1
22
23 package com.liferay.portal.spring.servlet;
24
25 import com.liferay.portal.kernel.util.GetterUtil;
26 import com.liferay.portal.model.User;
27 import com.liferay.portal.security.auth.CompanyThreadLocal;
28 import com.liferay.portal.security.auth.PrincipalThreadLocal;
29 import com.liferay.portal.security.permission.PermissionChecker;
30 import com.liferay.portal.security.permission.PermissionCheckerFactory;
31 import com.liferay.portal.security.permission.PermissionThreadLocal;
32 import com.liferay.portal.service.UserLocalServiceUtil;
33 import com.liferay.portal.spring.context.TunnelApplicationContext;
34 import com.liferay.portal.util.PortalInstances;
35
36 import javax.servlet.ServletException;
37 import javax.servlet.http.HttpServletRequest;
38 import javax.servlet.http.HttpServletResponse;
39
40 import org.apache.commons.logging.Log;
41 import org.apache.commons.logging.LogFactory;
42
43 import org.springframework.web.servlet.DispatcherServlet;
44
45
51 public class RemotingServlet extends DispatcherServlet {
52
53 public static final String CONTEXT_CLASS =
54 TunnelApplicationContext.class.getName();
55
56 public static final String CONTEXT_CONFIG_LOCATION =
57 "/WEB-INF/remoting-servlet.xml,/WEB-INF/remoting-servlet-ext.xml";
58
59 public Class<?> getContextClass() {
60 try {
61 return Class.forName(CONTEXT_CLASS);
62 }
63 catch (Exception e) {
64 _log.error(e);
65 }
66
67 return null;
68 }
69
70 public String getContextConfigLocation() {
71 return CONTEXT_CONFIG_LOCATION;
72 }
73
74 public void service(
75 HttpServletRequest request, HttpServletResponse response)
76 throws ServletException {
77
78 PermissionChecker permissionChecker = null;
79
80 try {
81 String remoteUser = request.getRemoteUser();
82
83 if (_log.isDebugEnabled()) {
84 _log.debug("Remote user " + remoteUser);
85 }
86
87 long companyId = PortalInstances.getCompanyId(request);
88
89 CompanyThreadLocal.setCompanyId(companyId);
90
91 if (remoteUser != null) {
92 PrincipalThreadLocal.setName(remoteUser);
93
94 long userId = GetterUtil.getLong(remoteUser);
95
96 User user = UserLocalServiceUtil.getUserById(userId);
97
98 permissionChecker = PermissionCheckerFactory.create(user, true);
99
100 PermissionThreadLocal.setPermissionChecker(permissionChecker);
101 }
102 else {
103 if (_log.isWarnEnabled()) {
104 _log.warn(
105 "User id is not provided. An exception will be " +
106 "thrown if a protected method is accessed.");
107 }
108 }
109
110 super.service(request, response);
111 }
112 catch (Exception e) {
113 throw new ServletException(e);
114 }
115 finally {
116 try {
117 PermissionCheckerFactory.recycle(permissionChecker);
118 }
119 catch (Exception e) {
120 }
121 }
122 }
123
124 private static Log _log = LogFactory.getLog(RemotingServlet.class);
125
126 }