1
22
23 package com.liferay.portal.spring.servlet;
24
25 import com.liferay.portal.kernel.util.GetterUtil;
26 import com.liferay.portal.model.User;
27 import com.liferay.portal.security.auth.CompanyThreadLocal;
28 import com.liferay.portal.security.auth.PrincipalThreadLocal;
29 import com.liferay.portal.security.permission.PermissionCheckerFactory;
30 import com.liferay.portal.security.permission.PermissionCheckerImpl;
31 import com.liferay.portal.security.permission.PermissionThreadLocal;
32 import com.liferay.portal.service.UserLocalServiceUtil;
33 import com.liferay.portal.util.PortalInstances;
34 import com.liferay.util.spring.context.LazyWebApplicationContext;
35
36 import java.io.IOException;
37
38 import javax.servlet.ServletException;
39 import javax.servlet.http.HttpServletRequest;
40 import javax.servlet.http.HttpServletResponse;
41
42 import org.apache.commons.logging.Log;
43 import org.apache.commons.logging.LogFactory;
44
45 import org.springframework.web.servlet.DispatcherServlet;
46
47
53 public class RemotingServlet extends DispatcherServlet {
54
55 public static final String CONTEXT_CLASS =
56 LazyWebApplicationContext.class.getName();
57
58 public static final String CONTEXT_CONFIG_LOCATION =
59 "/WEB-INF/remoting-servlet.xml,/WEB-INF/remoting-servlet-ext.xml";
60
61 public Class<?> getContextClass() {
62 try {
63 return Class.forName(CONTEXT_CLASS);
64 }
65 catch (Exception e) {
66 _log.error(e);
67 }
68
69 return null;
70 }
71
72 public String getContextConfigLocation() {
73 return CONTEXT_CONFIG_LOCATION;
74 }
75
76 public void service(HttpServletRequest req, HttpServletResponse res)
77 throws IOException, ServletException {
78
79 PermissionCheckerImpl permissionChecker = null;
80
81 try {
82 String remoteUser = req.getRemoteUser();
83
84 if (_log.isDebugEnabled()) {
85 _log.debug("Remote user " + remoteUser);
86 }
87
88 long companyId = PortalInstances.getCompanyId(req);
89
90 CompanyThreadLocal.setCompanyId(companyId);
91
92 if (remoteUser != null) {
93 PrincipalThreadLocal.setName(remoteUser);
94
95 long userId = GetterUtil.getLong(remoteUser);
96
97 User user = UserLocalServiceUtil.getUserById(userId);
98
99 permissionChecker = PermissionCheckerFactory.create(user, true);
100
101 PermissionThreadLocal.setPermissionChecker(permissionChecker);
102 }
103 else {
104 if (_log.isWarnEnabled()) {
105 _log.warn(
106 "User id is not provided. An exception will be " +
107 "thrown if a protected method is accessed.");
108 }
109 }
110
111 super.service(req, res);
112 }
113 catch (Exception e) {
114 throw new ServletException(e);
115 }
116 finally {
117 try {
118 PermissionCheckerFactory.recycle(permissionChecker);
119 }
120 catch (Exception e) {
121 }
122 }
123 }
124
125 private static Log _log = LogFactory.getLog(RemotingServlet.class);
126
127 }