001    /**
002     * Copyright (c) 2000-present Liferay, Inc. All rights reserved.
003     *
004     * This library is free software; you can redistribute it and/or modify it under
005     * the terms of the GNU Lesser General Public License as published by the Free
006     * Software Foundation; either version 2.1 of the License, or (at your option)
007     * any later version.
008     *
009     * This library is distributed in the hope that it will be useful, but WITHOUT
010     * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
011     * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
012     * details.
013     */
014    
015    package com.liferay.portal.security.auth;
016    
017    import com.liferay.portal.kernel.exception.PortalException;
018    import com.liferay.portal.kernel.exception.SystemException;
019    import com.liferay.portal.kernel.spring.osgi.OSGiBeanProperties;
020    import com.liferay.portal.model.User;
021    import com.liferay.portal.util.PortalUtil;
022    
023    import java.util.Properties;
024    
025    import javax.servlet.http.HttpServletRequest;
026    
027    /**
028     * @author Tomas Polesovsky
029     */
030    @OSGiBeanProperties(
031            portalPropertyPrefix = "auth.verifier.PortalSessionAuthVerifier."
032    )
033    public class PortalSessionAuthVerifier implements AuthVerifier {
034    
035            public static final String AUTH_TYPE =
036                    PortalSessionAuthVerifier.class.getSimpleName();
037    
038            @Override
039            public String getAuthType() {
040                    return AUTH_TYPE;
041            }
042    
043            @Override
044            public AuthVerifierResult verify(
045                            AccessControlContext accessControlContext, Properties properties)
046                    throws AuthException {
047    
048                    try {
049                            AuthVerifierResult authVerifierResult = new AuthVerifierResult();
050    
051                            HttpServletRequest request = accessControlContext.getRequest();
052    
053                            User user = PortalUtil.getUser(request);
054    
055                            if (user == null) {
056                                    return authVerifierResult;
057                            }
058    
059                            authVerifierResult.setState(AuthVerifierResult.State.SUCCESS);
060                            authVerifierResult.setUserId(user.getUserId());
061    
062                            return authVerifierResult;
063                    }
064                    catch (PortalException pe) {
065                            throw new AuthException(pe);
066                    }
067                    catch (SystemException se) {
068                            throw new AuthException(se);
069                    }
070            }
071    
072    }