use of com.liferay.portal.kernel.transaction.Transactional in project liferay-ide by liferay.
the class UserLocalServiceImpl method authenticateForDigest.
/**
* Attempts to authenticate the user using HTTP digest access
* authentication, without using the AuthPipeline. Primarily used for
* authenticating users of <code>tunnel-web</code>.
*
* @param companyId the primary key of the user's company
* @param username either the user's email address, screen name, or primary
* key
* @param realm unused
* @param nonce the number used once
* @param method the request method
* @param uri the request URI
* @param response the authentication response hash
* @return the user's primary key if authentication is succesful;
* <code>0</code> otherwise
* @throws PortalException if a portal exception occurred
* @throws SystemException if a system exception occurred
*/
@Override
@Transactional(propagation = Propagation.SUPPORTS, readOnly = true)
public long authenticateForDigest(long companyId, String username, String realm, String nonce, String method, String uri, String response) throws PortalException, SystemException {
if (PropsValues.AUTH_LOGIN_DISABLED) {
return 0;
}
// Get User
User user = fetchUserByEmailAddress(companyId, username);
if (user == null) {
user = fetchUserByScreenName(companyId, username);
}
if (user == null) {
user = userPersistence.fetchByPrimaryKey(GetterUtil.getLong(username));
}
if (user == null) {
return 0;
}
if (user.isDefaultUser()) {
if (_log.isInfoEnabled()) {
_log.info("Digest authentication is disabled for the default user");
}
return 0;
} else if (!user.isActive()) {
if (_log.isInfoEnabled()) {
_log.info("Digest authentication is disabled for inactive user " + user.getUserId());
}
return 0;
}
// Verify digest
String digest = user.getDigest();
if (Validator.isNull(digest)) {
_log.error("User must first login through the portal " + user.getUserId());
return 0;
}
String[] digestArray = StringUtil.split(user.getDigest());
for (String ha1 : digestArray) {
String ha2 = DigesterUtil.digestHex(Digester.MD5, method, uri);
String curResponse = DigesterUtil.digestHex(Digester.MD5, ha1, nonce, ha2);
if (response.equals(curResponse)) {
return user.getUserId();
}
}
return 0;
}
use of com.liferay.portal.kernel.transaction.Transactional in project liferay-ide by liferay.
the class UserLocalServiceImpl method authenticateForBasic.
/**
* Attempts to authenticate the user using HTTP basic access authentication,
* without using the AuthPipeline. Primarily used for authenticating users
* of <code>tunnel-web</code>.
*
* <p>
* Authentication type specifies what <code>login</code> contains.The valid
* values are:
* </p>
*
* <ul>
* <li>
* <code>CompanyConstants.AUTH_TYPE_EA</code> - <code>login</code> is the
* user's email address
* </li>
* <li>
* <code>CompanyConstants.AUTH_TYPE_SN</code> - <code>login</code> is the
* user's screen name
* </li>
* <li>
* <code>CompanyConstants.AUTH_TYPE_ID</code> - <code>login</code> is the
* user's primary key
* </li>
* </ul>
*
* @param companyId the primary key of the user's company
* @param authType the type of authentication to perform
* @param login either the user's email address, screen name, or primary
* key depending on the value of <code>authType</code>
* @param password the user's password
* @return the authentication status. This can be {@link
* com.liferay.portal.security.auth.Authenticator#FAILURE}
* indicating that the user's credentials are invalid, {@link
* com.liferay.portal.security.auth.Authenticator#SUCCESS}
* indicating a successful login, or {@link
* com.liferay.portal.security.auth.Authenticator#DNE} indicating
* that a user with that login does not exist.
* @throws PortalException if a portal exception occurred
* @throws SystemException if a system exception occurred
*/
@Override
@Transactional(propagation = Propagation.SUPPORTS, readOnly = true)
public long authenticateForBasic(long companyId, String authType, String login, String password) throws PortalException, SystemException {
if (PropsValues.AUTH_LOGIN_DISABLED) {
return 0;
}
User user = null;
if (authType.equals(CompanyConstants.AUTH_TYPE_EA)) {
user = fetchUserByEmailAddress(companyId, login);
} else if (authType.equals(CompanyConstants.AUTH_TYPE_SN)) {
user = fetchUserByScreenName(companyId, login);
} else if (authType.equals(CompanyConstants.AUTH_TYPE_ID)) {
user = userPersistence.fetchByPrimaryKey(GetterUtil.getLong(login));
}
if (user == null) {
return 0;
}
if (user.isDefaultUser()) {
if (_log.isInfoEnabled()) {
_log.info("Basic authentication is disabled for the default " + "user");
}
return 0;
} else if (!user.isActive()) {
if (_log.isInfoEnabled()) {
_log.info("Basic authentication is disabled for inactive user " + user.getUserId());
}
return 0;
}
if (!PropsValues.BASIC_AUTH_PASSWORD_REQUIRED) {
return user.getUserId();
}
String userPassword = user.getPassword();
if (!user.isPasswordEncrypted()) {
userPassword = PasswordEncryptorUtil.encrypt(userPassword);
}
String encPassword = PasswordEncryptorUtil.encrypt(password, userPassword);
if (userPassword.equals(password) || userPassword.equals(encPassword)) {
return user.getUserId();
}
return 0;
}
use of com.liferay.portal.kernel.transaction.Transactional in project liferay-ide by liferay.
the class UserLocalServiceImpl method authenticateForJAAS.
/**
* Attempts to authenticate the user using JAAS credentials, without using
* the AuthPipeline.
*
* @param userId the primary key of the user
* @param encPassword the encrypted password
* @return <code>true</code> if authentication is successful;
* <code>false</code> otherwise
*/
@Override
@Transactional(propagation = Propagation.SUPPORTS, readOnly = true)
public boolean authenticateForJAAS(long userId, String encPassword) {
if (PropsValues.AUTH_LOGIN_DISABLED) {
return false;
}
try {
User user = userPersistence.findByPrimaryKey(userId);
if (user.isDefaultUser()) {
if (_log.isInfoEnabled()) {
_log.info("JAAS authentication is disabled for the default user");
}
return false;
} else if (!user.isActive()) {
if (_log.isInfoEnabled()) {
_log.info("JAAS authentication is disabled for inactive user " + userId);
}
return false;
}
String userPassword = user.getPassword();
if (user.isPasswordEncrypted()) {
if (userPassword.equals(encPassword)) {
return true;
}
if (!PropsValues.PORTAL_JAAS_STRICT_PASSWORD) {
encPassword = PasswordEncryptorUtil.encrypt(encPassword, userPassword);
if (userPassword.equals(encPassword)) {
return true;
}
}
} else {
if (!PropsValues.PORTAL_JAAS_STRICT_PASSWORD) {
if (userPassword.equals(encPassword)) {
return true;
}
}
userPassword = PasswordEncryptorUtil.encrypt(userPassword, encPassword);
if (userPassword.equals(encPassword)) {
return true;
}
}
} catch (Exception e) {
_log.error(e);
}
return false;
}
use of com.liferay.portal.kernel.transaction.Transactional in project liferay-ide by liferay.
the class UserLocalServiceImpl method encryptUserId.
/**
* Encrypts the primary key of the user. Used when encrypting the user's
* credentials for storage in an automatic login cookie.
*
* @param name the primary key of the user
* @return the user's encrypted primary key
* @throws PortalException if a user with the primary key could not be found
* @throws SystemException if a system exception occurred
*/
@Override
@Transactional(propagation = Propagation.SUPPORTS, readOnly = true)
public String encryptUserId(String name) throws PortalException, SystemException {
long userId = GetterUtil.getLong(name);
User user = userPersistence.findByPrimaryKey(userId);
Company company = companyPersistence.findByPrimaryKey(user.getCompanyId());
try {
return Encryptor.encrypt(company.getKeyObj(), name);
} catch (EncryptorException ee) {
throw new SystemException(ee);
}
}
Aggregations