompany(ServletContext servletContext, String webId) {

    // Begin initializing company

    if (_log.isDebugEnabled()) {
      _log.debug("Begin initializing company with web id " + webId);
    }

    long companyId = 0;

    try {
      Company company = CompanyLocalServiceUtil.checkCompany(webId);

      companyId = company.getCompanyId();
    } catch (Exception e) {
      _log.error(e, e);
    }

    Long currentThreadCompanyId = CompanyThreadLocal.getCompanyId();

    String currentThreadPrincipalName = PrincipalThreadLocal.getName();

    try {
      CompanyThreadLocal.setCompanyId(companyId);

      String principalName = null;

      try {
        User user = UserLocalServiceUtil.getUser(PrincipalThreadLocal.getUserId());

        if (user.getCompanyId() == companyId) {
          principalName = currentThreadPrincipalName;
        }
      } catch (Exception e) {
      }

      PrincipalThreadLocal.setName(principalName);

      // Initialize display

      if (_log.isDebugEnabled()) {
        _log.debug("Initialize display");
      }

      try {
        String xml =
            HttpUtil.URLtoString(servletContext.getResource("/WEB-INF/liferay-display.xml"));

        PortletCategory portletCategory =
            (PortletCategory) WebAppPool.get(companyId, WebKeys.PORTLET_CATEGORY);

        if (portletCategory == null) {
          portletCategory = new PortletCategory();
        }

        PortletCategory newPortletCategory = PortletLocalServiceUtil.getEARDisplay(xml);

        portletCategory.merge(newPortletCategory);

        for (int i = 0; i < _companyIds.length; i++) {
          long currentCompanyId = _companyIds[i];

          PortletCategory currentPortletCategory =
              (PortletCategory) WebAppPool.get(currentCompanyId, WebKeys.PORTLET_CATEGORY);

          if (currentPortletCategory != null) {
            portletCategory.merge(currentPortletCategory);
          }
        }

        WebAppPool.put(companyId, WebKeys.PORTLET_CATEGORY, portletCategory);
      } catch (Exception e) {
        _log.error(e, e);
      }

      // LDAP import

      try {
        if (LDAPSettingsUtil.isImportOnStartup(companyId)) {
          UserImporterUtil.importUsers(companyId);
        }
      } catch (Exception e) {
        _log.error(e, e);
      }

      // Process application startup events

      if (_log.isDebugEnabled()) {
        _log.debug("Process application startup events");
      }

      try {
        EventsProcessorUtil.process(
            PropsKeys.APPLICATION_STARTUP_EVENTS,
            PropsValues.APPLICATION_STARTUP_EVENTS,
            new String[] {String.valueOf(companyId)});
      } catch (Exception e) {
        _log.error(e, e);
      }

      // End initializing company

      if (_log.isDebugEnabled()) {
        _log.debug(
            "End initializing company with web id " + webId + " and company id " + companyId);
      }

      addCompanyId(companyId);
    } finally {
      CompanyThreadLocal.setCompanyId(currentThreadCompanyId);

      PrincipalThreadLocal.setName(currentThreadPrincipalName);
    }

    return companyId;
  }