1   /**
2    * Copyright (c) 2000-2010 Liferay, Inc. All rights reserved.
3    *
4    * The contents of this file are subject to the terms of the Liferay Enterprise
5    * Subscription License ("License"). You may not use this file except in
6    * compliance with the License. You can obtain a copy of the License by
7    * contacting Liferay, Inc. See the License for the specific language governing
8    * permissions and limitations under the License, including but not limited to
9    * distribution rights of the Software.
10   *
11   *
12   *
13   */
14  
15  package com.liferay.portal.struts;
16  
17  import com.liferay.portal.LayoutPermissionException;
18  import com.liferay.portal.PortletActiveException;
19  import com.liferay.portal.RequiredRoleException;
20  import com.liferay.portal.SystemException;
21  import com.liferay.portal.UserActiveException;
22  import com.liferay.portal.kernel.log.Log;
23  import com.liferay.portal.kernel.log.LogFactoryUtil;
24  import com.liferay.portal.kernel.portlet.FriendlyURLMapper;
25  import com.liferay.portal.kernel.servlet.HttpMethods;
26  import com.liferay.portal.kernel.servlet.SessionErrors;
27  import com.liferay.portal.kernel.struts.LastPath;
28  import com.liferay.portal.kernel.util.CharPool;
29  import com.liferay.portal.kernel.util.GetterUtil;
30  import com.liferay.portal.kernel.util.HttpUtil;
31  import com.liferay.portal.kernel.util.JavaConstants;
32  import com.liferay.portal.kernel.util.ParamUtil;
33  import com.liferay.portal.kernel.util.PropsKeys;
34  import com.liferay.portal.kernel.util.StringBundler;
35  import com.liferay.portal.kernel.util.StringPool;
36  import com.liferay.portal.kernel.util.Validator;
37  import com.liferay.portal.liveusers.LiveUsers;
38  import com.liferay.portal.model.Layout;
39  import com.liferay.portal.model.LayoutConstants;
40  import com.liferay.portal.model.Portlet;
41  import com.liferay.portal.model.PortletPreferencesIds;
42  import com.liferay.portal.model.User;
43  import com.liferay.portal.model.UserTracker;
44  import com.liferay.portal.model.UserTrackerPath;
45  import com.liferay.portal.security.auth.PrincipalException;
46  import com.liferay.portal.security.permission.ActionKeys;
47  import com.liferay.portal.security.permission.PermissionChecker;
48  import com.liferay.portal.service.LayoutLocalServiceUtil;
49  import com.liferay.portal.service.PortletLocalServiceUtil;
50  import com.liferay.portal.service.PortletPreferencesLocalServiceUtil;
51  import com.liferay.portal.service.permission.PortletPermissionUtil;
52  import com.liferay.portal.service.persistence.UserTrackerPathUtil;
53  import com.liferay.portal.theme.ThemeDisplay;
54  import com.liferay.portal.util.PortalUtil;
55  import com.liferay.portal.util.PrefsPropsUtil;
56  import com.liferay.portal.util.PropsUtil;
57  import com.liferay.portal.util.PropsValues;
58  import com.liferay.portal.util.WebKeys;
59  import com.liferay.portlet.InvokerPortlet;
60  import com.liferay.portlet.PortletConfigFactory;
61  import com.liferay.portlet.PortletInstanceFactoryUtil;
62  import com.liferay.portlet.PortletPreferencesFactoryUtil;
63  import com.liferay.portlet.PortletURLImpl;
64  import com.liferay.portlet.RenderRequestFactory;
65  import com.liferay.portlet.RenderRequestImpl;
66  import com.liferay.portlet.RenderResponseFactory;
67  import com.liferay.portlet.RenderResponseImpl;
68  
69  import java.io.IOException;
70  
71  import java.util.Date;
72  import java.util.HashSet;
73  import java.util.Iterator;
74  import java.util.Map.Entry;
75  import java.util.Map;
76  import java.util.Set;
77  
78  import javax.portlet.PortletConfig;
79  import javax.portlet.PortletContext;
80  import javax.portlet.PortletMode;
81  import javax.portlet.PortletPreferences;
82  import javax.portlet.PortletRequest;
83  import javax.portlet.WindowState;
84  
85  import javax.servlet.ServletContext;
86  import javax.servlet.ServletException;
87  import javax.servlet.http.HttpServletRequest;
88  import javax.servlet.http.HttpServletResponse;
89  import javax.servlet.http.HttpSession;
90  import javax.servlet.jsp.PageContext;
91  
92  import org.apache.struts.action.ActionMapping;
93  import org.apache.struts.config.ForwardConfig;
94  import org.apache.struts.tiles.TilesRequestProcessor;
95  
96  /**
97   * <a href="PortalRequestProcessor.java.html"><b><i>View Source</i></b></a>
98   *
99   * @author Brian Wing Shun Chan
100  * @author Jorge Ferrer
101  * @author Wesley Gong
102  */
103 public class PortalRequestProcessor extends TilesRequestProcessor {
104 
105     public PortalRequestProcessor() {
106 
107         // auth.forward.last.path.
108 
109         _lastPaths = new HashSet<String>();
110 
111         _lastPaths.add(_PATH_PORTAL_LAYOUT);
112 
113         addPaths(_lastPaths, PropsKeys.AUTH_FORWARD_LAST_PATHS);
114 
115         // auth.public.path.
116 
117         _publicPaths = new HashSet<String>();
118 
119         _publicPaths.add(_PATH_C);
120         _publicPaths.add(_PATH_PORTAL_EE_LICENSE);
121         _publicPaths.add(_PATH_PORTAL_FLASH);
122         _publicPaths.add(_PATH_PORTAL_J_LOGIN);
123         _publicPaths.add(_PATH_PORTAL_LAYOUT);
124         _publicPaths.add(_PATH_PORTAL_LOGIN);
125         _publicPaths.add(_PATH_PORTAL_RENDER_PORTLET);
126         _publicPaths.add(_PATH_PORTAL_TCK);
127 
128         addPaths(_publicPaths, PropsKeys.AUTH_PUBLIC_PATHS);
129 
130         _trackerIgnorePaths = new HashSet<String>();
131 
132         addPaths(_trackerIgnorePaths, PropsKeys.SESSION_TRACKER_IGNORE_PATHS);
133     }
134 
135     public void process(
136             HttpServletRequest request, HttpServletResponse response)
137         throws IOException, ServletException {
138 
139         String path = super.processPath(request, response);
140 
141         ActionMapping mapping = (ActionMapping)moduleConfig.findActionConfig(
142             path);
143 
144         if (mapping == null) {
145             String lastPath = getLastPath(request);
146 
147             if (_log.isDebugEnabled()) {
148                 _log.debug("Last path " + lastPath);
149             }
150 
151             response.sendRedirect(lastPath);
152 
153             return;
154         }
155 
156         super.process(request, response);
157 
158         try {
159             if (isPortletPath(path)) {
160                 cleanUp(request);
161             }
162         }
163         catch (Exception e) {
164             _log.error(e, e);
165         }
166     }
167 
168     protected void addPaths(Set<String> paths, String propsKey) {
169         String[] pathsArray = PropsUtil.getArray(propsKey);
170 
171         for (String path : pathsArray) {
172             paths.add(path);
173         }
174     }
175 
176     protected void callParentDoForward(
177             String uri, HttpServletRequest request,
178             HttpServletResponse response)
179         throws IOException, ServletException {
180 
181         super.doForward(uri, request, response);
182     }
183 
184     protected HttpServletRequest callParentProcessMultipart(
185         HttpServletRequest request) {
186 
187         return super.processMultipart(request);
188     }
189 
190     protected String callParentProcessPath(
191             HttpServletRequest request, HttpServletResponse response)
192         throws IOException {
193 
194         return super.processPath(request, response);
195     }
196 
197     protected boolean callParentProcessRoles(
198             HttpServletRequest request, HttpServletResponse response,
199             ActionMapping mapping)
200         throws IOException, ServletException {
201 
202         return super.processRoles(request, response, mapping);
203     }
204 
205     protected void cleanUp(HttpServletRequest request) throws Exception {
206 
207         // Clean up portlet objects that may have been created by defineObjects
208         // for portlets that are called directly from a Struts path
209 
210         RenderRequestImpl renderRequestImpl =
211             (RenderRequestImpl)request.getAttribute(
212                 JavaConstants.JAVAX_PORTLET_REQUEST);
213 
214         if (renderRequestImpl != null) {
215             renderRequestImpl.cleanUp();
216         }
217     }
218 
219     protected void defineObjects(
220             HttpServletRequest request, HttpServletResponse response,
221             Portlet portlet)
222         throws Exception {
223 
224         String portletId = portlet.getPortletId();
225 
226         ServletContext servletContext = (ServletContext)request.getAttribute(
227             WebKeys.CTX);
228 
229         InvokerPortlet invokerPortlet = PortletInstanceFactoryUtil.create(
230             portlet, servletContext);
231 
232         PortletPreferencesIds portletPreferencesIds =
233             PortletPreferencesFactoryUtil.getPortletPreferencesIds(
234                 request, portletId);
235 
236         PortletPreferences portletPreferences =
237             PortletPreferencesLocalServiceUtil.getPreferences(
238                 portletPreferencesIds);
239 
240         PortletConfig portletConfig = PortletConfigFactory.create(
241             portlet, servletContext);
242         PortletContext portletContext = portletConfig.getPortletContext();
243 
244         RenderRequestImpl renderRequestImpl = RenderRequestFactory.create(
245             request, portlet, invokerPortlet, portletContext,
246             WindowState.MAXIMIZED, PortletMode.VIEW, portletPreferences);
247 
248         RenderResponseImpl renderResponseImpl = RenderResponseFactory.create(
249             renderRequestImpl, response, portletId, portlet.getCompanyId());
250 
251         renderRequestImpl.defineObjects(portletConfig, renderResponseImpl);
252 
253         request.setAttribute(WebKeys.PORTLET_STRUTS_EXECUTE, Boolean.TRUE);
254     }
255 
256     protected void doForward(
257             String uri, HttpServletRequest request,
258             HttpServletResponse response)
259         throws ServletException {
260 
261         StrutsUtil.forward(uri, getServletContext(), request, response);
262     }
263 
264     protected void doInclude(
265             String uri, HttpServletRequest request,
266             HttpServletResponse response)
267         throws ServletException {
268 
269         StrutsUtil.include(uri, getServletContext(), request, response);
270     }
271 
272     protected String getFriendlyTrackerPath(
273             String path, ThemeDisplay themeDisplay, HttpServletRequest request)
274         throws Exception {
275 
276         if (!path.equals(_PATH_PORTAL_LAYOUT)) {
277             return null;
278         }
279 
280         long plid = ParamUtil.getLong(request, "p_l_id");
281 
282         if (plid == 0) {
283             return null;
284         }
285 
286         Layout layout = LayoutLocalServiceUtil.getLayout(plid);
287 
288         String layoutFriendlyURL = PortalUtil.getLayoutFriendlyURL(
289             layout, themeDisplay);
290 
291         String portletId = ParamUtil.getString(request, "p_p_id");
292 
293         if (Validator.isNull(portletId)) {
294             return layoutFriendlyURL;
295         }
296 
297         long companyId = PortalUtil.getCompanyId(request);
298 
299         Portlet portlet = PortletLocalServiceUtil.getPortletById(
300             companyId, portletId);
301 
302         if (portlet == null) {
303             String strutsPath = path.substring(
304                 1, path.lastIndexOf(CharPool.SLASH));
305 
306             portlet = PortletLocalServiceUtil.getPortletByStrutsPath(
307                 companyId, strutsPath);
308         }
309 
310         if ((portlet == null) || !portlet.isActive()) {
311             return layoutFriendlyURL.concat(StringPool.QUESTION).concat(
312                 request.getQueryString());
313         }
314 
315         String namespace = PortalUtil.getPortletNamespace(portletId);
316 
317         FriendlyURLMapper friendlyURLMapper =
318             portlet.getFriendlyURLMapperInstance();
319 
320         if (friendlyURLMapper == null) {
321             return layoutFriendlyURL.concat(StringPool.QUESTION).concat(
322                 request.getQueryString());
323         }
324 
325         PortletURLImpl portletURL = new PortletURLImpl(
326             request, portletId, plid, PortletRequest.RENDER_PHASE);
327 
328         Iterator<Map.Entry<String, String[]>> itr =
329             request.getParameterMap().entrySet().iterator();
330 
331         while (itr.hasNext()) {
332             Entry<String, String[]> entry = itr.next();
333 
334             String key = entry.getKey();
335 
336             if (key.startsWith(namespace)) {
337                 key = key.substring(namespace.length());
338 
339                 portletURL.setParameter(key, entry.getValue());
340             }
341         }
342 
343         String portletFriendlyURL = friendlyURLMapper.buildPath(portletURL);
344 
345         if (portletFriendlyURL != null) {
346             return layoutFriendlyURL.concat(portletFriendlyURL);
347         }
348         else {
349             return layoutFriendlyURL.concat(StringPool.QUESTION).concat(
350                 request.getQueryString());
351         }
352     }
353 
354     protected String getLastPath(HttpServletRequest request) {
355         HttpSession session = request.getSession();
356 
357         ThemeDisplay themeDisplay = (ThemeDisplay)request.getAttribute(
358             WebKeys.THEME_DISPLAY);
359 
360         Boolean httpsInitial = (Boolean)session.getAttribute(
361             WebKeys.HTTPS_INITIAL);
362 
363         String portalURL = null;
364 
365         if ((PropsValues.COMPANY_SECURITY_AUTH_REQUIRES_HTTPS) &&
366             (!PropsValues.SESSION_ENABLE_PHISHING_PROTECTION) &&
367             (httpsInitial != null) && (!httpsInitial.booleanValue())) {
368 
369             portalURL = PortalUtil.getPortalURL(request, false);
370         }
371         else {
372             portalURL = PortalUtil.getPortalURL(request);
373         }
374 
375         StringBundler sb = new StringBundler();
376 
377         sb.append(portalURL);
378         sb.append(themeDisplay.getPathMain());
379         sb.append(_PATH_PORTAL_LAYOUT);
380 
381         if (!PropsValues.AUTH_FORWARD_BY_LAST_PATH) {
382             if (request.getRemoteUser() != null) {
383 
384                 // If we do not forward by last path and the user is logged in,
385                 // forward to the user's default layout to prevent a lagging
386                 // loop
387 
388                 sb.append(StringPool.QUESTION);
389                 sb.append("p_l_id");
390                 sb.append(StringPool.EQUAL);
391                 sb.append(LayoutConstants.DEFAULT_PLID);
392             }
393 
394             return sb.toString();
395         }
396 
397         LastPath lastPath = (LastPath)session.getAttribute(WebKeys.LAST_PATH);
398 
399         if (lastPath == null) {
400             return sb.toString();
401         }
402 
403         Map<String, String[]> parameterMap = lastPath.getParameterMap();
404 
405         // Only test for existing mappings for last paths that were set when the
406         // user accessed a layout directly instead of through its friendly URL
407 
408         if (lastPath.getContextPath().equals(themeDisplay.getPathMain())) {
409             ActionMapping mapping =
410                 (ActionMapping)moduleConfig.findActionConfig(
411                     lastPath.getPath());
412 
413             if ((mapping == null) || (parameterMap == null)) {
414                 return sb.toString();
415             }
416         }
417 
418         StringBundler lastPathSB = new StringBundler(4);
419 
420         lastPathSB.append(portalURL);
421         lastPathSB.append(lastPath.getContextPath());
422         lastPathSB.append(lastPath.getPath());
423         lastPathSB.append(HttpUtil.parameterMapToString(parameterMap));
424 
425         return lastPathSB.toString();
426     }
427 
428     protected boolean isPortletPath(String path) {
429         if ((path != null) &&
430             (!path.equals(_PATH_C)) &&
431             (!path.startsWith(_PATH_COMMON)) &&
432             (path.indexOf(_PATH_J_SECURITY_CHECK) == -1) &&
433             (!path.startsWith(_PATH_PORTAL))) {
434 
435             return true;
436         }
437         else {
438             return false;
439         }
440     }
441 
442     protected boolean isPublicPath(String path) {
443         if ((path != null) &&
444             (_publicPaths.contains(path)) ||
445             (path.startsWith(_PATH_COMMON))) {
446 
447             return true;
448         }
449         else {
450             return false;
451         }
452     }
453 
454     protected ActionMapping processMapping(
455             HttpServletRequest request, HttpServletResponse response,
456             String path)
457         throws IOException {
458 
459         if (path == null) {
460             return null;
461         }
462 
463         ActionMapping mapping = super.processMapping(request, response, path);
464 
465         if (mapping == null) {
466             String msg = getInternal().getMessage("processInvalid");
467 
468             _log.error("User ID " + request.getRemoteUser());
469             _log.error("Current URL " + PortalUtil.getCurrentURL(request));
470             _log.error("Referer " + request.getHeader("Referer"));
471             _log.error("Remote address " + request.getRemoteAddr());
472 
473             _log.error(msg + " " + path);
474         }
475 
476         return mapping;
477     }
478 
479     protected HttpServletRequest processMultipart(HttpServletRequest request) {
480 
481         // Disable Struts from automatically wrapping a multipart request
482 
483         return request;
484     }
485 
486     protected String processPath(
487             HttpServletRequest request, HttpServletResponse response)
488         throws IOException {
489 
490         String path = GetterUtil.getString(
491             super.processPath(request, response));
492 
493         HttpSession session = request.getSession();
494 
495         ThemeDisplay themeDisplay = (ThemeDisplay)request.getAttribute(
496             WebKeys.THEME_DISPLAY);
497 
498         // Current users
499 
500         UserTracker userTracker = LiveUsers.getUserTracker(
501             themeDisplay.getCompanyId(), session.getId());
502 
503         if ((userTracker != null) && (!path.equals(_PATH_C)) &&
504             (path.indexOf(_PATH_J_SECURITY_CHECK) == -1) &&
505             (path.indexOf(_PATH_PORTAL_PROTECTED) == -1) &&
506             (!_trackerIgnorePaths.contains(path))) {
507 
508             String fullPath = null;
509 
510             try {
511                 if (PropsValues.SESSION_TRACKER_FRIENDLY_PATHS_ENABLED) {
512                     fullPath = getFriendlyTrackerPath(
513                         path, themeDisplay, request);
514                 }
515             }
516             catch (Exception e) {
517                 _log.error(e, e);
518             }
519 
520             String queryString = request.getQueryString();
521 
522             if (Validator.isNull(fullPath) &&
523                 Validator.isNotNull(queryString)) {
524 
525                 fullPath = path.concat(StringPool.QUESTION).concat(queryString);
526             }
527             else {
528                 fullPath = path;
529             }
530 
531             UserTrackerPath userTrackerPath = UserTrackerPathUtil.create(0);
532 
533             userTrackerPath.setUserTrackerId(userTracker.getUserTrackerId());
534             userTrackerPath.setPath(fullPath);
535             userTrackerPath.setPathDate(new Date());
536 
537             userTracker.addPath(userTrackerPath);
538         }
539 
540         String remoteUser = request.getRemoteUser();
541 
542         User user = null;
543 
544         try {
545             user = PortalUtil.getUser(request);
546         }
547         catch (Exception e) {
548         }
549 
550         // Last path
551 
552         if (_lastPaths.contains(path) && !_trackerIgnorePaths.contains(path)) {
553             boolean saveLastPath = ParamUtil.getBoolean(
554                 request, "saveLastPath", true);
555 
556             if (themeDisplay.isLifecycleResource() ||
557                 themeDisplay.isStateExclusive() ||
558                 themeDisplay.isStatePopUp() ||
559                 !request.getMethod().equalsIgnoreCase(HttpMethods.GET)) {
560 
561                 saveLastPath = false;
562             }
563 
564             // Save last path
565 
566             if (saveLastPath) {
567 
568                 // Was a last path set by another servlet that dispatched to
569                 // the MainServlet? If so, use that last path instead.
570 
571                 LastPath lastPath = (LastPath)request.getAttribute(
572                     WebKeys.LAST_PATH);
573 
574                 if (lastPath == null) {
575                     lastPath = new LastPath(
576                         themeDisplay.getPathMain(), path,
577                         request.getParameterMap());
578                 }
579 
580                 session.setAttribute(WebKeys.LAST_PATH, lastPath);
581             }
582         }
583 
584         // Authenticated users can always log out
585 
586         if (((remoteUser != null) || (user != null)) &&
587             (path.equals(_PATH_PORTAL_LOGOUT))) {
588 
589             return path;
590         }
591 
592         // Authenticated users can always extend or confirm their session
593 
594         if (((remoteUser != null) || (user != null)) &&
595             (path.equals(_PATH_PORTAL_EXPIRE_SESSION) ||
596              path.equals(_PATH_PORTAL_EXTEND_SESSION))) {
597 
598             return path;
599         }
600 
601         // Authenticated users can always agree to terms of use
602 
603         if (((remoteUser != null) || (user != null)) &&
604             (path.equals(_PATH_PORTAL_UPDATE_TERMS_OF_USE))) {
605 
606             return path;
607         }
608 
609         // Authenticated users must still exist in the system
610 
611         if ((remoteUser != null) && (user == null)) {
612             return _PATH_PORTAL_LOGOUT;
613         }
614 
615         // Authenticated users must be active
616 
617         if ((user != null) && !user.isActive()) {
618             SessionErrors.add(request, UserActiveException.class.getName());
619 
620             return _PATH_PORTAL_ERROR;
621         }
622 
623         if (!path.equals(_PATH_PORTAL_JSON_SERVICE) &&
624             !path.equals(_PATH_PORTAL_RENDER_PORTLET) &&
625             !ParamUtil.getBoolean(request, "wsrp")) {
626 
627             // Authenticated users should agree to Terms of Use
628 
629             if ((user != null) && !user.isAgreedToTermsOfUse()) {
630                 boolean termsOfUseRequired = false;
631 
632                 try {
633                     termsOfUseRequired = PrefsPropsUtil.getBoolean(
634                         user.getCompanyId(), PropsKeys.TERMS_OF_USE_REQUIRED);
635                 }
636                 catch (SystemException se) {
637                     termsOfUseRequired = PropsValues.TERMS_OF_USE_REQUIRED;
638                 }
639 
640                 if (termsOfUseRequired) {
641                     return _PATH_PORTAL_TERMS_OF_USE;
642                 }
643             }
644 
645             // Authenticated users must have a current password
646 
647             if ((user != null) && user.isPasswordReset()) {
648                 return _PATH_PORTAL_UPDATE_PASSWORD;
649             }
650 
651             // Authenticated users must have an email address
652 
653             if ((user != null) &&
654                 Validator.isNull(user.getDisplayEmailAddress())) {
655 
656                 return _PATH_PORTAL_UPDATE_EMAIL_ADDRESS;
657             }
658 
659             // Authenticated users should have a reminder query
660 
661             if ((user != null) &&
662                 (Validator.isNull(user.getReminderQueryQuestion()) ||
663                  Validator.isNull(user.getReminderQueryAnswer()))) {
664 
665                 if (PropsValues.USERS_REMINDER_QUERIES_ENABLED) {
666                     return _PATH_PORTAL_UPDATE_REMINDER_QUERY;
667                 }
668             }
669         }
670 
671         // Users must sign in
672 
673         if (!isPublicPath(path)) {
674             if (user == null) {
675                 SessionErrors.add(request, PrincipalException.class.getName());
676 
677                 return _PATH_PORTAL_LOGIN;
678             }
679         }
680 
681         ActionMapping mapping =
682             (ActionMapping)moduleConfig.findActionConfig(path);
683 
684         path = mapping.getPath();
685 
686         // Authenticated users must have at least one role
687 
688         if (user != null) {
689             try {
690 
691                 // FIX ME
692 
693                 if (false) {
694                     SessionErrors.add(
695                         request, RequiredRoleException.class.getName());
696 
697                     return _PATH_PORTAL_ERROR;
698                 }
699             }
700             catch (Exception e) {
701                 e.printStackTrace();
702             }
703         }
704 
705         // Define the portlet objects
706 
707         if (isPortletPath(path)) {
708             try {
709                 Portlet portlet = null;
710 
711                 long companyId = PortalUtil.getCompanyId(request);
712                 String portletId = ParamUtil.getString(request, "p_p_id");
713 
714                 if (Validator.isNotNull(portletId)) {
715                     portlet = PortletLocalServiceUtil.getPortletById(
716                         companyId, portletId);
717                 }
718 
719                 if (portlet == null) {
720                     String strutsPath = path.substring(
721                         1, path.lastIndexOf(CharPool.SLASH));
722 
723                     portlet = PortletLocalServiceUtil.getPortletByStrutsPath(
724                         companyId, strutsPath);
725                 }
726 
727                 if ((portlet != null) && portlet.isActive()) {
728                     defineObjects(request, response, portlet);
729                 }
730             }
731             catch (Exception e) {
732                 request.setAttribute(PageContext.EXCEPTION, e);
733 
734                 path = _PATH_COMMON_ERROR;
735             }
736         }
737 
738         // Authenticated users must have access to at least one layout
739 
740         if (SessionErrors.contains(
741                 request, LayoutPermissionException.class.getName())) {
742 
743             return _PATH_PORTAL_ERROR;
744         }
745 
746         return path;
747     }
748 
749     protected boolean processRoles(
750             HttpServletRequest request, HttpServletResponse response,
751             ActionMapping mapping)
752         throws IOException, ServletException {
753 
754         String path = mapping.getPath();
755 
756         if (isPublicPath(path)) {
757             return true;
758         }
759 
760         boolean authorized = true;
761 
762         User user = null;
763 
764         try {
765             user = PortalUtil.getUser(request);
766         }
767         catch (Exception e) {
768         }
769 
770         if ((user != null) && isPortletPath(path)) {
771             try {
772 
773                 // Authenticated users can always log out
774 
775                 if (path.equals(_PATH_PORTAL_LOGOUT)) {
776                     return true;
777                 }
778 
779                 Portlet portlet = null;
780 
781                 String portletId = ParamUtil.getString(request, "p_p_id");
782 
783                 if (Validator.isNotNull(portletId)) {
784                     portlet = PortletLocalServiceUtil.getPortletById(
785                         user.getCompanyId(), portletId);
786                 }
787 
788                 String strutsPath = path.substring(
789                     1, path.lastIndexOf(CharPool.SLASH));
790 
791                 if (portlet != null) {
792                     if (!strutsPath.equals(portlet.getStrutsPath())) {
793                         throw new PrincipalException();
794                     }
795                 }
796                 else {
797                     portlet = PortletLocalServiceUtil.getPortletByStrutsPath(
798                         user.getCompanyId(), strutsPath);
799                 }
800 
801                 if ((portlet != null) && portlet.isActive()) {
802                     ThemeDisplay themeDisplay =
803                         (ThemeDisplay)request.getAttribute(
804                             WebKeys.THEME_DISPLAY);
805 
806                     Layout layout = themeDisplay.getLayout();
807                     PermissionChecker permissionChecker =
808                         themeDisplay.getPermissionChecker();
809 
810                     if (!PortletPermissionUtil.contains(
811                             permissionChecker, layout.getPlid(), portlet,
812                             ActionKeys.VIEW)) {
813 
814                         throw new PrincipalException();
815                     }
816                 }
817                 else if (portlet != null && !portlet.isActive()) {
818                     SessionErrors.add(
819                         request, PortletActiveException.class.getName());
820 
821                     authorized = false;
822                 }
823             }
824             catch (Exception e) {
825                 SessionErrors.add(request, PrincipalException.class.getName());
826 
827                 authorized = false;
828             }
829         }
830 
831         if (!authorized) {
832             ForwardConfig forwardConfig =
833                 mapping.findForward(_PATH_PORTAL_ERROR);
834 
835             processForwardConfig(request, response, forwardConfig);
836 
837             return false;
838         }
839         else {
840             return true;
841         }
842     }
843 
844     private static String _PATH_C = "/c";
845 
846     private static String _PATH_COMMON = "/common";
847 
848     private static String _PATH_COMMON_ERROR = "/common/error";
849 
850     private static String _PATH_J_SECURITY_CHECK = "/j_security_check";
851 
852     private static String _PATH_PORTAL = "/portal";
853 
854     private static String _PATH_PORTAL_EE_LICENSE = "/portal/ee/license";
855 
856     private static String _PATH_PORTAL_ERROR = "/portal/error";
857 
858     private static String _PATH_PORTAL_EXPIRE_SESSION =
859         "/portal/expire_session";
860 
861     private static String _PATH_PORTAL_EXTEND_SESSION =
862         "/portal/extend_session";
863 
864     private static String _PATH_PORTAL_FLASH = "/portal/flash";
865 
866     private static String _PATH_PORTAL_J_LOGIN = "/portal/j_login";
867 
868     private static String _PATH_PORTAL_JSON_SERVICE = "/portal/json_service";
869 
870     private static String _PATH_PORTAL_LAYOUT = "/portal/layout";
871 
872     private static String _PATH_PORTAL_LOGIN = "/portal/login";
873 
874     private static String _PATH_PORTAL_LOGOUT = "/portal/logout";
875 
876     private static String _PATH_PORTAL_PROTECTED = "/portal/protected";
877 
878     private static String _PATH_PORTAL_RENDER_PORTLET =
879         "/portal/render_portlet";
880 
881     private static String _PATH_PORTAL_TCK = "/portal/tck";
882 
883     private static String _PATH_PORTAL_TERMS_OF_USE = "/portal/terms_of_use";
884 
885     private static String _PATH_PORTAL_UPDATE_EMAIL_ADDRESS =
886         "/portal/update_email_address";
887 
888     private static String _PATH_PORTAL_UPDATE_PASSWORD =
889         "/portal/update_password";
890 
891     private static String _PATH_PORTAL_UPDATE_REMINDER_QUERY =
892         "/portal/update_reminder_query";
893 
894     private static String _PATH_PORTAL_UPDATE_TERMS_OF_USE =
895         "/portal/update_terms_of_use";
896 
897     private static Log _log = LogFactoryUtil.getLog(
898         PortalRequestProcessor.class);
899 
900     private Set<String> _lastPaths;
901     private Set<String> _publicPaths;
902     private Set<String> _trackerIgnorePaths;
903 
904 }