Example 1 with EncryptorException
use of com.liferay.util.EncryptorException in project liferay-ide by liferay.
the class UserLocalServiceImpl method decryptUserId.
/**
* Decrypts the user's primary key and password from their encrypted forms.
* Used for decrypting a user's credentials from the values stored in an
* automatic login cookie.
*
* @param companyId the primary key of the user's company
* @param name the encrypted primary key of the user
* @param password the encrypted password of the user
* @return the user's primary key and password
* @throws PortalException if a user with the primary key could not be found
* or if the user's password was incorrect
* @throws SystemException if a system exception occurred
*/
@Override
public KeyValuePair decryptUserId(long companyId, String name, String password) throws PortalException, SystemException {
Company company = companyPersistence.findByPrimaryKey(companyId);
try {
name = Encryptor.decrypt(company.getKeyObj(), name);
} catch (EncryptorException ee) {
throw new SystemException(ee);
}
long userId = GetterUtil.getLong(name);
User user = userPersistence.findByPrimaryKey(userId);
try {
password = Encryptor.decrypt(company.getKeyObj(), password);
} catch (EncryptorException ee) {
throw new SystemException(ee);
}
String userPassword = user.getPassword();
String encPassword = PasswordEncryptorUtil.encrypt(password, userPassword);
if (userPassword.equals(encPassword)) {
if (isPasswordExpired(user)) {
user.setPasswordReset(true);
userPersistence.update(user);
}
return new KeyValuePair(name, password);
} else {
throw new PrincipalException();
}
}
Also used :
Company(com.liferay.portal.model.Company)
User(com.liferay.portal.model.User)
EncryptorException(com.liferay.util.EncryptorException)
SystemException(com.liferay.portal.kernel.exception.SystemException)
KeyValuePair(com.liferay.portal.kernel.util.KeyValuePair)
PrincipalException(com.liferay.portal.security.auth.PrincipalException)
Example 2 with EncryptorException
use of com.liferay.util.EncryptorException in project liferay-ide by liferay.
the class UserLocalServiceImpl method encryptUserId.
/**
* Encrypts the primary key of the user. Used when encrypting the user's
* credentials for storage in an automatic login cookie.
*
* @param name the primary key of the user
* @return the user's encrypted primary key
* @throws PortalException if a user with the primary key could not be found
* @throws SystemException if a system exception occurred
*/
@Override
@Transactional(propagation = Propagation.SUPPORTS, readOnly = true)
public String encryptUserId(String name) throws PortalException, SystemException {
long userId = GetterUtil.getLong(name);
User user = userPersistence.findByPrimaryKey(userId);
Company company = companyPersistence.findByPrimaryKey(user.getCompanyId());
try {
return Encryptor.encrypt(company.getKeyObj(), name);
} catch (EncryptorException ee) {
throw new SystemException(ee);
}
}
Also used :
Company(com.liferay.portal.model.Company)
User(com.liferay.portal.model.User)
EncryptorException(com.liferay.util.EncryptorException)
SystemException(com.liferay.portal.kernel.exception.SystemException)
Transactional(com.liferay.portal.kernel.transaction.Transactional)
Example 3 with EncryptorException
use of com.liferay.util.EncryptorException in project liferay-ide by liferay.
the class ShindigFilter method setPermissionChecker.
protected boolean setPermissionChecker(ServletRequest servletRequest) {
String companyIdString = CookieKeys.getCookie((HttpServletRequest) servletRequest, CookieKeys.COMPANY_ID);
if (Validator.isNull(companyIdString)) {
return false;
}
long companyId = GetterUtil.getLong(companyIdString);
String userUUID = StringPool.BLANK;
try {
Company company = CompanyLocalServiceUtil.fetchCompany(companyId);
if (company == null) {
return false;
}
String userUUIDString = CookieKeys.getCookie((HttpServletRequest) servletRequest, CookieKeys.USER_UUID);
if (Validator.isNull(userUUIDString)) {
return false;
}
userUUID = GetterUtil.getString(Encryptor.decrypt(company.getKeyObj(), userUUIDString));
} catch (EncryptorException ee) {
return false;
} catch (Exception e) {
_log.error(e, e);
return false;
}
if (!AuthenticatedUserUUIDStoreUtil.exists(userUUID)) {
return false;
}
String userIdString = userUUID.substring(0, userUUID.indexOf(StringPool.PERIOD));
long userId = GetterUtil.getLong(userIdString);
try {
User user = UserLocalServiceUtil.getUserById(userId);
PrincipalThreadLocal.setName(userIdString);
PermissionChecker permissionChecker = PermissionCheckerFactoryUtil.create(user);
PermissionThreadLocal.setPermissionChecker(permissionChecker);
} catch (Exception e) {
_log.error(e, e);
return false;
}
return true;
}
Also used :
Company(com.liferay.portal.model.Company)
User(com.liferay.portal.model.User)
EncryptorException(com.liferay.util.EncryptorException)
PermissionChecker(com.liferay.portal.security.permission.PermissionChecker)
ServletException(javax.servlet.ServletException)
EncryptorException(com.liferay.util.EncryptorException)
IOException(java.io.IOException)
UnavailableException(javax.servlet.UnavailableException)
Aggregations
Company (com.liferay.portal.model.Company)3
User (com.liferay.portal.model.User)3
EncryptorException (com.liferay.util.EncryptorException)3
SystemException (com.liferay.portal.kernel.exception.SystemException)2
Transactional (com.liferay.portal.kernel.transaction.Transactional)1
KeyValuePair (com.liferay.portal.kernel.util.KeyValuePair)1
PrincipalException (com.liferay.portal.security.auth.PrincipalException)1
PermissionChecker (com.liferay.portal.security.permission.PermissionChecker)1
IOException (java.io.IOException)1
ServletException (javax.servlet.ServletException)1
UnavailableException (javax.servlet.UnavailableException)1
