1
19
20 package com.liferay.portal.spring.servlet;
21
22 import com.liferay.portal.kernel.log.Log;
23 import com.liferay.portal.kernel.log.LogFactoryUtil;
24 import com.liferay.portal.kernel.util.GetterUtil;
25 import com.liferay.portal.model.User;
26 import com.liferay.portal.security.auth.CompanyThreadLocal;
27 import com.liferay.portal.security.auth.PrincipalThreadLocal;
28 import com.liferay.portal.security.permission.PermissionChecker;
29 import com.liferay.portal.security.permission.PermissionCheckerFactory;
30 import com.liferay.portal.security.permission.PermissionThreadLocal;
31 import com.liferay.portal.service.UserLocalServiceUtil;
32 import com.liferay.portal.spring.context.TunnelApplicationContext;
33 import com.liferay.portal.util.PortalInstances;
34
35 import javax.servlet.ServletException;
36 import javax.servlet.http.HttpServletRequest;
37 import javax.servlet.http.HttpServletResponse;
38
39 import org.springframework.web.servlet.DispatcherServlet;
40
41
47 public class RemotingServlet extends DispatcherServlet {
48
49 public static final String CONTEXT_CLASS =
50 TunnelApplicationContext.class.getName();
51
52 public static final String CONTEXT_CONFIG_LOCATION =
53 "/WEB-INF/remoting-servlet.xml,/WEB-INF/remoting-servlet-ext.xml";
54
55 public Class<?> getContextClass() {
56 try {
57 return Class.forName(CONTEXT_CLASS);
58 }
59 catch (Exception e) {
60 _log.error(e);
61 }
62
63 return null;
64 }
65
66 public String getContextConfigLocation() {
67 return CONTEXT_CONFIG_LOCATION;
68 }
69
70 public void service(
71 HttpServletRequest request, HttpServletResponse response)
72 throws ServletException {
73
74 PermissionChecker permissionChecker = null;
75
76 try {
77 String remoteUser = request.getRemoteUser();
78
79 if (_log.isDebugEnabled()) {
80 _log.debug("Remote user " + remoteUser);
81 }
82
83 long companyId = PortalInstances.getCompanyId(request);
84
85 CompanyThreadLocal.setCompanyId(companyId);
86
87 if (remoteUser != null) {
88 PrincipalThreadLocal.setName(remoteUser);
89
90 long userId = GetterUtil.getLong(remoteUser);
91
92 User user = UserLocalServiceUtil.getUserById(userId);
93
94 permissionChecker = PermissionCheckerFactory.create(user, true);
95
96 PermissionThreadLocal.setPermissionChecker(permissionChecker);
97 }
98 else {
99 if (_log.isWarnEnabled()) {
100 _log.warn(
101 "User id is not provided. An exception will be " +
102 "thrown if a protected method is accessed.");
103 }
104 }
105
106 super.service(request, response);
107 }
108 catch (Exception e) {
109 throw new ServletException(e);
110 }
111 finally {
112 try {
113 PermissionCheckerFactory.recycle(permissionChecker);
114 }
115 catch (Exception e) {
116 }
117 }
118 }
119
120 private static Log _log = LogFactoryUtil.getLog(RemotingServlet.class);
121
122 }