List of usage examples for com.liferay.portal.kernel.security.auth AccessControlContext getResponse
public HttpServletResponse getResponse()
From source file:com.liferay.sync.security.auth.verifier.SyncAuthVerifier.java
License:Open Source License
@Override public AuthVerifierResult verify(AccessControlContext accessControlContext, Properties properties) throws AuthException { AuthVerifierResult authVerifierResult = new AuthVerifierResult(); HttpServletRequest request = accessControlContext.getRequest(); String uri = (String) request.getAttribute(WebKeys.INVOKER_FILTER_URI); if (uri.startsWith("/download/")) { String contextPath = request.getContextPath(); if (!contextPath.equals("/o/sync")) { return authVerifierResult; }//from w ww. j a v a 2 s .c o m } String token = request.getHeader(_TOKEN_HEADER); if (Validator.isNotNull(token)) { String userIdString = getUserId(token); if (userIdString != null) { authVerifierResult.setState(AuthVerifierResult.State.SUCCESS); authVerifierResult.setUserId(Long.valueOf(userIdString)); return authVerifierResult; } } HttpAuthorizationHeader httpAuthorizationHeader = HttpAuthManagerUtil.parse(request); if (httpAuthorizationHeader == null) { // SYNC-1463 Map<String, Object> settings = accessControlContext.getSettings(); settings.remove("basic_auth"); return authVerifierResult; } String scheme = httpAuthorizationHeader.getScheme(); if (!StringUtil.equalsIgnoreCase(scheme, HttpAuthorizationHeader.SCHEME_BASIC)) { return authVerifierResult; } try { long userId = HttpAuthManagerUtil.getBasicUserId(request); if (userId > 0) { token = createToken(userId); if (token != null) { HttpServletResponse response = accessControlContext.getResponse(); response.addHeader(_TOKEN_HEADER, token); } } else { userId = _userLocalService.getDefaultUserId(_portal.getCompanyId(request)); } authVerifierResult.setState(AuthVerifierResult.State.SUCCESS); authVerifierResult.setUserId(userId); return authVerifierResult; } catch (Exception e) { throw new AuthException(e); } }