Produced by Araxis Merge on 11/1/2017 10:11:05 AM Central Daylight Time. See www.araxis.com for information about Merge. This report uses XHTML and CSS2, and is best viewed with a modern standards-compliant browser. For optimum results when printing this report, use landscape orientation and enable printing of background images and colours in your browser.
| # | Location | File | Last Modified |
|---|---|---|---|
| 1 | core.zip\core\portlets\caret-portlet\docroot\WEB-INF\src\gov\va\caret\sso | SSOProcessor.java | Wed Nov 1 13:59:48 2017 UTC |
| 2 | core.zip\core\portlets\caret-portlet\docroot\WEB-INF\src\gov\va\caret\sso | SSOProcessor.java | Wed Nov 1 14:57:29 2017 UTC |
| Description | Between Files 1 and 2 |
|
|---|---|---|
| Text Blocks | Lines | |
| Unchanged | 3 | 684 |
| Changed | 2 | 6 |
| Inserted | 0 | 0 |
| Removed | 0 | 0 |
| Whitespace | |
|---|---|
| Character case | Differences in character case are significant |
| Line endings | Differences in line endings (CR and LF characters) are ignored |
| CR/LF characters | Not shown in the comparison detail |
No regular expressions were active.
| 1 | package go v.va.caret .sso; | |
| 2 | ||
| 3 | import jav a.sql.Conn ection; | |
| 4 | import jav a.sql.Prep aredStatem ent; | |
| 5 | import jav a.util.Dat e; | |
| 6 | import jav a.util.Enu meration; | |
| 7 | import jav a.util.Has hMap; | |
| 8 | import jav a.util.Lis t; | |
| 9 | import jav a.util.Map ; | |
| 10 | import jav a.util.UUI D; | |
| 11 | ||
| 12 | import jav ax.servlet .http.Http ServletReq uest; | |
| 13 | import jav ax.servlet .http.Http ServletRes ponse; | |
| 14 | ||
| 15 | import com .liferay.c ounter.ser vice.Count erLocalSer viceUtil; | |
| 16 | import com .liferay.p ortal.kern el.dao.jdb c.DataAcce ss; | |
| 17 | import com .liferay.p ortal.kern el.util.Lo caleUtil; | |
| 18 | import com .liferay.p ortal.mode l.Group; | |
| 19 | import com .liferay.p ortal.mode l.Role; | |
| 20 | import com .liferay.p ortal.mode l.RoleCons tants; | |
| 21 | import com .liferay.p ortal.mode l.User; | |
| 22 | import com .liferay.p ortal.secu rity.auth. AutoLoginE xception; | |
| 23 | import com .liferay.p ortal.secu rity.auth. CompanyThr eadLocal; | |
| 24 | import com .liferay.p ortal.serv ice.ClassN ameLocalSe rviceUtil; | |
| 25 | import com .liferay.p ortal.serv ice.GroupL ocalServic eUtil; | |
| 26 | import com .liferay.p ortal.serv ice.RoleLo calService Util; | |
| 27 | import com .liferay.p ortal.serv ice.UserLo calService Util; | |
| 28 | ||
| 29 | import gov .va.caret. model.Note ; | |
| 30 | import gov .va.caret. model.Pers n; | |
| 31 | import gov .va.caret. model.WorI m; | |
| 32 | import gov .va.caret. service.Ca retLocalSe rviceUtil; | |
| 33 | import gov .va.caret. service.No teLocalSer viceUtil; | |
| 34 | import gov .va.caret. service.Pe rsnLocalSe rviceUtil; | |
| 35 | import gov .va.caret. service.Wo rImLocalSe rviceUtil; | |
| 36 | ||
| 37 | public cla ss SSOProc essor impl ements com .liferay.p ortal.secu rity.auth. AutoLogin { | |
| 38 | ||
| 39 | fi nal long C OMPANY_ID = 20155;// how to get this real time? | |
| 40 | ||
| 41 | ||
| 42 | @O verride | |
| 43 | pu blic Strin g[] handle Exception( HttpServle tRequest a rg0, HttpS ervletResp onse arg1, Exception arg2) thr ows AutoLo ginExcepti on { | |
| 44 | ||
| 45 | arg2 .printStac kTrace(); | |
| 46 | retu rn null; | |
| 47 | } | |
| 48 | ||
| 49 | ||
| 50 | ||
| 51 | @O verride | |
| 52 | pu blic Strin g[] login( HttpServle tRequest r equest, Ht tpServletR esponse re sponse) th rows AutoL oginExcept ion { | |
| 53 | ||
| 54 | l("P ROCESSING SSO LOGIN REQUEST"); | |
| 55 | ||
| 56 | ||
| 57 | /* | |
| 58 | * r eturn Stri ng[] | |
| 59 | * [0 ] the user id | |
| 60 | * [1 ] the pass word | |
| 61 | * [2 ] true if password i s encrypte d, false i f it is no t | |
| 62 | * | |
| 63 | */ | |
| 64 | Conn ection con = null; | |
| 65 | try { | |
| 66 | ||
| 67 | ||
| 68 | //Syst em.out.pri ntln("User .class.get Name : " + User.clas s.getName( ) + "(" + ClassNameL ocalServic eUtil.getC lassNameId (User.clas s) + ")"); | |
| 69 | //Syst em.out.pri ntln("Cont act.class. getName() : " + Cont act.class. getName() + "(" + Cl assNameLoc alServiceU til.getCla ssNameId(C ontact.cla ss) + ")") ; | |
| 70 | //Syst em.out.pri ntln("Grou p.class.ge tName() : " + Group. class.getN ame() + "( " + ClassN ameLocalSe rviceUtil. getClassNa meId(Group .class) + ")"); | |
| 71 | ||
| 72 | con = DataAcces s.getConne ction(); | |
| 73 | SSOUs er iUser = SSOUserFa ctory.crea teUser(get Headers(re quest), co n); | |
| 74 | ||
| 75 | if(iU ser == nul l) | |
| 76 | { | |
| 77 | l("SSOi /e HEADERS NOT PRESE NT - ROUTI NG TO MANU AL LOGIN P AGE"); | |
| 78 | return null; | |
| 79 | } | |
| 80 | ||
| 81 | ||
| 82 | ||
| 83 | Compa nyThreadLo cal.setCom panyId(COM PANY_ID); | |
| 84 | Date newdate = new Date() ; | |
| 85 | ||
| 86 | ||
| 87 | ||
| 88 | l("CH ECKING LR TO SEE OF USER IS AL READY THER E : " + iU ser.get_sn ame()); | |
| 89 | User liferay_us er = null; | |
| 90 | Persn caret_per son = null ; | |
| 91 | try{ liferay _user = Us erLocalSer viceUtil.g etUserBySc reenName(C OMPANY_ID, iUser.get_ sname()); } catch(Ex ception e) { } | |
| 92 | boole an new_use r = (lifer ay_user == null); | |
| 93 | l("US ER EXISTED IN LR : " + (!new_u ser)); | |
| 94 | if(ne w_user) | |
| 95 | { | |
| 96 | l("ADDI NG USER VI A USERLOCA LSERVICEUT IL.ADDUSER WITHWORKFL OW"); | |
| 97 | ||
| 98 | //getSi teGroups | |
| 99 | liferay _user = Us erLocalSer viceUtil.a ddUserWith Workflow(( long)0,(lo ng)COMPANY _ID,true,n ull,null,f alse,iUser .get_sname (),iUser.g et_email() ,(long)0,n ull, | |
| 100 | L ocaleUtil. getDefault (),iUser.g et_fname() ,iUser.get _mname(), iUser.get_ lname(), | |
| 101 | 1 ,1,iUser.g etMale(),0 1,01,1970, | |
| 102 | n ull,null,n ull,new lo ng[]{RoleL ocalServic eUtil.getR ole(COMPAN Y_ID, Role Constants. POWER_USER ).getRoleI d()}, | |
| 103 | n ull,true,n ull); | |
| 104 | ||
| 105 | ||
| 106 | //Add t he correct site to t he user. | |
| 107 | l("ADDI NG USER " + liferay_ user.getSc reenName() + " TO SI TE " + iUs er.get_sit e()); | |
| 108 | Group l iferay_sit e_group = GroupLocal ServiceUti l.getGroup (COMPANY_I D, iUser.g et_site()) ; | |
| 109 | UserLoc alServiceU til.addGro upUser(lif eray_site_ group.getG roupId(),l iferay_use r); | |
| 110 | ||
| 111 | ||
| 112 | l("ADDI NG CARET_P ERSON VIA PERSNLOCAL SERVICEUTI L"); | |
| 113 | caret_p erson = Pe rsnLocalSe rviceUtil. addPersn(l iferay_use r, false); | |
| 114 | caret_p erson.setV istaID(iUs er.get_vis taID()); | |
| 115 | caret_p erson.setI CN(iUser.g et_icn()); | |
| 116 | ||
| 117 | ||
| 118 | l("SAVI NG CARET_P ERSON VIA CARETLOCAL SERVICEUTI L"); | |
| 119 | CaretLo calService Util.save( caret_pers on); | |
| 120 | ||
| 121 | ||
| 122 | } | |
| 123 | ||
| 124 | if(ca ret_person == null) | |
| 125 | { | |
| 126 | try{ caret_per son = Pers nLocalServ iceUtil.ge tByUser(li feray_user .getUserId ()); }catch(Ex ception e) { } | |
| 127 | ||
| 128 | if(care t_person = = null) | |
| 129 | { | |
| 130 | l("ADDING CARET_PER SON VIA PE RSNLOCALSE RVICEUTIL BECAUSE IT HAD NOT B EEN CREATE D YET"); | |
| 131 | caret_per son = Pers nLocalServ iceUtil.ad dPersn(lif eray_user, false); | |
| 132 | caret_per son.setVis taID(iUser .get_vista ID()); | |
| 133 | caret_per son.setICN (iUser.get _icn()); | |
| 134 | l("SAVING CARET_PER SON VIA CA RETLOCALSE RVICEUTIL" ); | |
| 135 | CaretLoca lServiceUt il.save(ca ret_person ); | |
| 136 | } | |
| 137 | } | |
| 138 | ||
| 139 | SaveH eaders(lif eray_user, iUser.get _headers() ,con); | |
| 140 | ||
| 141 | //we have to pr ocess the roles ever y single s ign-on. T he reason is the rol es may cha nge and we have to m ake sure | |
| 142 | //any new role is added, and any de precated r ole is rem oved. | |
| 143 | //for SSOi (int ernal) thi s is espec ially impo rtant | |
| 144 | //for SSOe (ext ernal) we won't do m uch becaus e it's eit her CareTa ker or Vet eran. | |
| 145 | //now handle th e roles. | |
| 146 | if(iU ser.get_ro les() != n ull) | |
| 147 | { | |
| 148 | //inste ad of tryi ng to reco ncile role s - just b low away a ll the rol es associa ted with t his user a nd then ad d the vali d ones bac k | |
| 149 | //this is actuall y faster t han reconc ilign | |
| 150 | List<Ro le> lifera y_user_rol es = lifer ay_user.ge tRoles(); | |
| 151 | for(Rol e liferay_ user_role: liferay_u ser_roles) | |
| 152 | { | |
| 153 | if(lifera y_user_rol e.getName( ).intern() != "Power User")//a lways leav e this | |
| 154 | { | |
| 155 | l ("REMOVING ROLE " + liferay_us er_role.ge tName() + " FROM USE R " + life ray_user.g etScreenNa me()); | |
| 156 | R oleLocalSe rviceUtil. deleteUser Role(lifer ay_user.ge tUserId(), liferay_u ser_role.g etRoleId() ); | |
| 157 | } | |
| 158 | } | |
| 159 | ||
| 160 | //make sure all t he roles p rovided ar e associat e with the user | |
| 161 | for(Str ing role : iUser.get _roles()) | |
| 162 | { | |
| 163 | l("ADDING ROLE " + role + " T O USER " + liferay_u ser.getScr eenName()) ; | |
| 164 | Role life ray_role = RoleLocal ServiceUti l.getRole( COMPANY_ID , role); | |
| 165 | UserLocal ServiceUti l.addRoleU ser(lifera y_role.get RoleId(), liferay_us er); | |
| 166 | } | |
| 167 | ||
| 168 | ||
| 169 | }else | |
| 170 | { | |
| 171 | l("NO R OLES FOUND - CREATIN G WORK ITE M AND NOTE "); | |
| 172 | //create a work it em in the Tech queue u | |
| 173 | long ca ret_workit em_id = Co unterLocal ServiceUti l.incremen t(WorIm.cl ass.getNam e()); | |
| 174 | WorIm c aret_work_ item = Wor ImLocalSer viceUtil.c reateWorIm (caret_wor kitem_id); | |
| 175 | caret_w ork_item.s etType("SS O_SIGNON_F AILURE"); | |
| 176 | caret_w ork_item.s etClassId( ClassNameL ocalServic eUtil.getC lassNameId (User.clas s)); | |
| 177 | caret_w ork_item.s etClassPk( liferay_us er.getUser Id()); | |
| 178 | caret_w ork_item.s etStatus(" NEW"); | |
| 179 | caret_w ork_item.s etCreation Date(newda te); | |
| 180 | caret_w ork_item.s etPersnId( caret_pers on.getPers nId()); | |
| 181 | WorImLo calService Util.addWo rIm(caret_ work_item) ; | |
| 182 | ||
| 183 | long ca ret_note_i d = Counte rLocalServ iceUtil.in crement(No te.class.g etName()); | |
| 184 | Note ca ret_note = NoteLocal ServiceUti l.createNo te(caret_n ote_id); | |
| 185 | caret_n ote.setCha inId(caret _workitem_ id); | |
| 186 | caret_n ote.setVal ue("NO ROL ES PROVIDE D FOR USER " + lifer ay_user.ge tScreenNam e()); | |
| 187 | caret_n ote.setCre ationDate( newdate); | |
| 188 | caret_n ote.setUui d(UUID.ran domUUID(). toString() ); | |
| 189 | NoteLoc alServiceU til.addNot e(caret_no te); | |
| 190 | ||
| 191 | } | |
| 192 | ||
| 193 | //tha t's it. W e are done . :) | |
| 194 | ||
| 195 | l("RE TURNING ne w String[] { " + lif eray_user. getUserId( ) + "," + liferay_u ser.getPas sword() + "," + life ray_user.i sPasswordE ncrypted() + "};"); | |
| 196 | retur n new Stri ng[] { Str ing.valueO f(liferay_ user.getUs erId()), liferay_ user.getPa ssword(), String .valueOf(l iferay_use r.isPasswo rdEncrypte d()) }; | |
| 197 | ||
| 198 | } ca tch (Excep tion e) { | |
| 199 | ||
| 200 | l("ERR OR THROWN : " + e.g etMessage( )); | |
| 201 | e.prin tStackTrac e(); | |
| 202 | ||
| 203 | }fin ally { | |
| 204 | try{ c on.close() ; }catch(E xception g ){} | |
| 205 | } | |
| 206 | ||
| 207 | ||
| 208 | ret urn null; //returnin g null dro ps the use r on the l ogin scree n - no way around th at. | |
| 209 | ||
| 210 | } | |
| 211 | ||
| 212 | pr ivate Hash Map<String ,String> g etHeadersS SOiTest() | |
| 213 | { | |
| 214 | Hash Map<String , String> hdrs = new HashMap<> (); | |
| 215 | ||
| 216 | ||
| 217 | ||
| 218 | //TE ST CODE HE RE | |
| 219 | ||
| 220 | Stri ng uid = " STU" + (Sy stem.curre ntTimeMill is()/1000) ; | |
| 221 | ||
| 222 | hdrs .put("HTTP _PROOFINGA UTH","VA-P IV"); | |
| 223 | hdrs .put("HTTP _ASSURLEVE L","3"); | |
| 224 | hdrs .put("HTTP _ADDOMAIN" ,"vhamaste r"); | |
| 225 | hdrs .put("HTTP _ADSAMACCO UNTNAME",u id);//has to be uniq ue | |
| 226 | hdrs.put(" HTTP_ADUPN ", uid + " @ DOMAIN ");//has t o be uniqu e | |
| 227 | hdrs.put(" HTTP_ADEMA IL", uid + "@ DOMAIN ");//has t o be uniqu e | |
| 228 | hdrs .put("HTTP _VAUID","1 2345"); | |
| 229 | hdrs .put("HTTP _FIRSTNAME ","TestSSO i"); | |
| 230 | hdrs .put("HTTP _LASTNAME" ,"Smithski "); | |
| 231 | hdrs .put("HTTP _SECID","1 234567890" ); | |
| 232 | hdrs .put("HTTP _MVIICN"," 1012830246 V283996"); | |
| 233 | hdrs .put("Vist AID","TEST VISTAID"); | |
| 234 | hdrs .put("HTTP _CORPID"," 600095357" );//<-- di s is the S S | |
| 235 | hdrs .put("HTTP _DODEDIPNI D","123456 7890"); | |
| 236 | hdrs .put("HTTP _ROLE","Ro le1"); | |
| 237 | hdrs .put("HTTP _ORGANIZAT ION","Depa rtment of Veterans A ffairs"); | |
| 238 | hdrs .put("HTTP _ORGANIZAT IONID","ur n:oid:2.16 .840.1.113 883.4.349" ); | |
| 239 | ||
| 240 | ||
| 241 | ||
| 242 | retu rn hdrs; | |
| 243 | } | |
| 244 | ||
| 245 | pr ivate void SaveHeade rs(User us er, HashMa p<String,S tring>hdrs , Connecti on con) th rows Excep tion | |
| 246 | { | |
| 247 | l("STO RING ALL H EADER VALU ES"); | |
| 248 | Prepar edStatemen t psmt = c on.prepare Statement( "INSERT IN TO CARET_S SO_ATTR (U SERID, HTT P_HEADER,H TTP_VALUE) VALUES (" + user.ge tUserId() + ",?,?)") ; | |
| 249 | for(Ma p.Entry<St ring,Strin g> me: hdr s.entrySet ()) | |
| 250 | { | |
| 251 | psmt.set String(1, me.getKey( )); | |
| 252 | ||
| 253 | if(me.ge tValue() = = null) | |
| 254 | psmt.setSt ring(2, "[ null value ]"); | |
| 255 | else | |
| 256 | psmt.setSt ring(2, me .getValue( )); | |
| 257 | ||
| 258 | psmt.add Batch(); | |
| 259 | } | |
| 260 | ||
| 261 | psmt.e xecuteBatc h(); | |
| 262 | ||
| 263 | } | |
| 264 | ||
| 265 | pr ivate Hash Map<String ,String> g etHeaders( HttpServle tRequest r equest) | |
| 266 | { | |
| 267 | Hash Map<String , String> hdrs = new HashMap<> (); | |
| 268 | ||
| 269 | Enum eration<St ring> head erNames = request.ge tHeaderNam es(); | |
| 270 | whil e (headerN ames.hasMo reElements ()) { | |
| 271 | String key = (St ring) head erNames.ne xtElement( ); | |
| 272 | String value = r equest.get Header(key ); | |
| 273 | hdrs.p ut(key, va lue); | |
| 274 | } | |
| 275 | ||
| 276 | //hd rs.putAll( getHeaders SSOiTest() ); | |
| 277 | //hd rs.putAll( getHeaders SSOeTest() ); | |
| 278 | ||
| 279 | retu rn hdrs; | |
| 280 | } | |
| 281 | ||
| 282 | ||
| 283 | ||
| 284 | ||
| 285 | pr ivate Hash Map<String ,String> g etHeadersS SOeTest() | |
| 286 | { | |
| 287 | Hash Map<String , String> hdrs = new HashMap<> (); | |
| 288 | ||
| 289 | Stri ng uid = " SeTU" + (S ystem.curr entTimeMil lis()/1000 ); | |
| 290 | ||
| 291 | ||
| 292 | hdrs .put("va_e auth_csid" ,""); | |
| 293 | hdrs .put("va_e auth_uid", "id=" + ui d + ",ou=u ser,o=bene ficiaries, dc=osd,dc= mil"); | |
| 294 | hdrs .put("va_e auth_hash" ,""); | |
| 295 | hdrs .put("va_e auth_commo nname","") ; | |
| 296 | hdrs .put("va_e auth_assur ancelevel" ,""); | |
| 297 | hdrs .put("va_e auth_issue instant"," "); | |
| 298 | hdrs.put(" va_eauth_e mailaddres s", uid + "@ DOMAIN "); | |
| 299 | hdrs .put("va_e auth_first name","Fra nkie"); | |
| 300 | hdrs .put("va_e auth_middl ename","Go esTo"); | |
| 301 | hdrs .put("va_e auth_lastn ame","Holl ywood"); | |
| 302 | hdrs .put("va_e auth_stree t","1234 E Elm Stree t"); | |
| 303 | hdrs .put("va_e auth_stree t1","Apart ment G"); | |
| 304 | hdrs .put("va_e auth_stree t2",""); | |
| 305 | hdrs .put("va_e auth_stree t3",""); | |
| 306 | hdrs .put("va_e auth_city" ,"San Gabr iel"); | |
| 307 | hdrs .put("va_e auth_state ","CA"); | |
| 308 | hdrs .put("va_e auth_count ry","USA") ; | |
| 309 | hdrs .put("va_e auth_posta lcode","91 832"); | |
| 310 | hdrs .put("va_e auth_phone ","606-222 -0423"); | |
| 311 | hdrs .put("va_e auth_pnid" ,"555-55-5 555"); | |
| 312 | hdrs .put("va_e auth_pnidt ype","SSN" ); | |
| 313 | hdrs .put("va_e auth_birth date_v1"," 1971021614 22"); | |
| 314 | hdrs .put("va_e auth_doded ipnid","") ; | |
| 315 | hdrs .put("va_e auth_authe nticationm ethod","") ; | |
| 316 | hdrs .put("va_e auth_authe nticationa uthority", ""); | |
| 317 | hdrs .put("va_e auth_icn", "ICN213211 2"); | |
| 318 | hdrs .put("va_e auth_pid", ""); | |
| 319 | hdrs .put("va_e auth_birls filenumber ",""); | |
| 320 | hdrs .put("va_e auth_secid ",""); | |
| 321 | hdrs .put("va_e auth_mhvie n",""); | |
| 322 | hdrs .put("va_e auth_cspon ly",""); | |
| 323 | hdrs .put("va_e auth_backe nddown","" ); | |
| 324 | hdrs .put("va_e auth_prefi x","Miss") ; | |
| 325 | hdrs .put("va_e auth_suffi x",""); | |
| 326 | hdrs .put("va_e auth_gende r","Female "); | |
| 327 | hdrs .put("va_e auth_hdr_v ersion","" ); | |
| 328 | hdrs .put("va_e auth_trans actionid", ""); | |
| 329 | hdrs .put("cook ie",""); | |
| 330 | hdrs .put("va_e auth_autho rization", ""); | |
| 331 | hdrs .put("iv-g roups","") ; | |
| 332 | hdrs .put("iv-u ser",""); | |
| 333 | hdrs .put("va_e auth_spons ordodedipn id",""); | |
| 334 | ||
| 335 | ||
| 336 | retu rn hdrs; | |
| 337 | } | |
| 338 | ||
| 339 | ||
| 340 | pr ivate void l(String msg) | |
| 341 | { | |
| 342 | Syst em.out.pri ntln("SSOP rocessor-- ->" + msg) ; | |
| 343 | } | |
| 344 | ||
| 345 | } |
Araxis Merge (but not the data content of this report) is Copyright © 1993-2016 Araxis Ltd (www.araxis.com). All rights reserved.