1
22
23 package com.liferay.portal.servlet;
24
25 import com.liferay.portal.NoSuchUserException;
26 import com.liferay.portal.PortalException;
27 import com.liferay.portal.SystemException;
28 import com.liferay.portal.kernel.util.GetterUtil;
29 import com.liferay.portal.kernel.util.MethodInvoker;
30 import com.liferay.portal.kernel.util.MethodWrapper;
31 import com.liferay.portal.kernel.util.ObjectValuePair;
32 import com.liferay.portal.kernel.util.Validator;
33 import com.liferay.portal.model.User;
34 import com.liferay.portal.security.auth.CompanyThreadLocal;
35 import com.liferay.portal.security.auth.HttpPrincipal;
36 import com.liferay.portal.security.auth.PrincipalThreadLocal;
37 import com.liferay.portal.security.permission.PermissionChecker;
38 import com.liferay.portal.security.permission.PermissionCheckerFactory;
39 import com.liferay.portal.security.permission.PermissionThreadLocal;
40 import com.liferay.portal.service.UserLocalServiceUtil;
41 import com.liferay.portal.util.PortalInstances;
42
43 import java.io.IOException;
44 import java.io.ObjectInputStream;
45 import java.io.ObjectOutputStream;
46
47 import java.lang.reflect.InvocationTargetException;
48
49 import javax.servlet.http.HttpServlet;
50 import javax.servlet.http.HttpServletRequest;
51 import javax.servlet.http.HttpServletResponse;
52
53 import org.apache.commons.logging.Log;
54 import org.apache.commons.logging.LogFactory;
55
56
63 public class TunnelServlet extends HttpServlet {
64
65 public void doPost(HttpServletRequest request, HttpServletResponse response)
66 throws IOException {
67
68 PermissionChecker permissionChecker = null;
69
70 try {
71 ObjectInputStream ois = new ObjectInputStream(
72 request.getInputStream());
73
74 Object returnObj = null;
75
76 try {
77 ObjectValuePair<HttpPrincipal, MethodWrapper> ovp =
78 (ObjectValuePair<HttpPrincipal, MethodWrapper>)
79 ois.readObject();
80
81 HttpPrincipal httpPrincipal = ovp.getKey();
82 MethodWrapper methodWrapper = ovp.getValue();
83
84 long companyId = PortalInstances.getCompanyId(request);
85
86 CompanyThreadLocal.setCompanyId(companyId);
87
88 if (Validator.isNotNull(httpPrincipal.getLogin())) {
89 User user = null;
90
91 try {
92 user = UserLocalServiceUtil.getUserByEmailAddress(
93 companyId, httpPrincipal.getLogin());
94 }
95 catch (NoSuchUserException nsue) {
96 }
97
98 if (user == null) {
99 try {
100 user = UserLocalServiceUtil.getUserByScreenName(
101 companyId, httpPrincipal.getLogin());
102 }
103 catch (NoSuchUserException nsue) {
104 }
105 }
106
107 if (user == null) {
108 try {
109 user = UserLocalServiceUtil.getUserById(
110 GetterUtil.getLong(httpPrincipal.getLogin()));
111 }
112 catch (NoSuchUserException nsue) {
113 }
114 }
115
116 if (user != null) {
117 PrincipalThreadLocal.setName(user.getUserId());
118
119 permissionChecker = PermissionCheckerFactory.create(
120 user, true);
121
122 PermissionThreadLocal.setPermissionChecker(
123 permissionChecker);
124 }
125 }
126
127 if (returnObj == null) {
128 returnObj = MethodInvoker.invoke(methodWrapper);
129 }
130 }
131 catch (InvocationTargetException ite) {
132 returnObj = ite.getCause();
133
134 if (!(returnObj instanceof PortalException)) {
135 ite.printStackTrace();
136
137 returnObj = new SystemException();
138 }
139 }
140 catch (Exception e) {
141 _log.error(e, e);
142 }
143
144 if (returnObj != null) {
145 ObjectOutputStream oos =
146 new ObjectOutputStream(response.getOutputStream());
147
148 oos.writeObject(returnObj);
149
150 oos.flush();
151 oos.close();
152 }
153 }
154 finally {
155 try {
156 PermissionCheckerFactory.recycle(permissionChecker);
157 }
158 catch (Exception e) {
159 }
160 }
161 }
162
163 private static Log _log = LogFactory.getLog(TunnelServlet.class);
164
165 }