1   /**
2    * Copyright (c) 2000-2009 Liferay, Inc. All rights reserved.
3    *
4    * Permission is hereby granted, free of charge, to any person obtaining a copy
5    * of this software and associated documentation files (the "Software"), to deal
6    * in the Software without restriction, including without limitation the rights
7    * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
8    * copies of the Software, and to permit persons to whom the Software is
9    * furnished to do so, subject to the following conditions:
10   *
11   * The above copyright notice and this permission notice shall be included in
12   * all copies or substantial portions of the Software.
13   *
14   * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
15   * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
16   * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
17   * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
18   * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
19   * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
20   * SOFTWARE.
21   */
22  
23  package com.liferay.portal.struts;
24  
25  import com.liferay.portal.LayoutPermissionException;
26  import com.liferay.portal.PortletActiveException;
27  import com.liferay.portal.RequiredRoleException;
28  import com.liferay.portal.UserActiveException;
29  import com.liferay.portal.kernel.log.Log;
30  import com.liferay.portal.kernel.log.LogFactoryUtil;
31  import com.liferay.portal.kernel.portlet.FriendlyURLMapper;
32  import com.liferay.portal.kernel.servlet.HttpMethods;
33  import com.liferay.portal.kernel.servlet.SessionErrors;
34  import com.liferay.portal.kernel.util.HttpUtil;
35  import com.liferay.portal.kernel.util.JavaConstants;
36  import com.liferay.portal.kernel.util.ParamUtil;
37  import com.liferay.portal.kernel.util.StringPool;
38  import com.liferay.portal.kernel.util.Validator;
39  import com.liferay.portal.liveusers.LiveUsers;
40  import com.liferay.portal.model.Layout;
41  import com.liferay.portal.model.LayoutConstants;
42  import com.liferay.portal.model.Portlet;
43  import com.liferay.portal.model.PortletPreferencesIds;
44  import com.liferay.portal.model.User;
45  import com.liferay.portal.model.UserTracker;
46  import com.liferay.portal.model.UserTrackerPath;
47  import com.liferay.portal.security.auth.PrincipalException;
48  import com.liferay.portal.security.permission.ActionKeys;
49  import com.liferay.portal.security.permission.PermissionChecker;
50  import com.liferay.portal.service.LayoutLocalServiceUtil;
51  import com.liferay.portal.service.PortletLocalServiceUtil;
52  import com.liferay.portal.service.PortletPreferencesLocalServiceUtil;
53  import com.liferay.portal.service.permission.PortletPermissionUtil;
54  import com.liferay.portal.service.persistence.UserTrackerPathUtil;
55  import com.liferay.portal.theme.ThemeDisplay;
56  import com.liferay.portal.util.PortalUtil;
57  import com.liferay.portal.util.PropsKeys;
58  import com.liferay.portal.util.PropsUtil;
59  import com.liferay.portal.util.PropsValues;
60  import com.liferay.portal.util.WebKeys;
61  import com.liferay.portlet.InvokerPortlet;
62  import com.liferay.portlet.PortletConfigFactory;
63  import com.liferay.portlet.PortletInstanceFactory;
64  import com.liferay.portlet.PortletPreferencesFactoryUtil;
65  import com.liferay.portlet.PortletURLImpl;
66  import com.liferay.portlet.RenderRequestFactory;
67  import com.liferay.portlet.RenderRequestImpl;
68  import com.liferay.portlet.RenderResponseFactory;
69  import com.liferay.portlet.RenderResponseImpl;
70  
71  import java.io.IOException;
72  
73  import java.util.Date;
74  import java.util.HashSet;
75  import java.util.Iterator;
76  import java.util.Map.Entry;
77  import java.util.Map;
78  import java.util.Set;
79  
80  import javax.portlet.PortletConfig;
81  import javax.portlet.PortletContext;
82  import javax.portlet.PortletMode;
83  import javax.portlet.PortletPreferences;
84  import javax.portlet.PortletRequest;
85  import javax.portlet.WindowState;
86  
87  import javax.servlet.ServletContext;
88  import javax.servlet.ServletException;
89  import javax.servlet.http.HttpServletRequest;
90  import javax.servlet.http.HttpServletResponse;
91  import javax.servlet.http.HttpSession;
92  import javax.servlet.jsp.PageContext;
93  
94  import org.apache.struts.action.ActionMapping;
95  import org.apache.struts.config.ForwardConfig;
96  import org.apache.struts.tiles.TilesRequestProcessor;
97  
98  /**
99   * <a href="PortalRequestProcessor.java.html"><b><i>View Source</i></b></a>
100  *
101  * @author Brian Wing Shun Chan
102  * @author Jorge Ferrer
103  *
104  */
105 public class PortalRequestProcessor extends TilesRequestProcessor {
106 
107     public PortalRequestProcessor() {
108 
109         // auth.forward.last.path.
110 
111         _lastPaths = new HashSet<String>();
112 
113         _lastPaths.add(_PATH_PORTAL_LAYOUT);
114 
115         addPaths(_lastPaths, PropsKeys.AUTH_FORWARD_LAST_PATHS);
116 
117         // auth.public.path.
118 
119         _publicPaths = new HashSet<String>();
120 
121         _publicPaths.add(_PATH_C);
122         _publicPaths.add(_PATH_PORTAL_FLASH);
123         _publicPaths.add(_PATH_PORTAL_J_LOGIN);
124         _publicPaths.add(_PATH_PORTAL_LAYOUT);
125         _publicPaths.add(_PATH_PORTAL_LOGIN);
126         _publicPaths.add(_PATH_PORTAL_LOGIN_CAPTCHA);
127         _publicPaths.add(_PATH_PORTAL_RENDER_PORTLET);
128         _publicPaths.add(_PATH_PORTAL_TCK);
129 
130         addPaths(_publicPaths, PropsKeys.AUTH_PUBLIC_PATHS);
131 
132         _trackerIgnorePaths = new HashSet<String>();
133 
134         addPaths(_trackerIgnorePaths, PropsKeys.SESSION_TRACKER_IGNORE_PATHS);
135     }
136 
137     public void process(
138             HttpServletRequest request, HttpServletResponse response)
139         throws IOException, ServletException {
140 
141         String path = super.processPath(request, response);
142 
143         ActionMapping mapping = (ActionMapping)moduleConfig.findActionConfig(
144             path);
145 
146         if ((mapping == null) && !path.startsWith(_PATH_WSRP)) {
147             String lastPath = getLastPath(request);
148 
149             if (_log.isDebugEnabled()) {
150                 _log.debug("Last path " + lastPath);
151             }
152 
153             response.sendRedirect(lastPath);
154 
155             return;
156         }
157 
158         super.process(request, response);
159 
160         try {
161             if (isPortletPath(path)) {
162                 cleanUp(request);
163             }
164         }
165         catch (Exception e) {
166             _log.error(e, e);
167         }
168     }
169 
170     protected void addPaths(Set<String> paths, String propsKey) {
171         String[] pathsArray = PropsUtil.getArray(propsKey);
172 
173         for (String path : pathsArray) {
174             paths.add(path);
175         }
176     }
177 
178     protected void callParentDoForward(
179             String uri, HttpServletRequest request,
180             HttpServletResponse response)
181         throws IOException, ServletException {
182 
183         super.doForward(uri, request, response);
184     }
185 
186     protected HttpServletRequest callParentProcessMultipart(
187         HttpServletRequest request) {
188 
189         return super.processMultipart(request);
190     }
191 
192     protected String callParentProcessPath(
193             HttpServletRequest request, HttpServletResponse response)
194         throws IOException {
195 
196         return super.processPath(request, response);
197     }
198 
199     protected boolean callParentProcessRoles(
200             HttpServletRequest request, HttpServletResponse response,
201             ActionMapping mapping)
202         throws IOException, ServletException {
203 
204         return super.processRoles(request, response, mapping);
205     }
206 
207     protected void cleanUp(HttpServletRequest request) throws Exception {
208 
209         // Clean up portlet objects that may have been created by defineObjects
210         // for portlets that are called directly from a Struts path
211 
212         RenderRequestImpl renderRequestImpl =
213             (RenderRequestImpl)request.getAttribute(
214                 JavaConstants.JAVAX_PORTLET_REQUEST);
215 
216         if (renderRequestImpl != null) {
217             RenderRequestFactory.recycle(renderRequestImpl);
218         }
219 
220         RenderResponseImpl renderResponseImpl =
221             (RenderResponseImpl)request.getAttribute(
222                 JavaConstants.JAVAX_PORTLET_RESPONSE);
223 
224         if (renderResponseImpl != null) {
225             RenderResponseFactory.recycle(renderResponseImpl);
226         }
227     }
228 
229     protected void defineObjects(
230             HttpServletRequest request, HttpServletResponse response,
231             Portlet portlet)
232         throws Exception {
233 
234         String portletId = portlet.getPortletId();
235 
236         ServletContext servletContext = (ServletContext)request.getAttribute(
237             WebKeys.CTX);
238 
239         InvokerPortlet invokerPortlet = PortletInstanceFactory.create(
240             portlet, servletContext);
241 
242         PortletPreferencesIds portletPreferencesIds =
243             PortletPreferencesFactoryUtil.getPortletPreferencesIds(
244                 request, portletId);
245 
246         PortletPreferences portletPreferences =
247             PortletPreferencesLocalServiceUtil.getPreferences(
248                 portletPreferencesIds);
249 
250         PortletConfig portletConfig = PortletConfigFactory.create(
251             portlet, servletContext);
252         PortletContext portletContext = portletConfig.getPortletContext();
253 
254         RenderRequestImpl renderRequestImpl = RenderRequestFactory.create(
255             request, portlet, invokerPortlet, portletContext,
256             WindowState.MAXIMIZED, PortletMode.VIEW, portletPreferences);
257 
258         RenderResponseImpl renderResponseImpl = RenderResponseFactory.create(
259             renderRequestImpl, response, portletId, portlet.getCompanyId());
260 
261         renderRequestImpl.defineObjects(portletConfig, renderResponseImpl);
262 
263         request.setAttribute(WebKeys.PORTLET_STRUTS_EXECUTE, Boolean.TRUE);
264     }
265 
266     protected void doForward(
267             String uri, HttpServletRequest request,
268             HttpServletResponse response)
269         throws ServletException {
270 
271         StrutsUtil.forward(uri, getServletContext(), request, response);
272     }
273 
274     protected void doInclude(
275             String uri, HttpServletRequest request,
276             HttpServletResponse response)
277         throws ServletException {
278 
279         StrutsUtil.include(uri, getServletContext(), request, response);
280     }
281 
282     protected StringBuilder getFriendlyTrackerPath(
283             String path, ThemeDisplay themeDisplay, HttpServletRequest request)
284         throws Exception {
285 
286         if (!path.equals(_PATH_PORTAL_LAYOUT)) {
287             return null;
288         }
289 
290         long plid = ParamUtil.getLong(request, "p_l_id");
291 
292         if (plid == 0) {
293             return null;
294         }
295 
296         Layout layout = LayoutLocalServiceUtil.getLayout(plid);
297 
298         String layoutFriendlyURL = PortalUtil.getLayoutFriendlyURL(
299             layout, themeDisplay);
300 
301         StringBuilder sb = new StringBuilder();
302 
303         sb.append(layoutFriendlyURL);
304 
305         String portletId = ParamUtil.getString(request, "p_p_id");
306 
307         if (Validator.isNull(portletId)) {
308             return sb;
309         }
310 
311         long companyId = PortalUtil.getCompanyId(request);
312 
313         Portlet portlet = PortletLocalServiceUtil.getPortletById(
314             companyId, portletId);
315 
316         if (portlet == null) {
317             String strutsPath = path.substring(
318                 1, path.lastIndexOf(StringPool.SLASH));
319 
320             portlet = PortletLocalServiceUtil.getPortletByStrutsPath(
321                 companyId, strutsPath);
322         }
323 
324         if ((portlet == null) || !portlet.isActive()) {
325             sb.append(StringPool.QUESTION);
326             sb.append(request.getQueryString());
327 
328             return sb;
329         }
330 
331         String namespace = PortalUtil.getPortletNamespace(portletId);
332 
333         FriendlyURLMapper friendlyURLMapper =
334             portlet.getFriendlyURLMapperInstance();
335 
336         if (friendlyURLMapper == null) {
337             sb.append(StringPool.QUESTION);
338             sb.append(request.getQueryString());
339 
340             return sb;
341         }
342 
343         PortletURLImpl portletURL = new PortletURLImpl(
344             request, portletId, plid, PortletRequest.RENDER_PHASE);
345 
346         Iterator<Map.Entry<String, String[]>> itr =
347             request.getParameterMap().entrySet().iterator();
348 
349         while (itr.hasNext()) {
350             Entry<String, String[]> entry = itr.next();
351 
352             String key = entry.getKey();
353 
354             if (key.startsWith(namespace)) {
355                 key = key.substring(namespace.length());
356 
357                 portletURL.setParameter(key, entry.getValue());
358             }
359         }
360 
361         String portletFriendlyURL = friendlyURLMapper.buildPath(portletURL);
362 
363         if (portletFriendlyURL != null) {
364             sb.append(portletFriendlyURL);
365         }
366         else {
367             sb.append(StringPool.QUESTION);
368             sb.append(request.getQueryString());
369         }
370 
371         return sb;
372     }
373 
374     protected String getLastPath(HttpServletRequest request) {
375         HttpSession session = request.getSession();
376 
377         ThemeDisplay themeDisplay = (ThemeDisplay)request.getAttribute(
378             WebKeys.THEME_DISPLAY);
379 
380         Boolean httpsInitial = (Boolean)session.getAttribute(
381             WebKeys.HTTPS_INITIAL);
382 
383         String portalURL = null;
384 
385         if ((PropsValues.COMPANY_SECURITY_AUTH_REQUIRES_HTTPS) &&
386             (httpsInitial != null) && (!httpsInitial.booleanValue())) {
387 
388             portalURL = PortalUtil.getPortalURL(request, false);
389         }
390         else {
391             portalURL = PortalUtil.getPortalURL(request);
392         }
393 
394         StringBuilder sb = new StringBuilder();
395 
396         sb.append(portalURL);
397         sb.append(themeDisplay.getPathMain());
398         sb.append(_PATH_PORTAL_LAYOUT);
399 
400         if (!PropsValues.AUTH_FORWARD_BY_LAST_PATH) {
401             if (request.getRemoteUser() != null) {
402 
403                 // If we do not forward by last path and the user is logged in,
404                 // forward to the user's default layout to prevent a lagging
405                 // loop
406 
407                 sb.append(StringPool.QUESTION);
408                 sb.append("p_l_id");
409                 sb.append(StringPool.EQUAL);
410                 sb.append(LayoutConstants.DEFAULT_PLID);
411             }
412 
413             return sb.toString();
414         }
415 
416         LastPath lastPath = (LastPath)session.getAttribute(WebKeys.LAST_PATH);
417 
418         if (lastPath == null) {
419             return sb.toString();
420         }
421 
422         Map<String, String[]> parameterMap = lastPath.getParameterMap();
423 
424         // Only test for existing mappings for last paths that were set when the
425         // user accessed a layout directly instead of through its friendly URL
426 
427         if (lastPath.getContextPath().equals(themeDisplay.getPathMain())) {
428             ActionMapping mapping =
429                 (ActionMapping)moduleConfig.findActionConfig(
430                     lastPath.getPath());
431 
432             if ((mapping == null) || (parameterMap == null)) {
433                 return sb.toString();
434             }
435         }
436 
437         StringBuilder lastPathSB = new StringBuilder();
438 
439         lastPathSB.append(portalURL);
440         lastPathSB.append(lastPath.getContextPath());
441         lastPathSB.append(lastPath.getPath());
442         lastPathSB.append(HttpUtil.parameterMapToString(parameterMap));
443 
444         return lastPathSB.toString();
445     }
446 
447     protected boolean isPortletPath(String path) {
448         if ((path != null) &&
449             (!path.equals(_PATH_C)) &&
450             (!path.startsWith(_PATH_COMMON)) &&
451             (path.indexOf(_PATH_J_SECURITY_CHECK) == -1) &&
452             (!path.startsWith(_PATH_PORTAL)) &&
453             (!path.startsWith(_PATH_WSRP))) {
454 
455             return true;
456         }
457         else {
458             return false;
459         }
460     }
461 
462     protected boolean isPublicPath(String path) {
463         if ((path != null) &&
464             (_publicPaths.contains(path)) ||
465             (path.startsWith(_PATH_COMMON)) ||
466             (path.startsWith(_PATH_WSRP))) {
467 
468             return true;
469         }
470         else {
471             return false;
472         }
473     }
474 
475     protected ActionMapping processMapping(
476             HttpServletRequest request, HttpServletResponse response,
477             String path)
478         throws IOException {
479 
480         if (path == null) {
481             return null;
482         }
483 
484         ActionMapping mapping = super.processMapping(request, response, path);
485 
486         if (mapping == null) {
487             String msg = getInternal().getMessage("processInvalid");
488 
489             _log.error("User ID " + request.getRemoteUser());
490             _log.error("Current URL " + PortalUtil.getCurrentURL(request));
491             _log.error("Referer " + request.getHeader("Referer"));
492             _log.error("Remote address " + request.getRemoteAddr());
493 
494             _log.error(msg + " " + path);
495         }
496 
497         return mapping;
498     }
499 
500     protected HttpServletRequest processMultipart(HttpServletRequest request) {
501 
502         // Disable Struts from automatically wrapping a multipart request
503 
504         return request;
505     }
506 
507     protected String processPath(
508             HttpServletRequest request, HttpServletResponse response)
509         throws IOException {
510 
511         String path = super.processPath(request, response);
512 
513         HttpSession session = request.getSession();
514 
515         ThemeDisplay themeDisplay = (ThemeDisplay)request.getAttribute(
516             WebKeys.THEME_DISPLAY);
517 
518         // Current users
519 
520         UserTracker userTracker = LiveUsers.getUserTracker(
521             themeDisplay.getCompanyId(), session.getId());
522 
523         if ((userTracker != null) && (path != null) &&
524             (!path.equals(_PATH_C)) &&
525             (path.indexOf(_PATH_J_SECURITY_CHECK) == -1) &&
526             (path.indexOf(_PATH_PORTAL_PROTECTED) == -1) &&
527             (!_trackerIgnorePaths.contains(path))) {
528 
529             StringBuilder sb = null;
530 
531             try {
532                 if (PropsValues.SESSION_TRACKER_FRIENDLY_PATHS_ENABLED) {
533                     sb = getFriendlyTrackerPath(path, themeDisplay, request);
534                 }
535             }
536             catch (Exception e) {
537                 _log.error(e, e);
538             }
539 
540             if (sb == null) {
541                 sb = new StringBuilder();
542 
543                 sb.append(path);
544                 sb.append(StringPool.QUESTION);
545                 sb.append(request.getQueryString());
546             }
547 
548             UserTrackerPath userTrackerPath = UserTrackerPathUtil.create(0);
549 
550             userTrackerPath.setUserTrackerId(userTracker.getUserTrackerId());
551             userTrackerPath.setPath(sb.toString());
552             userTrackerPath.setPathDate(new Date());
553 
554             userTracker.addPath(userTrackerPath);
555         }
556 
557         String remoteUser = request.getRemoteUser();
558 
559         User user = null;
560 
561         try {
562             user = PortalUtil.getUser(request);
563         }
564         catch (Exception e) {
565         }
566 
567         // Last path
568 
569         if ((path != null) && (_lastPaths.contains(path)) &&
570             (!_trackerIgnorePaths.contains(path))) {
571 
572             boolean saveLastPath = ParamUtil.getBoolean(
573                 request, "saveLastPath", true);
574 
575             if (themeDisplay.isLifecycleResource() ||
576                 themeDisplay.isStateExclusive() ||
577                 themeDisplay.isStatePopUp() ||
578                 !request.getMethod().equalsIgnoreCase(HttpMethods.GET)) {
579 
580                 saveLastPath = false;
581             }
582 
583             // Save last path
584 
585             if (saveLastPath) {
586 
587                 // Was a last path set by another servlet that dispatched to
588                 // the MainServlet? If so, use that last path instead.
589 
590                 LastPath lastPath = (LastPath)request.getAttribute(
591                     WebKeys.LAST_PATH);
592 
593                 if (lastPath == null) {
594                     lastPath = new LastPath(
595                         themeDisplay.getPathMain(), path,
596                         request.getParameterMap());
597                 }
598 
599                 session.setAttribute(WebKeys.LAST_PATH, lastPath);
600             }
601         }
602 
603         // Authenticated users can always log out
604 
605         if (((remoteUser != null) || (user != null)) && (path != null) &&
606             (path.equals(_PATH_PORTAL_LOGOUT))) {
607 
608             return path;
609         }
610 
611         // Authenticated users can always extend or confirm their session
612 
613         if (((remoteUser != null) || (user != null)) && (path != null) &&
614             (path.equals(_PATH_PORTAL_EXPIRE_SESSION) ||
615              path.equals(_PATH_PORTAL_EXTEND_SESSION))) {
616 
617             return path;
618         }
619 
620         // Authenticated users can always agree to terms of use
621 
622         if (((remoteUser != null) || (user != null)) && (path != null) &&
623             (path.equals(_PATH_PORTAL_UPDATE_TERMS_OF_USE))) {
624 
625             return path;
626         }
627 
628         // Authenticated users must still exist in the system
629 
630         if ((remoteUser != null) && (user == null)) {
631             return _PATH_PORTAL_LOGOUT;
632         }
633 
634         // Authenticated users must agree to Terms of Use
635 
636         if ((user != null) && (!user.isAgreedToTermsOfUse())) {
637             if (PropsValues.TERMS_OF_USE_REQUIRED) {
638                 return _PATH_PORTAL_TERMS_OF_USE;
639             }
640         }
641 
642         // Authenticated users must be active
643 
644         if ((user != null) && (!user.isActive())) {
645             SessionErrors.add(request, UserActiveException.class.getName());
646 
647             return _PATH_PORTAL_ERROR;
648         }
649 
650         // Authenticated users must have a current password
651 
652         if ((user != null) && (user.isPasswordReset())) {
653             return _PATH_PORTAL_CHANGE_PASSWORD;
654         }
655 
656         // Authenticated users must have at least one personalized page
657 
658         /*if (user != null) {
659             List<Layout> layouts = themeDisplay.getLayouts();
660 
661             if ((layouts == null) || (layouts.size() == 0)) {
662                 SessionErrors.add(
663                     request, RequiredLayoutException.class.getName());
664 
665                 return _PATH_PORTAL_ERROR;
666             }
667         }*/
668 
669         // Users must sign in
670 
671         if (!isPublicPath(path)) {
672             if (user == null) {
673                 SessionErrors.add(request, PrincipalException.class.getName());
674 
675                 return _PATH_PORTAL_LOGIN;
676             }
677         }
678 
679         ActionMapping mapping =
680             (ActionMapping)moduleConfig.findActionConfig(path);
681 
682         if (path.startsWith(_PATH_WSRP)) {
683             path = _PATH_WSRP;
684         }
685         else {
686             path = mapping.getPath();
687         }
688 
689         // Authenticated users must have at least one role
690 
691         if (user != null) {
692             try {
693 
694                 // FIX ME
695 
696                 if (false) {
697                     SessionErrors.add(
698                         request, RequiredRoleException.class.getName());
699 
700                     return _PATH_PORTAL_ERROR;
701                 }
702             }
703             catch (Exception e) {
704                 e.printStackTrace();
705             }
706         }
707 
708         // Define the portlet objects
709 
710         if (isPortletPath(path)) {
711             try {
712                 Portlet portlet = null;
713 
714                 long companyId = PortalUtil.getCompanyId(request);
715                 String portletId = ParamUtil.getString(request, "p_p_id");
716 
717                 if (Validator.isNotNull(portletId)) {
718                     portlet = PortletLocalServiceUtil.getPortletById(
719                         companyId, portletId);
720                 }
721 
722                 if (portlet == null) {
723                     String strutsPath = path.substring(
724                         1, path.lastIndexOf(StringPool.SLASH));
725 
726                     portlet = PortletLocalServiceUtil.getPortletByStrutsPath(
727                         companyId, strutsPath);
728                 }
729 
730                 if ((portlet != null) && portlet.isActive()) {
731                     defineObjects(request, response, portlet);
732                 }
733             }
734             catch (Exception e) {
735                 request.setAttribute(PageContext.EXCEPTION, e);
736 
737                 path = _PATH_COMMON_ERROR;
738             }
739         }
740 
741         // Authenticated users must have access to at least one layout
742 
743         if (SessionErrors.contains(
744                 request, LayoutPermissionException.class.getName())) {
745 
746             return _PATH_PORTAL_ERROR;
747         }
748 
749         return path;
750     }
751 
752     protected boolean processRoles(
753             HttpServletRequest request, HttpServletResponse response,
754             ActionMapping mapping)
755         throws IOException, ServletException {
756 
757         String path = mapping.getPath();
758 
759         if (isPublicPath(path)) {
760             return true;
761         }
762 
763         boolean authorized = true;
764 
765         User user = null;
766 
767         try {
768             user = PortalUtil.getUser(request);
769         }
770         catch (Exception e) {
771         }
772 
773         if ((user != null) && isPortletPath(path)) {
774             try {
775 
776                 // Authenticated users can always log out
777 
778                 if (path.equals(_PATH_PORTAL_LOGOUT)) {
779                     return true;
780                 }
781 
782                 Portlet portlet = null;
783 
784                 String portletId = ParamUtil.getString(request, "p_p_id");
785 
786                 if (Validator.isNotNull(portletId)) {
787                     portlet = PortletLocalServiceUtil.getPortletById(
788                         user.getCompanyId(), portletId);
789                 }
790 
791                 String strutsPath = path.substring(
792                     1, path.lastIndexOf(StringPool.SLASH));
793 
794                 if (portlet != null) {
795                     if (!strutsPath.equals(portlet.getStrutsPath())) {
796                         throw new PrincipalException();
797                     }
798                 }
799                 else {
800                     portlet = PortletLocalServiceUtil.getPortletByStrutsPath(
801                         user.getCompanyId(), strutsPath);
802                 }
803 
804                 if ((portlet != null) && portlet.isActive()) {
805                     ThemeDisplay themeDisplay =
806                         (ThemeDisplay)request.getAttribute(
807                             WebKeys.THEME_DISPLAY);
808 
809                     Layout layout = themeDisplay.getLayout();
810                     PermissionChecker permissionChecker =
811                         themeDisplay.getPermissionChecker();
812 
813                     if (!PortletPermissionUtil.contains(
814                             permissionChecker, layout.getPlid(), portlet,
815                             ActionKeys.VIEW)) {
816 
817                         throw new PrincipalException();
818                     }
819                 }
820                 else if (portlet != null && !portlet.isActive()) {
821                     SessionErrors.add(
822                         request, PortletActiveException.class.getName());
823 
824                     authorized = false;
825                 }
826             }
827             catch (Exception e) {
828                 SessionErrors.add(request, PrincipalException.class.getName());
829 
830                 authorized = false;
831             }
832         }
833 
834         if (!authorized) {
835             ForwardConfig forwardConfig =
836                 mapping.findForward(_PATH_PORTAL_ERROR);
837 
838             processForwardConfig(request, response, forwardConfig);
839 
840             return false;
841         }
842         else {
843             return true;
844         }
845     }
846 
847     private static String _PATH_C = "/c";
848 
849     private static String _PATH_COMMON = "/common";
850 
851     private static String _PATH_COMMON_ERROR = "/common/error";
852 
853     private static String _PATH_J_SECURITY_CHECK = "/j_security_check";
854 
855     private static String _PATH_PORTAL = "/portal";
856 
857     private static String _PATH_PORTAL_CHANGE_PASSWORD =
858         "/portal/change_password";
859 
860     private static String _PATH_PORTAL_ERROR = "/portal/error";
861 
862     private static String _PATH_PORTAL_EXPIRE_SESSION =
863         "/portal/expire_session";
864 
865     private static String _PATH_PORTAL_EXTEND_SESSION =
866         "/portal/extend_session";
867 
868     private static String _PATH_PORTAL_FLASH = "/portal/flash";
869 
870     private static String _PATH_PORTAL_J_LOGIN = "/portal/j_login";
871 
872     private static String _PATH_PORTAL_LAYOUT = "/portal/layout";
873 
874     private static String _PATH_PORTAL_LOGIN = "/portal/login";
875 
876     private static String _PATH_PORTAL_LOGIN_CAPTCHA = "/portal/login_captcha";
877 
878     private static String _PATH_PORTAL_LOGOUT = "/portal/logout";
879 
880     private static String _PATH_PORTAL_PROTECTED = "/portal/protected";
881 
882     private static String _PATH_PORTAL_RENDER_PORTLET =
883         "/portal/render_portlet";
884 
885     private static String _PATH_PORTAL_TCK = "/portal/tck";
886 
887     private static String _PATH_PORTAL_TERMS_OF_USE = "/portal/terms_of_use";
888 
889     private static String _PATH_PORTAL_UPDATE_TERMS_OF_USE =
890         "/portal/update_terms_of_use";
891 
892     private static String _PATH_WSRP = "/wsrp";
893 
894     private static Log _log =
895          LogFactoryUtil.getLog(PortalRequestProcessor.class);
896 
897     private Set<String> _lastPaths;
898     private Set<String> _publicPaths;
899     private Set<String> _trackerIgnorePaths;
900 
901 }