001
014
015 package com.liferay.portal.action;
016
017 import com.liferay.portal.kernel.portlet.WindowStateFactory;
018 import com.liferay.portal.kernel.util.CharPool;
019 import com.liferay.portal.kernel.util.HttpUtil;
020 import com.liferay.portal.kernel.util.ParamUtil;
021 import com.liferay.portal.kernel.util.PropsKeys;
022 import com.liferay.portal.kernel.util.StringBundler;
023 import com.liferay.portal.kernel.util.StringPool;
024 import com.liferay.portal.kernel.util.StringUtil;
025 import com.liferay.portal.kernel.util.Validator;
026 import com.liferay.portal.theme.ThemeDisplay;
027 import com.liferay.portal.util.PortalUtil;
028 import com.liferay.portal.util.PortletKeys;
029 import com.liferay.portal.util.PrefsPropsUtil;
030 import com.liferay.portal.util.PropsValues;
031 import com.liferay.portal.util.WebKeys;
032 import com.liferay.portlet.PortletURLFactoryUtil;
033 import com.liferay.portlet.login.util.LoginUtil;
034
035 import javax.portlet.PortletMode;
036 import javax.portlet.PortletRequest;
037 import javax.portlet.PortletURL;
038 import javax.portlet.WindowState;
039
040 import javax.servlet.http.HttpServletRequest;
041 import javax.servlet.http.HttpServletResponse;
042 import javax.servlet.http.HttpSession;
043
044 import org.apache.struts.action.Action;
045 import org.apache.struts.action.ActionForm;
046 import org.apache.struts.action.ActionForward;
047 import org.apache.struts.action.ActionMapping;
048
049
053 public class LoginAction extends Action {
054
055 @Override
056 public ActionForward execute(
057 ActionMapping mapping, ActionForm form, HttpServletRequest request,
058 HttpServletResponse response)
059 throws Exception {
060
061 ThemeDisplay themeDisplay = (ThemeDisplay)request.getAttribute(
062 WebKeys.THEME_DISPLAY);
063
064 if (PropsValues.AUTH_LOGIN_DISABLED) {
065 response.sendRedirect(
066 themeDisplay.getPathMain() +
067 PropsValues.AUTH_LOGIN_DISABLED_PATH);
068
069 return null;
070 }
071
072 if (PropsValues.COMPANY_SECURITY_AUTH_REQUIRES_HTTPS &&
073 !request.isSecure()) {
074
075 StringBundler sb = new StringBundler(4);
076
077 sb.append(PortalUtil.getPortalURL(request, true));
078 sb.append(request.getRequestURI());
079 sb.append(StringPool.QUESTION);
080 sb.append(request.getQueryString());
081
082 response.sendRedirect(sb.toString());
083
084 return null;
085 }
086
087 String login = ParamUtil.getString(request, "login");
088 String password = request.getParameter("password");
089 boolean rememberMe = ParamUtil.getBoolean(request, "rememberMe");
090 String authType = ParamUtil.getString(request, "authType");
091
092 if (Validator.isNotNull(login) && Validator.isNotNull(password)) {
093 LoginUtil.login(
094 request, response, login, password, rememberMe, authType);
095 }
096
097 HttpSession session = request.getSession();
098
099 if ((session.getAttribute("j_username") != null) &&
100 (session.getAttribute("j_password") != null)) {
101
102 if (PropsValues.PORTAL_JAAS_ENABLE) {
103 return mapping.findForward("/portal/touch_protected.jsp");
104 }
105
106 String redirect = ParamUtil.getString(request, "redirect");
107
108 redirect = PortalUtil.escapeRedirect(redirect);
109
110 if (Validator.isNull(redirect)) {
111 redirect = themeDisplay.getPathMain();
112 }
113
114 if (redirect.charAt(0) == CharPool.SLASH) {
115 String portalURL = PortalUtil.getPortalURL(
116 request, request.isSecure());
117
118 if (Validator.isNotNull(portalURL)) {
119 redirect = portalURL.concat(redirect);
120 }
121 }
122
123 response.sendRedirect(redirect);
124
125 return null;
126 }
127
128 String redirect = PortalUtil.getSiteLoginURL(themeDisplay);
129
130 if (Validator.isNull(redirect)) {
131 redirect = PropsValues.AUTH_LOGIN_URL;
132 }
133
134 if (Validator.isNull(redirect)) {
135 PortletURL portletURL = PortletURLFactoryUtil.create(
136 request, PortletKeys.LOGIN, themeDisplay.getPlid(),
137 PortletRequest.RENDER_PHASE);
138
139 portletURL.setParameter("saveLastPath", Boolean.FALSE.toString());
140 portletURL.setParameter("struts_action", "/login/login");
141 portletURL.setPortletMode(PortletMode.VIEW);
142 portletURL.setWindowState(getWindowState(request));
143
144 redirect = portletURL.toString();
145 }
146
147 if (PropsValues.COMPANY_SECURITY_AUTH_REQUIRES_HTTPS) {
148 String portalURL = PortalUtil.getPortalURL(request);
149 String portalURLSecure = PortalUtil.getPortalURL(request, true);
150
151 if (!portalURL.equals(portalURLSecure)) {
152 redirect = StringUtil.replaceFirst(
153 redirect, portalURL, portalURLSecure);
154 }
155 }
156
157 String loginRedirect = ParamUtil.getString(request, "redirect");
158
159 if (Validator.isNotNull(loginRedirect)) {
160 if (PrefsPropsUtil.getBoolean(
161 themeDisplay.getCompanyId(), PropsKeys.CAS_AUTH_ENABLED,
162 PropsValues.CAS_AUTH_ENABLED)) {
163
164 redirect = loginRedirect;
165 }
166 else {
167 String loginPortletNamespace = PortalUtil.getPortletNamespace(
168 PropsValues.AUTH_LOGIN_PORTLET_NAME);
169
170 String loginRedirectParameter =
171 loginPortletNamespace + "redirect";
172
173 redirect = HttpUtil.setParameter(
174 redirect, "p_p_id", PropsValues.AUTH_LOGIN_PORTLET_NAME);
175 redirect = HttpUtil.setParameter(
176 redirect, "p_p_lifecycle", "0");
177 redirect = HttpUtil.setParameter(
178 redirect, loginRedirectParameter, loginRedirect);
179 }
180 }
181
182 response.sendRedirect(redirect);
183
184 return null;
185 }
186
187 protected WindowState getWindowState(HttpServletRequest request) {
188 WindowState windowState = WindowState.MAXIMIZED;
189
190 String windowStateString = ParamUtil.getString(request, "windowState");
191
192 if (Validator.isNotNull(windowStateString)) {
193 windowState = WindowStateFactory.getWindowState(windowStateString);
194 }
195
196 return windowState;
197 }
198
199 }