1   /**
2    * Copyright (c) 2000-2010 Liferay, Inc. All rights reserved.
3    *
4    * The contents of this file are subject to the terms of the Liferay Enterprise
5    * Subscription License ("License"). You may not use this file except in
6    * compliance with the License. You can obtain a copy of the License by
7    * contacting Liferay, Inc. See the License for the specific language governing
8    * permissions and limitations under the License, including but not limited to
9    * distribution rights of the Software.
10   *
11   *
12   *
13   */
14  
15  package com.liferay.portal.spring.servlet;
16  
17  import com.liferay.portal.kernel.log.Log;
18  import com.liferay.portal.kernel.log.LogFactoryUtil;
19  import com.liferay.portal.kernel.util.GetterUtil;
20  import com.liferay.portal.model.User;
21  import com.liferay.portal.security.auth.PrincipalThreadLocal;
22  import com.liferay.portal.security.permission.PermissionChecker;
23  import com.liferay.portal.security.permission.PermissionCheckerFactoryUtil;
24  import com.liferay.portal.security.permission.PermissionThreadLocal;
25  import com.liferay.portal.service.UserLocalServiceUtil;
26  import com.liferay.portal.spring.context.TunnelApplicationContext;
27  import com.liferay.portal.util.PortalInstances;
28  
29  import javax.servlet.ServletException;
30  import javax.servlet.http.HttpServletRequest;
31  import javax.servlet.http.HttpServletResponse;
32  
33  import org.springframework.web.servlet.DispatcherServlet;
34  
35  /**
36   * <a href="RemotingServlet.java.html"><b><i>View Source</i></b></a>
37   *
38   * @author Brian Wing Shun Chan
39   */
40  public class RemotingServlet extends DispatcherServlet {
41  
42      public static final String CONTEXT_CLASS =
43          TunnelApplicationContext.class.getName();
44  
45      public static final String CONTEXT_CONFIG_LOCATION =
46          "/WEB-INF/remoting-servlet.xml,/WEB-INF/remoting-servlet-ext.xml";
47  
48      public Class<?> getContextClass() {
49          try {
50              return Class.forName(CONTEXT_CLASS);
51          }
52          catch (Exception e) {
53              _log.error(e);
54          }
55  
56          return null;
57      }
58  
59      public String getContextConfigLocation() {
60          return CONTEXT_CONFIG_LOCATION;
61      }
62  
63      public void service(
64              HttpServletRequest request, HttpServletResponse response)
65          throws ServletException {
66  
67          try {
68              PortalInstances.getCompanyId(request);
69  
70              String remoteUser = request.getRemoteUser();
71  
72              if (_log.isDebugEnabled()) {
73                  _log.debug("Remote user " + remoteUser);
74              }
75  
76              if (remoteUser != null) {
77                  PrincipalThreadLocal.setName(remoteUser);
78  
79                  long userId = GetterUtil.getLong(remoteUser);
80  
81                  User user = UserLocalServiceUtil.getUserById(userId);
82  
83                  PermissionChecker permissionChecker =
84                      PermissionCheckerFactoryUtil.create(user, true);
85  
86                  PermissionThreadLocal.setPermissionChecker(permissionChecker);
87              }
88              else {
89                  if (_log.isWarnEnabled()) {
90                      _log.warn(
91                          "User id is not provided. An exception will be " +
92                              "thrown  if a protected method is accessed.");
93                  }
94              }
95  
96              super.service(request, response);
97          }
98          catch (Exception e) {
99              throw new ServletException(e);
100         }
101     }
102 
103     private static Log _log = LogFactoryUtil.getLog(RemotingServlet.class);
104 
105 }