1
14
15 package com.liferay.portal.spring.servlet;
16
17 import com.liferay.portal.kernel.log.Log;
18 import com.liferay.portal.kernel.log.LogFactoryUtil;
19 import com.liferay.portal.kernel.util.GetterUtil;
20 import com.liferay.portal.model.User;
21 import com.liferay.portal.security.auth.PrincipalThreadLocal;
22 import com.liferay.portal.security.permission.PermissionChecker;
23 import com.liferay.portal.security.permission.PermissionCheckerFactoryUtil;
24 import com.liferay.portal.security.permission.PermissionThreadLocal;
25 import com.liferay.portal.service.UserLocalServiceUtil;
26 import com.liferay.portal.spring.context.TunnelApplicationContext;
27 import com.liferay.portal.util.PortalInstances;
28
29 import javax.servlet.ServletException;
30 import javax.servlet.http.HttpServletRequest;
31 import javax.servlet.http.HttpServletResponse;
32
33 import org.springframework.web.servlet.DispatcherServlet;
34
35
40 public class RemotingServlet extends DispatcherServlet {
41
42 public static final String CONTEXT_CLASS =
43 TunnelApplicationContext.class.getName();
44
45 public static final String CONTEXT_CONFIG_LOCATION =
46 "/WEB-INF/remoting-servlet.xml,/WEB-INF/remoting-servlet-ext.xml";
47
48 public Class<?> getContextClass() {
49 try {
50 return Class.forName(CONTEXT_CLASS);
51 }
52 catch (Exception e) {
53 _log.error(e);
54 }
55
56 return null;
57 }
58
59 public String getContextConfigLocation() {
60 return CONTEXT_CONFIG_LOCATION;
61 }
62
63 public void service(
64 HttpServletRequest request, HttpServletResponse response)
65 throws ServletException {
66
67 try {
68 PortalInstances.getCompanyId(request);
69
70 String remoteUser = request.getRemoteUser();
71
72 if (_log.isDebugEnabled()) {
73 _log.debug("Remote user " + remoteUser);
74 }
75
76 if (remoteUser != null) {
77 PrincipalThreadLocal.setName(remoteUser);
78
79 long userId = GetterUtil.getLong(remoteUser);
80
81 User user = UserLocalServiceUtil.getUserById(userId);
82
83 PermissionChecker permissionChecker =
84 PermissionCheckerFactoryUtil.create(user, true);
85
86 PermissionThreadLocal.setPermissionChecker(permissionChecker);
87 }
88 else {
89 if (_log.isWarnEnabled()) {
90 _log.warn(
91 "User id is not provided. An exception will be " +
92 "thrown if a protected method is accessed.");
93 }
94 }
95
96 super.service(request, response);
97 }
98 catch (Exception e) {
99 throw new ServletException(e);
100 }
101 }
102
103 private static Log _log = LogFactoryUtil.getLog(RemotingServlet.class);
104
105 }