001/*
002 * This library is part of OpenCms -
003 * the Open Source Content Management System
004 *
005 * Copyright (c) Alkacon Software GmbH & Co. KG (http://www.alkacon.com)
006 *
007 * This library is free software; you can redistribute it and/or
008 * modify it under the terms of the GNU Lesser General Public
009 * License as published by the Free Software Foundation; either
010 * version 2.1 of the License, or (at your option) any later version.
011 *
012 * This library is distributed in the hope that it will be useful,
013 * but WITHOUT ANY WARRANTY; without even the implied warranty of
014 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
015 * Lesser General Public License for more details.
016 *
017 * For further information about Alkacon Software GmbH & Co. KG, please see the
018 * company website: http://www.alkacon.com
019 *
020 * For further information about OpenCms, please see the
021 * project website: http://www.opencms.org
022 *
023 * You should have received a copy of the GNU Lesser General Public
024 * License along with this library; if not, write to the Free Software
025 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
026 */
027
028package org.opencms.ui.login;
029
030import org.opencms.crypto.CmsEncryptionException;
031import org.opencms.db.CmsUserSettings;
032import org.opencms.file.CmsObject;
033import org.opencms.file.CmsProject;
034import org.opencms.file.CmsResource;
035import org.opencms.file.CmsResourceFilter;
036import org.opencms.i18n.CmsAcceptLanguageHeaderParser;
037import org.opencms.i18n.CmsMessageContainer;
038import org.opencms.jsp.CmsJspLoginBean;
039import org.opencms.main.CmsException;
040import org.opencms.main.CmsLog;
041import org.opencms.main.OpenCms;
042import org.opencms.security.CmsDefaultAuthorizationHandler;
043import org.opencms.security.CmsOrganizationalUnit;
044import org.opencms.ui.apps.CmsAppHierarchyConfiguration;
045import org.opencms.ui.apps.CmsFileExplorerConfiguration;
046import org.opencms.ui.apps.CmsPageEditorConfiguration;
047import org.opencms.util.CmsRequestUtil;
048import org.opencms.util.CmsStringUtil;
049import org.opencms.workplace.CmsWorkplace;
050import org.opencms.workplace.CmsWorkplaceLoginHandler;
051import org.opencms.workplace.CmsWorkplaceManager;
052import org.opencms.workplace.CmsWorkplaceSettings;
053import org.opencms.workplace.Messages;
054
055import java.io.Serializable;
056import java.util.ArrayList;
057import java.util.Calendar;
058import java.util.GregorianCalendar;
059import java.util.Iterator;
060import java.util.List;
061import java.util.Locale;
062
063import javax.servlet.http.Cookie;
064import javax.servlet.http.HttpServletRequest;
065import javax.servlet.http.HttpServletResponse;
066
067import org.apache.commons.logging.Log;
068
069/**
070 * Utility to login users to the OpenCms workplace.<p>
071 */
072public class CmsLoginHelper extends CmsJspLoginBean {
073
074    /**
075     * Holds the current login parameters.<p>
076     */
077    public static class LoginParameters implements Serializable {
078
079        /** The serial version id. */
080        private static final long serialVersionUID = -2636377967076796207L;
081
082        /** The authorization token. */
083        private String m_authToken;
084
085        /** The locale to use for display, this will not be the workplace locale, but the browser locale. */
086        private Locale m_locale;
087
088        /** The logout flag. */
089        private boolean m_logout;
090
091        /** The value of the organizational unit parameter. */
092        private String m_oufqn;
093
094        /** The value of the PC type parameter. */
095        private String m_pcType;
096
097        /** The redirect URL after a successful login. */
098        private String m_requestedResource;
099
100        /** The value of the user name parameter. */
101        private String m_username;
102
103        /** Reset password flag. */
104        private boolean m_reset;
105
106        /**
107         * Constructor.<p>
108         *
109         * @param username the user name
110         * @param pcType the pc type
111         * @param oufqn the ou fqn
112         * @param requestedResource the requested resource
113         * @param locale the locale
114         * @param authToken the authorization token
115         * @param logout the logout flag
116         * @param reset flag to indicate whether we are in 'reset password' mode
117         */
118        public LoginParameters(
119            String username,
120            String pcType,
121            String oufqn,
122            String requestedResource,
123            Locale locale,
124            String authToken,
125            boolean logout,
126            boolean reset) {
127
128            m_username = username;
129            m_pcType = pcType;
130            m_oufqn = oufqn;
131            m_requestedResource = requestedResource;
132            m_locale = locale;
133            m_authToken = authToken;
134            m_logout = logout;
135            m_reset = reset;
136        }
137
138        /**
139         * Gets the authorization token.<p>
140         *
141         * @return the authorization token
142         */
143        public String getAuthToken() {
144
145            return m_authToken;
146        }
147
148        /**
149         * Returns the locale.<p>
150         *
151         * @return the locale
152         */
153        public Locale getLocale() {
154
155            return m_locale;
156        }
157
158        /**
159         * Returns the ou fqn.<p>
160         *
161         * @return the ou fqn
162         */
163        public String getOufqn() {
164
165            return m_oufqn;
166        }
167
168        /**
169         * Returns the pc type.<p>
170         *
171         * @return the pc type
172         */
173        public String getPcType() {
174
175            return m_pcType;
176        }
177
178        /**
179         * Returns the requested resource.<p>
180         *
181         * @return the requested resource
182         */
183        public String getRequestedResource() {
184
185            return m_requestedResource;
186        }
187
188        /**
189         * Returns the user name.<p>
190         *
191         * @return the user name
192         */
193        public String getUsername() {
194
195            return m_username;
196        }
197
198        /**
199         * Returns if a logout is requested.<p>
200         *
201         * @return the logout flag
202         */
203        public boolean isLogout() {
204
205            return m_logout;
206        }
207
208        /**
209         * Returns whether the pc type is private.<p>
210         *
211         * @return <code>true</code> if the pc type is private
212         */
213        public boolean isPrivatePc() {
214
215            return (m_pcType == null) || m_pcType.equals(PCTYPE_PRIVATE);
216        }
217
218        /**
219         * Returns true if we are in 'reset password' mode.<p>
220         *
221         * @return true in reset mode, false otherwise
222         */
223        public boolean isReset() {
224
225            return m_reset;
226        }
227    }
228
229    /** Action constant: Default action, display the dialog. */
230    public static final int ACTION_DISPLAY = 0;
231
232    /** Action constant: Login successful. */
233    public static final int ACTION_LOGIN = 1;
234
235    /** Action constant: Logout. */
236    public static final int ACTION_LOGOUT = 2;
237
238    /** The parameter name for the "getoulist" action. */
239    public static final String PARAM_ACTION_GETOULIST = "getoulist";
240
241    /** The parameter name for the "login" action. */
242    public static final String PARAM_ACTION_LOGIN = "login";
243
244    /** The parameter name for the "logout" action. */
245    public static final String PARAM_ACTION_LOGOUT = "logout";
246
247    /** Parameter name for the authorization token. */
248    public static final String PARAM_AUTHTOKEN = "at";
249
250    /** The html id for the login form. */
251    public static final String PARAM_FORM = "ocLoginForm";
252
253    /** The parameter name for the organizational unit. */
254    public static final String PARAM_OUFQN = "ocOuFqn";
255
256    /** The parameter name for the search organizational unit. */
257    public static final String PARAM_OUSEARCH = "ocOuSearch";
258
259    /** The parameter name for the password. */
260    public static final String PARAM_PASSWORD = "ocPword";
261
262    /** The parameter name for the PC type. */
263    public static final String PARAM_PCTYPE = "ocPcType";
264
265    /** The parameter name for the organizational unit. */
266    public static final String PARAM_PREDEF_OUFQN = "ocPredefOuFqn";
267
268    /** The parameter name for the user name. */
269    public static final String PARAM_USERNAME = "ocUname";
270
271    /** Parameter used to open the 'send reset mail' view instead of the login dialog. */
272    public static final String PARAM_RESET_PASSWORD = "reset";
273
274    /** The parameter name for the workplace data. */
275    public static final String PARAM_WPDATA = "ocWpData";
276
277    /** PC type constant: private PC. */
278    public static final String PCTYPE_PRIVATE = "private";
279
280    /** PC type constant: public PC. */
281    public static final String PCTYPE_PUBLIC = "public";
282
283    /** The oufqn cookie name. */
284    private static final String COOKIE_OUFQN = "OpenCmsOuFqn";
285
286    /** The PC type cookie name. */
287    private static final String COOKIE_PCTYPE = "OpenCmsPcType";
288
289    /** The username cookie name. */
290    private static final String COOKIE_USERNAME = "OpenCmsUserName";
291
292    /** The log object for this class. */
293    private static final Log LOG = CmsLog.getLog(CmsLoginHelper.class);
294
295    /**
296     * Gets the copyright information HTML.<p>
297     *
298     * @param locale the locale for which to get the copyright info
299     *
300     * @return the copyright info HTML
301     */
302    public static String getCopyrightHtml(Locale locale) {
303
304        StringBuffer html = new StringBuffer();
305        html.append("<div style=\"text-align: center; font-size: 10px; white-space: nowrap;\">");
306        html.append("<a href=\"http://www.opencms.org\" target=\"_blank\">OpenCms</a> ");
307        html.append(Messages.get().getBundle(locale).key(Messages.GUI_LOGIN_OPENCMS_IS_FREE_SOFTWARE_0));
308        html.append("</div>\n");
309        html.append("<div style=\"text-align: center; font-size: 10px; white-space: nowrap;\">");
310        html.append(Messages.get().getBundle(locale).key(Messages.GUI_LOGIN_TRADEMARKS_0));
311        html.append("</div>\n");
312        html.append("<div style=\"text-align: center; font-size: 10px; white-space: nowrap;\">");
313        html.append("&copy; 2002 - 2024 Alkacon Software GmbH &amp; Co. KG. ");
314        html.append(Messages.get().getBundle(locale).key(Messages.GUI_LOGIN_RIGHTS_RESERVED_0));
315        html.append("</div>\n");
316        return html.toString();
317    }
318
319    /**
320     * Returns the direct edit path from the user settings, or <code>null</code> if not set.<p>
321     *
322     * @param cms the CMS context to use
323     * @param userSettings the user settings
324     * @param forceDirectEdit <code>true</code> to ignore the start view
325     *
326     * @return the direct edit path
327     */
328    public static String getDirectEditPath(CmsObject cms, CmsUserSettings userSettings, boolean forceDirectEdit) {
329
330        if (forceDirectEdit
331            || (userSettings.getStartView().equals(CmsWorkplace.VIEW_DIRECT_EDIT)
332                | userSettings.getStartView().equals(CmsPageEditorConfiguration.APP_ID))) {
333
334            try {
335                CmsObject cloneCms = OpenCms.initCmsObject(cms);
336                String startSite = CmsWorkplace.getStartSiteRoot(cloneCms, userSettings);
337                cloneCms.getRequestContext().setSiteRoot(startSite);
338                String projectName = userSettings.getStartProject();
339                if (CmsStringUtil.isNotEmptyOrWhitespaceOnly(projectName)) {
340                    cloneCms.getRequestContext().setCurrentProject(cloneCms.readProject(projectName));
341                }
342                String folder = userSettings.getStartFolder();
343                if (!cloneCms.existsResource(folder)) {
344                    folder = "/";
345                }
346                CmsResource targetRes = cloneCms.readDefaultFile(folder, CmsResourceFilter.ONLY_VISIBLE_NO_DELETED);
347                if (targetRes != null) {
348                    return cloneCms.getSitePath(targetRes);
349                }
350            } catch (Exception e) {
351                LOG.debug(e.getLocalizedMessage(), e);
352            }
353        }
354        return null;
355    }
356
357    /**
358     * Returns the login parameters for the current request.<p>
359     *
360     * @param cms the cms context
361     * @param request the request
362     * @param workplaceUiRequest true if this is called from a workplace UI request
363     *
364     * @return the login parameters
365     */
366    public static LoginParameters getLoginParameters(
367        CmsObject cms,
368        HttpServletRequest request,
369        boolean workplaceUiRequest) {
370
371        String authToken = request.getParameter(PARAM_AUTHTOKEN);
372
373        String actionLogout = CmsRequestUtil.getNotEmptyParameter(request, PARAM_ACTION_LOGOUT);
374        boolean logout = Boolean.valueOf(actionLogout).booleanValue();
375        String oufqn = request.getParameter(PARAM_OUFQN);
376        if (oufqn == null) {
377            oufqn = getPreDefOuFqn(cms, request, logout);
378        }
379        String pcType = getPcType(request);
380
381        String username = CmsRequestUtil.getNotEmptyParameter(request, PARAM_USERNAME);
382        if (username != null) {
383            // remove white spaces, can only lead to confusion on user name
384            username = username.trim();
385        }
386        // get cookies only on private PC types (or if security option is disabled)
387        if ((pcType == null) || PCTYPE_PRIVATE.equals(pcType)) {
388            // get the user name cookie
389            Cookie userNameCookie = getCookie(request, COOKIE_USERNAME);
390            if (CmsStringUtil.isNotEmptyOrWhitespaceOnly(userNameCookie.getValue())
391                && !"null".equals(userNameCookie.getValue())) {
392                // only set the data if needed
393                if (username == null) {
394                    username = userNameCookie.getValue();
395                }
396                if (pcType == null) {
397                    // set PC type to private PC if the user cookie is found
398                    pcType = PCTYPE_PRIVATE;
399                }
400            }
401            if (oufqn == null) {
402                // get the organizational unit cookie
403                Cookie ouFqnCookie = getCookie(request, COOKIE_OUFQN);
404                if (CmsStringUtil.isNotEmptyOrWhitespaceOnly(ouFqnCookie.getValue())
405                    && !"null".equals(ouFqnCookie.getValue())) {
406                    oufqn = ouFqnCookie.getValue();
407                }
408            }
409        }
410        String requestedResource = CmsRequestUtil.getNotEmptyParameter(
411            request,
412            CmsWorkplaceManager.PARAM_LOGIN_REQUESTED_RESOURCE);
413        boolean validRequestedResource = false;
414        if (!CmsStringUtil.isEmptyOrWhitespaceOnly(requestedResource)) {
415            String encryptedRequestedResource = request.getParameter(
416                CmsDefaultAuthorizationHandler.PARAM_ENCRYPTED_REQUESTED_RESOURCE);
417            try {
418                String decryptedResource = OpenCms.getDefaultTextEncryption().decrypt(encryptedRequestedResource);
419                if (requestedResource.equals(decryptedResource)) {
420                    validRequestedResource = true;
421                }
422            } catch (CmsEncryptionException e) {
423                LOG.warn(e.getLocalizedMessage(), e);
424            }
425            if (!validRequestedResource) {
426                requestedResource = null;
427            }
428        }
429        Locale locale = getLocaleForRequest(request);
430        String resetStr = request.getParameter(PARAM_RESET_PASSWORD);
431        boolean reset = (resetStr != null);
432        return new LoginParameters(username, pcType, oufqn, requestedResource, locale, authToken, logout, reset);
433    }
434
435    /**
436     * Gets the list of OUs which should be selectable in the login dialog.<p>
437     *
438     * @param cms the CMS context to use
439     * @param predefOu the predefined OU
440     *
441     * @return the list of organizational units for the OU selector
442     */
443    public static List<CmsOrganizationalUnit> getOrgUnitsForLoginDialog(CmsObject cms, String predefOu) {
444
445        List<CmsOrganizationalUnit> result = new ArrayList<CmsOrganizationalUnit>();
446        try {
447            if (predefOu == null) {
448                result.add(OpenCms.getOrgUnitManager().readOrganizationalUnit(cms, ""));
449                result.addAll(OpenCms.getOrgUnitManager().getOrganizationalUnits(cms, "", true));
450                Iterator<CmsOrganizationalUnit> itOus = result.iterator();
451                while (itOus.hasNext()) {
452                    CmsOrganizationalUnit ou = itOus.next();
453                    if (ou.hasFlagHideLogin() || ou.hasFlagWebuser()) {
454                        itOus.remove();
455                    }
456                }
457            } else {
458                result.add(OpenCms.getOrgUnitManager().readOrganizationalUnit(cms, predefOu));
459            }
460        } catch (CmsException e) {
461            LOG.error(e.getLocalizedMessage(), e);
462        }
463        return result;
464
465    }
466
467    /**
468     * Returns the start view.<p>
469     *
470     * @param cms the cms context
471     *
472     * @return the start view
473     */
474    public static String getStartView(CmsObject cms) {
475
476        CmsUserSettings settings = new CmsUserSettings(cms);
477        String targetView = getDirectEditPath(cms, settings, false);
478        if (targetView == null) {
479            if (settings.getStartView().startsWith("/")) {
480                if (CmsWorkplace.VIEW_WORKPLACE.equals(settings.getStartView())) {
481                    targetView = "#" + CmsFileExplorerConfiguration.APP_ID;
482                } else if (CmsWorkplace.VIEW_ADMIN.equals(settings.getStartView())) {
483                    targetView = "#" + CmsAppHierarchyConfiguration.APP_ID;
484                }
485            } else {
486                targetView = "#" + settings.getStartView();
487            }
488        }
489        return targetView;
490    }
491
492    /**
493     * Gets the window title for a given locale.<p>
494     *
495     * @param locale the locale
496     * @return the window title
497     */
498    public static String getTitle(Locale locale) {
499
500        return Messages.get().getBundle(locale).key(Messages.GUI_LOGIN_TITLE_0);
501    }
502
503    /**
504     * Initializes the site and project for a CMS context after login, and returns the workplace settings for the corresponding user.<p>
505     *
506     * @param cms the CMS context which should be initialized
507     * @return the workplace set
508     */
509    public static CmsWorkplaceSettings initSiteAndProject(CmsObject cms) {
510
511        CmsWorkplaceSettings workplaceSettings = CmsWorkplace.initWorkplaceSettings(cms, null, false);
512        String startSite = CmsWorkplace.getStartSiteRoot(cms, workplaceSettings);
513        // switch to the preferred site
514        workplaceSettings.setSite(startSite);
515        cms.getRequestContext().setSiteRoot(startSite);
516        // store the workplace settings
517        CmsUserSettings settings = workplaceSettings.getUserSettings();
518        // get the direct edit path
519
520        try {
521            CmsProject project = cms.readProject(settings.getStartProject());
522            if (OpenCms.getOrgUnitManager().getAllAccessibleProjects(cms, project.getOuFqn(), false).contains(
523                project)) {
524                // user has access to the project, set this as current project
525                workplaceSettings.setProject(project.getUuid());
526                cms.getRequestContext().setCurrentProject(project);
527            }
528        } catch (CmsException e) {
529            // unable to set the startup project, bad but not critical
530            LOG.warn(
531                Messages.get().getBundle().key(
532                    Messages.LOG_LOGIN_NO_STARTUP_PROJECT_2,
533                    cms.getRequestContext().getCurrentUser().getName(),
534                    settings.getStartProject()),
535                e);
536        }
537        return workplaceSettings;
538    }
539
540    /**
541     * Sets the cookie data.<p>
542     *
543     * @param pcType the pctype value
544     * @param username the username value
545     * @param oufqn the oufqn value
546     *
547     * @param request the current request
548     * @param response the current response
549     */
550    public static void setCookieData(
551        String pcType,
552        String username,
553        String oufqn,
554        HttpServletRequest request,
555        HttpServletResponse response) {
556
557        if (CmsStringUtil.isEmpty(oufqn)) {
558            oufqn = "/";
559        }
560        // set the PC type cookie only if security dialog is enabled
561        if (OpenCms.getLoginManager().isEnableSecurity() && CmsStringUtil.isNotEmpty(pcType)) {
562            Cookie pcTypeCookie = getCookie(request, COOKIE_PCTYPE);
563            pcTypeCookie.setValue(pcType);
564            setCookie(pcTypeCookie, false, request, response);
565        }
566
567        // only store user name and OU cookies on private PC types
568        if (PCTYPE_PRIVATE.equals(pcType)) {
569            // set the user name cookie
570            Cookie userNameCookie = getCookie(request, COOKIE_USERNAME);
571            userNameCookie.setValue(username);
572            setCookie(userNameCookie, false, request, response);
573
574            // set the organizational unit cookie
575            Cookie ouFqnCookie = getCookie(request, COOKIE_OUFQN);
576            ouFqnCookie.setValue(oufqn);
577            setCookie(ouFqnCookie, false, request, response);
578        } else if (OpenCms.getLoginManager().isEnableSecurity() && PCTYPE_PUBLIC.equals(pcType)) {
579            // delete user name and organizational unit cookies
580            Cookie userNameCookie = getCookie(request, COOKIE_USERNAME);
581            setCookie(userNameCookie, true, request, response);
582            Cookie ouFqnCookie = getCookie(request, COOKIE_OUFQN);
583            setCookie(ouFqnCookie, true, request, response);
584
585        }
586    }
587
588    /**
589     * Checks that the user name and password are not empty, and returns an error message if they are.<p>
590     *
591     * @param username the user name
592     * @param password the password
593     *
594     * @return the error message, or null if the user name and password are OK
595     */
596    public static CmsMessageContainer validateUserAndPasswordNotEmpty(String username, String password) {
597
598        boolean userEmpty = CmsStringUtil.isEmpty(username);
599        boolean passwordEmpty = CmsStringUtil.isEmpty(password);
600
601        // login was requested
602        if (userEmpty && passwordEmpty) {
603            return Messages.get().container(Messages.GUI_LOGIN_NO_DATA_0);
604        } else if (userEmpty) {
605            return Messages.get().container(Messages.GUI_LOGIN_NO_NAME_0);
606        } else if (passwordEmpty) {
607            return Messages.get().container(Messages.GUI_LOGIN_NO_PASSWORD_0);
608        }
609        return null;
610    }
611
612    /**
613     * Returns the cookie with the given name, if not cookie is found a new one is created.<p>
614     *
615     * @param request the current request
616     * @param name the name of the cookie
617     *
618     * @return the cookie
619     */
620    protected static Cookie getCookie(HttpServletRequest request, String name) {
621
622        Cookie[] cookies = request.getCookies();
623        for (int i = 0; (cookies != null) && (i < cookies.length); i++) {
624            if (name.equalsIgnoreCase(cookies[i].getName())) {
625                return cookies[i];
626            }
627        }
628        return new Cookie(name, "");
629    }
630
631    /**
632     * Sets the cookie in the response.<p>
633     *
634     * @param cookie the cookie to set
635     * @param delete flag to determine if the cookir should be deleted
636     * @param request the current request
637     * @param response the current response
638     */
639    protected static void setCookie(
640        Cookie cookie,
641        boolean delete,
642        HttpServletRequest request,
643        HttpServletResponse response) {
644
645        if (request.getAttribute(PARAM_PREDEF_OUFQN) != null) {
646            // prevent the use of cookies if using a direct ou login url
647            return;
648        }
649        int maxAge = 0;
650        if (!delete) {
651            // set the expiration date of the cookie to six months from today
652            GregorianCalendar cal = new GregorianCalendar();
653            cal.add(Calendar.MONTH, 6);
654            maxAge = (int)((cal.getTimeInMillis() - System.currentTimeMillis()) / 1000);
655        }
656        cookie.setMaxAge(maxAge);
657        // set the path
658        cookie.setPath(
659            CmsStringUtil.joinPaths(
660                OpenCms.getStaticExportManager().getVfsPrefix(),
661                CmsWorkplaceLoginHandler.LOGIN_HANDLER));
662        // set the cookie
663        response.addCookie(cookie);
664    }
665
666    /**
667     * Returns the locale for the given request.<p>
668     *
669     * @param req the request
670     *
671     * @return the locale
672     */
673    private static Locale getLocaleForRequest(HttpServletRequest req) {
674
675        CmsAcceptLanguageHeaderParser parser = new CmsAcceptLanguageHeaderParser(
676            req,
677            OpenCms.getWorkplaceManager().getDefaultLocale());
678        List<Locale> acceptedLocales = parser.getAcceptedLocales();
679        List<Locale> workplaceLocales = OpenCms.getWorkplaceManager().getLocales();
680        Locale locale = OpenCms.getLocaleManager().getFirstMatchingLocale(acceptedLocales, workplaceLocales);
681        if (locale == null) {
682            // no match found - use OpenCms default locale
683            locale = OpenCms.getWorkplaceManager().getDefaultLocale();
684        }
685        return locale;
686    }
687
688    /**
689     * Returns the pc type of the current request.<p>
690     *
691     * @param request the request
692     *
693     * @return the pc type
694     */
695    private static String getPcType(HttpServletRequest request) {
696
697        String pcType = null;
698        if (!OpenCms.getLoginManager().isEnableSecurity()) {
699            // if security option is disabled, just set PC type to "private" to get common login dialog
700            pcType = PCTYPE_PRIVATE;
701        } else {
702            // security option is enabled, try to get PC type from request parameter
703            pcType = CmsRequestUtil.getNotEmptyParameter(request, PARAM_PCTYPE);
704            if (pcType == null) {
705                Cookie pcTypeCookie = getCookie(request, COOKIE_PCTYPE);
706                if (CmsStringUtil.isNotEmptyOrWhitespaceOnly(pcTypeCookie.getValue())
707                    && !"null".equals(pcTypeCookie.getValue())) {
708                    pcType = pcTypeCookie.getValue();
709                }
710            }
711
712        }
713        return pcType;
714    }
715
716    /**
717     * Returns the pre defined ou fqn.<p>
718     *
719     * @param cms the cms context
720     * @param request the request
721     * @param logout in case of a logout
722     *
723     * @return the ou fqn
724     */
725    private static String getPreDefOuFqn(CmsObject cms, HttpServletRequest request, boolean logout) {
726
727        if (logout && (request.getAttribute(PARAM_PREDEF_OUFQN) == null)) {
728            String oufqn = cms.getRequestContext().getOuFqn();
729            if (!oufqn.startsWith(CmsOrganizationalUnit.SEPARATOR)) {
730                oufqn = CmsOrganizationalUnit.SEPARATOR + oufqn;
731            }
732            request.setAttribute(CmsLoginHelper.PARAM_PREDEF_OUFQN, oufqn);
733        }
734        return (String)request.getAttribute(PARAM_PREDEF_OUFQN);
735    }
736}