protected void verifyLDAPProperties() throws Exception { long[] companyIds = PortalInstances.getCompanyIdsBySQL(); for (long companyId : companyIds) { UnicodeProperties properties = new UnicodeProperties(); long[] ldapServerIds = StringUtil.split(PrefsPropsUtil.getString(companyId, "ldap.server.ids"), 0L); for (long ldapServerId : ldapServerIds) { String postfix = LDAPSettingsUtil.getPropertyPostfix(ldapServerId); for (String key : _LDAP_KEYS) { String value = PrefsPropsUtil.getString(companyId, key + postfix, null); if (value == null) { properties.put(key + postfix, StringPool.BLANK); } } } if (!properties.isEmpty()) { CompanyLocalServiceUtil.updatePreferences(companyId, properties); } } }
protected void deleteLDAPServer(ActionRequest actionRequest) throws Exception { ThemeDisplay themeDisplay = (ThemeDisplay) actionRequest.getAttribute(WebKeys.THEME_DISPLAY); long ldapServerId = ParamUtil.getLong(actionRequest, "ldapServerId"); // Remove preferences String postfix = LDAPSettingsUtil.getPropertyPostfix(ldapServerId); String[] keys = new String[_KEYS.length]; for (int i = 0; i < _KEYS.length; i++) { keys[i] = _KEYS[i] + postfix; } CompanyServiceUtil.removePreferences(themeDisplay.getCompanyId(), keys); // Update preferences PortletPreferences preferences = PrefsPropsUtil.getPreferences(themeDisplay.getCompanyId()); UnicodeProperties properties = new UnicodeProperties(); String ldapServerIds = preferences.getValue("ldap.server.ids", StringPool.BLANK); ldapServerIds = StringUtil.remove(ldapServerIds, String.valueOf(ldapServerId)); properties.put("ldap.server.ids", ldapServerIds); CompanyServiceUtil.updatePreferences(themeDisplay.getCompanyId(), properties); }
protected UnicodeProperties addLDAPServer(long companyId, UnicodeProperties properties) throws Exception { String defaultPostfix = LDAPSettingsUtil.getPropertyPostfix(0); String[] defaultKeys = new String[_KEYS.length]; for (int i = 0; i < _KEYS.length; i++) { defaultKeys[i] = _KEYS[i] + defaultPostfix; } long ldapServerId = CounterLocalServiceUtil.increment(); String postfix = LDAPSettingsUtil.getPropertyPostfix(ldapServerId); String[] keys = properties.keySet().toArray(new String[0]); for (String key : keys) { if (ArrayUtil.contains(defaultKeys, key)) { String value = properties.remove(key); if (key.equals(PropsKeys.LDAP_SECURITY_CREDENTIALS + defaultPostfix) && value.equals(Portal.TEMP_OBFUSCATION_VALUE)) { value = PrefsPropsUtil.getString(PropsKeys.LDAP_SECURITY_CREDENTIALS); } properties.setProperty(key.replace(defaultPostfix, postfix), value); } } PortletPreferences preferences = PrefsPropsUtil.getPreferences(companyId); String ldapServerIds = preferences.getValue("ldap.server.ids", StringPool.BLANK); ldapServerIds = StringUtil.add(ldapServerIds, String.valueOf(ldapServerId)); properties.setProperty("ldap.server.ids", ldapServerIds); return properties; }
protected int authenticate( long companyId, String emailAddress, String screenName, long userId, String password) throws Exception { if (!AuthSettingsUtil.isLDAPAuthEnabled(companyId)) { if (_log.isDebugEnabled()) { _log.debug("Authenticator is not enabled"); } return SUCCESS; } if (_log.isDebugEnabled()) { _log.debug("Authenticator is enabled"); } long[] ldapServerIds = StringUtil.split(PrefsPropsUtil.getString(companyId, "ldap.server.ids"), 0L); for (long ldapServerId : ldapServerIds) { int result = authenticate(companyId, ldapServerId, emailAddress, screenName, userId, password); if (result == SUCCESS) { return result; } } for (int ldapServerId = 0; ; ldapServerId++) { String postfix = LDAPSettingsUtil.getPropertyPostfix(ldapServerId); String providerUrl = PrefsPropsUtil.getString(companyId, PropsKeys.LDAP_BASE_PROVIDER_URL + postfix); if (Validator.isNull(providerUrl)) { break; } int result = authenticate(companyId, ldapServerId, emailAddress, screenName, userId, password); if (result == SUCCESS) { return result; } } return authenticateRequired(companyId, userId, emailAddress, screenName, true, FAILURE); }
protected int authenticate( long companyId, long ldapServerId, String emailAddress, String screenName, long userId, String password) throws Exception { String postfix = LDAPSettingsUtil.getPropertyPostfix(ldapServerId); LdapContext ldapContext = PortalLDAPUtil.getContext(ldapServerId, companyId); if (ldapContext == null) { return FAILURE; } try { String baseDN = PrefsPropsUtil.getString(companyId, PropsKeys.LDAP_BASE_DN + postfix); // Process LDAP auth search filter String filter = LDAPSettingsUtil.getAuthSearchFilter( ldapServerId, companyId, emailAddress, screenName, String.valueOf(userId)); Properties userMappings = LDAPSettingsUtil.getUserMappings(ldapServerId, companyId); String userMappingsScreenName = GetterUtil.getString(userMappings.getProperty("screenName")).toLowerCase(); SearchControls searchControls = new SearchControls( SearchControls.SUBTREE_SCOPE, 1, 0, new String[] {userMappingsScreenName}, false, false); NamingEnumeration<SearchResult> enu = ldapContext.search(baseDN, filter, searchControls); if (enu.hasMoreElements()) { if (_log.isDebugEnabled()) { _log.debug("Search filter returned at least one result"); } SearchResult result = enu.nextElement(); String fullUserDN = PortalLDAPUtil.getNameInNamespace(ldapServerId, companyId, result); Attributes attributes = PortalLDAPUtil.getUserAttributes(ldapServerId, companyId, ldapContext, fullUserDN); LDAPAuthResult ldapAuthResult = null; if (PropsValues.LDAP_IMPORT_USER_PASSWORD_ENABLED) { ldapAuthResult = authenticate(ldapContext, companyId, attributes, fullUserDN, password); // Process LDAP failure codes String errorMessage = ldapAuthResult.getErrorMessage(); if (errorMessage != null) { if (errorMessage.indexOf( PrefsPropsUtil.getString(companyId, PropsKeys.LDAP_ERROR_USER_LOCKOUT)) != -1) { throw new UserLockoutException(); } else if (errorMessage.indexOf( PrefsPropsUtil.getString(companyId, PropsKeys.LDAP_ERROR_PASSWORD_EXPIRED)) != -1) { throw new PasswordExpiredException(); } } if (!ldapAuthResult.isAuthenticated() && PropsValues.LDAP_IMPORT_USER_PASSWORD_ENABLED) { return FAILURE; } } // Get user or create from LDAP User user = PortalLDAPImporterUtil.importLDAPUser( ldapServerId, companyId, ldapContext, attributes, password); // Process LDAP success codes if (ldapAuthResult != null) { String resultCode = ldapAuthResult.getResponseControl(); if (resultCode.equals(LDAPAuth.RESULT_PASSWORD_RESET)) { UserLocalServiceUtil.updatePasswordReset(user.getUserId(), true); } } } else { if (_log.isDebugEnabled()) { _log.debug("Search filter did not return any results"); } return DNE; } enu.close(); } catch (Exception e) { if (e instanceof PasswordExpiredException || e instanceof UserLockoutException) { throw e; } _log.error("Problem accessing LDAP server", e); return FAILURE; } finally { if (ldapContext != null) { ldapContext.close(); } } return SUCCESS; }
private long _initCompany(ServletContext servletContext, String webId) { // Begin initializing company if (_log.isDebugEnabled()) { _log.debug("Begin initializing company with web id " + webId); } long companyId = 0; try { Company company = CompanyLocalServiceUtil.checkCompany(webId); companyId = company.getCompanyId(); } catch (Exception e) { _log.error(e, e); } Long currentThreadCompanyId = CompanyThreadLocal.getCompanyId(); String currentThreadPrincipalName = PrincipalThreadLocal.getName(); try { CompanyThreadLocal.setCompanyId(companyId); String principalName = null; try { User user = UserLocalServiceUtil.getUser(PrincipalThreadLocal.getUserId()); if (user.getCompanyId() == companyId) { principalName = currentThreadPrincipalName; } } catch (Exception e) { } PrincipalThreadLocal.setName(principalName); // Initialize display if (_log.isDebugEnabled()) { _log.debug("Initialize display"); } try { String xml = HttpUtil.URLtoString(servletContext.getResource("/WEB-INF/liferay-display.xml")); PortletCategory portletCategory = (PortletCategory) WebAppPool.get(companyId, WebKeys.PORTLET_CATEGORY); if (portletCategory == null) { portletCategory = new PortletCategory(); } PortletCategory newPortletCategory = PortletLocalServiceUtil.getEARDisplay(xml); portletCategory.merge(newPortletCategory); for (int i = 0; i < _companyIds.length; i++) { long currentCompanyId = _companyIds[i]; PortletCategory currentPortletCategory = (PortletCategory) WebAppPool.get(currentCompanyId, WebKeys.PORTLET_CATEGORY); if (currentPortletCategory != null) { portletCategory.merge(currentPortletCategory); } } WebAppPool.put(companyId, WebKeys.PORTLET_CATEGORY, portletCategory); } catch (Exception e) { _log.error(e, e); } // LDAP import try { if (LDAPSettingsUtil.isImportOnStartup(companyId)) { UserImporterUtil.importUsers(companyId); } } catch (Exception e) { _log.error(e, e); } // Process application startup events if (_log.isDebugEnabled()) { _log.debug("Process application startup events"); } try { EventsProcessorUtil.process( PropsKeys.APPLICATION_STARTUP_EVENTS, PropsValues.APPLICATION_STARTUP_EVENTS, new String[] {String.valueOf(companyId)}); } catch (Exception e) { _log.error(e, e); } // End initializing company if (_log.isDebugEnabled()) { _log.debug( "End initializing company with web id " + webId + " and company id " + companyId); } addCompanyId(companyId); } finally { CompanyThreadLocal.setCompanyId(currentThreadCompanyId); PrincipalThreadLocal.setName(currentThreadPrincipalName); } return companyId; }