1   /**
2    * Copyright (c) 2000-2009 Liferay, Inc. All rights reserved.
3    *
4    * The contents of this file are subject to the terms of the Liferay Enterprise
5    * Subscription License ("License"). You may not use this file except in
6    * compliance with the License. You can obtain a copy of the License by
7    * contacting Liferay, Inc. See the License for the specific language governing
8    * permissions and limitations under the License, including but not limited to
9    * distribution rights of the Software.
10   *
11   * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
12   * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
13   * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
14   * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
15   * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
16   * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
17   * SOFTWARE.
18   */
19  
20  package com.liferay.portal.struts;
21  
22  import com.liferay.portal.LayoutPermissionException;
23  import com.liferay.portal.PortletActiveException;
24  import com.liferay.portal.RequiredLayoutException;
25  import com.liferay.portal.RequiredRoleException;
26  import com.liferay.portal.UserActiveException;
27  import com.liferay.portal.kernel.log.Log;
28  import com.liferay.portal.kernel.log.LogFactoryUtil;
29  import com.liferay.portal.kernel.portlet.FriendlyURLMapper;
30  import com.liferay.portal.kernel.servlet.HttpMethods;
31  import com.liferay.portal.kernel.servlet.SessionErrors;
32  import com.liferay.portal.kernel.util.HttpUtil;
33  import com.liferay.portal.kernel.util.JavaConstants;
34  import com.liferay.portal.kernel.util.ParamUtil;
35  import com.liferay.portal.kernel.util.StringPool;
36  import com.liferay.portal.kernel.util.Validator;
37  import com.liferay.portal.liveusers.LiveUsers;
38  import com.liferay.portal.model.Layout;
39  import com.liferay.portal.model.LayoutConstants;
40  import com.liferay.portal.model.Portlet;
41  import com.liferay.portal.model.PortletPreferencesIds;
42  import com.liferay.portal.model.User;
43  import com.liferay.portal.model.UserTracker;
44  import com.liferay.portal.model.UserTrackerPath;
45  import com.liferay.portal.security.auth.PrincipalException;
46  import com.liferay.portal.security.permission.ActionKeys;
47  import com.liferay.portal.security.permission.PermissionChecker;
48  import com.liferay.portal.service.LayoutLocalServiceUtil;
49  import com.liferay.portal.service.PortletLocalServiceUtil;
50  import com.liferay.portal.service.PortletPreferencesLocalServiceUtil;
51  import com.liferay.portal.service.permission.PortletPermissionUtil;
52  import com.liferay.portal.service.persistence.UserTrackerPathUtil;
53  import com.liferay.portal.theme.ThemeDisplay;
54  import com.liferay.portal.util.PortalUtil;
55  import com.liferay.portal.util.PropsKeys;
56  import com.liferay.portal.util.PropsUtil;
57  import com.liferay.portal.util.PropsValues;
58  import com.liferay.portal.util.WebKeys;
59  import com.liferay.portlet.InvokerPortlet;
60  import com.liferay.portlet.PortletConfigFactory;
61  import com.liferay.portlet.PortletInstanceFactory;
62  import com.liferay.portlet.PortletPreferencesFactoryUtil;
63  import com.liferay.portlet.PortletURLImpl;
64  import com.liferay.portlet.RenderRequestFactory;
65  import com.liferay.portlet.RenderRequestImpl;
66  import com.liferay.portlet.RenderResponseFactory;
67  import com.liferay.portlet.RenderResponseImpl;
68  
69  import java.io.IOException;
70  
71  import java.util.Date;
72  import java.util.HashSet;
73  import java.util.Iterator;
74  import java.util.List;
75  import java.util.Map.Entry;
76  import java.util.Map;
77  import java.util.Set;
78  
79  import javax.portlet.PortletConfig;
80  import javax.portlet.PortletContext;
81  import javax.portlet.PortletMode;
82  import javax.portlet.PortletPreferences;
83  import javax.portlet.PortletRequest;
84  import javax.portlet.WindowState;
85  
86  import javax.servlet.ServletContext;
87  import javax.servlet.ServletException;
88  import javax.servlet.http.HttpServletRequest;
89  import javax.servlet.http.HttpServletResponse;
90  import javax.servlet.http.HttpSession;
91  import javax.servlet.jsp.PageContext;
92  
93  import org.apache.struts.action.ActionMapping;
94  import org.apache.struts.config.ForwardConfig;
95  import org.apache.struts.tiles.TilesRequestProcessor;
96  
97  /**
98   * <a href="PortalRequestProcessor.java.html"><b><i>View Source</i></b></a>
99   *
100  * @author Brian Wing Shun Chan
101  * @author Jorge Ferrer
102  *
103  */
104 public class PortalRequestProcessor extends TilesRequestProcessor {
105 
106     public PortalRequestProcessor() {
107 
108         // auth.forward.last.path.
109 
110         _lastPaths = new HashSet<String>();
111 
112         _lastPaths.add(_PATH_PORTAL_LAYOUT);
113 
114         addPaths(_lastPaths, PropsKeys.AUTH_FORWARD_LAST_PATHS);
115 
116         // auth.public.path.
117 
118         _publicPaths = new HashSet<String>();
119 
120         _publicPaths.add(_PATH_C);
121         _publicPaths.add(_PATH_PORTAL_FLASH);
122         _publicPaths.add(_PATH_PORTAL_J_LOGIN);
123         _publicPaths.add(_PATH_PORTAL_LAYOUT);
124         _publicPaths.add(_PATH_PORTAL_LOGIN);
125         _publicPaths.add(_PATH_PORTAL_LOGIN_CAPTCHA);
126         _publicPaths.add(_PATH_PORTAL_RENDER_PORTLET);
127         _publicPaths.add(_PATH_PORTAL_TCK);
128 
129         addPaths(_publicPaths, PropsKeys.AUTH_PUBLIC_PATHS);
130 
131         _trackerIgnorePaths = new HashSet<String>();
132 
133         addPaths(_trackerIgnorePaths, PropsKeys.SESSION_TRACKER_IGNORE_PATHS);
134     }
135 
136     public void process(
137             HttpServletRequest request, HttpServletResponse response)
138         throws IOException, ServletException {
139 
140         String path = super.processPath(request, response);
141 
142         ActionMapping mapping = (ActionMapping)moduleConfig.findActionConfig(
143             path);
144 
145         if ((mapping == null) && !path.startsWith(_PATH_WSRP)) {
146             String lastPath = getLastPath(request);
147 
148             if (_log.isDebugEnabled()) {
149                 _log.debug("Last path " + lastPath);
150             }
151 
152             response.sendRedirect(lastPath);
153 
154             return;
155         }
156 
157         super.process(request, response);
158 
159         try {
160             if (isPortletPath(path)) {
161                 cleanUp(request);
162             }
163         }
164         catch (Exception e) {
165             _log.error(e, e);
166         }
167     }
168 
169     protected void addPaths(Set<String> paths, String propsKey) {
170         String[] pathsArray = PropsUtil.getArray(propsKey);
171 
172         for (String path : pathsArray) {
173             paths.add(path);
174         }
175     }
176 
177     protected void callParentDoForward(
178             String uri, HttpServletRequest request,
179             HttpServletResponse response)
180         throws IOException, ServletException {
181 
182         super.doForward(uri, request, response);
183     }
184 
185     protected HttpServletRequest callParentProcessMultipart(
186         HttpServletRequest request) {
187 
188         return super.processMultipart(request);
189     }
190 
191     protected String callParentProcessPath(
192             HttpServletRequest request, HttpServletResponse response)
193         throws IOException {
194 
195         return super.processPath(request, response);
196     }
197 
198     protected boolean callParentProcessRoles(
199             HttpServletRequest request, HttpServletResponse response,
200             ActionMapping mapping)
201         throws IOException, ServletException {
202 
203         return super.processRoles(request, response, mapping);
204     }
205 
206     protected void cleanUp(HttpServletRequest request) throws Exception {
207 
208         // Clean up portlet objects that may have been created by defineObjects
209         // for portlets that are called directly from a Struts path
210 
211         RenderRequestImpl renderRequestImpl =
212             (RenderRequestImpl)request.getAttribute(
213                 JavaConstants.JAVAX_PORTLET_REQUEST);
214 
215         if (renderRequestImpl != null) {
216             RenderRequestFactory.recycle(renderRequestImpl);
217         }
218 
219         RenderResponseImpl renderResponseImpl =
220             (RenderResponseImpl)request.getAttribute(
221                 JavaConstants.JAVAX_PORTLET_RESPONSE);
222 
223         if (renderResponseImpl != null) {
224             RenderResponseFactory.recycle(renderResponseImpl);
225         }
226     }
227 
228     protected void defineObjects(
229             HttpServletRequest request, HttpServletResponse response,
230             Portlet portlet)
231         throws Exception {
232 
233         String portletId = portlet.getPortletId();
234 
235         ServletContext servletContext = (ServletContext)request.getAttribute(
236             WebKeys.CTX);
237 
238         InvokerPortlet invokerPortlet = PortletInstanceFactory.create(
239             portlet, servletContext);
240 
241         PortletPreferencesIds portletPreferencesIds =
242             PortletPreferencesFactoryUtil.getPortletPreferencesIds(
243                 request, portletId);
244 
245         PortletPreferences portletPreferences =
246             PortletPreferencesLocalServiceUtil.getPreferences(
247                 portletPreferencesIds);
248 
249         PortletConfig portletConfig = PortletConfigFactory.create(
250             portlet, servletContext);
251         PortletContext portletContext = portletConfig.getPortletContext();
252 
253         RenderRequestImpl renderRequestImpl = RenderRequestFactory.create(
254             request, portlet, invokerPortlet, portletContext,
255             WindowState.MAXIMIZED, PortletMode.VIEW, portletPreferences);
256 
257         RenderResponseImpl renderResponseImpl = RenderResponseFactory.create(
258             renderRequestImpl, response, portletId, portlet.getCompanyId());
259 
260         renderRequestImpl.defineObjects(portletConfig, renderResponseImpl);
261 
262         request.setAttribute(WebKeys.PORTLET_STRUTS_EXECUTE, Boolean.TRUE);
263     }
264 
265     protected void doForward(
266             String uri, HttpServletRequest request,
267             HttpServletResponse response)
268         throws ServletException {
269 
270         StrutsUtil.forward(uri, getServletContext(), request, response);
271     }
272 
273     protected void doInclude(
274             String uri, HttpServletRequest request,
275             HttpServletResponse response)
276         throws ServletException {
277 
278         StrutsUtil.include(uri, getServletContext(), request, response);
279     }
280 
281     protected StringBuilder getFriendlyTrackerPath(
282             String path, ThemeDisplay themeDisplay, HttpServletRequest request)
283         throws Exception {
284 
285         if (!path.equals(_PATH_PORTAL_LAYOUT)) {
286             return null;
287         }
288 
289         long plid = ParamUtil.getLong(request, "p_l_id");
290 
291         if (plid == 0) {
292             return null;
293         }
294 
295         Layout layout = LayoutLocalServiceUtil.getLayout(plid);
296 
297         String layoutFriendlyURL = PortalUtil.getLayoutFriendlyURL(
298             layout, themeDisplay);
299 
300         StringBuilder sb = new StringBuilder();
301 
302         sb.append(layoutFriendlyURL);
303 
304         String portletId = ParamUtil.getString(request, "p_p_id");
305 
306         if (Validator.isNull(portletId)) {
307             return sb;
308         }
309 
310         long companyId = PortalUtil.getCompanyId(request);
311 
312         Portlet portlet = PortletLocalServiceUtil.getPortletById(
313             companyId, portletId);
314 
315         if (portlet == null) {
316             String strutsPath = path.substring(
317                 1, path.lastIndexOf(StringPool.SLASH));
318 
319             portlet = PortletLocalServiceUtil.getPortletByStrutsPath(
320                 companyId, strutsPath);
321         }
322 
323         if ((portlet == null) || !portlet.isActive()) {
324             sb.append(StringPool.QUESTION);
325             sb.append(request.getQueryString());
326 
327             return sb;
328         }
329 
330         String namespace = PortalUtil.getPortletNamespace(portletId);
331 
332         FriendlyURLMapper friendlyURLMapper =
333             portlet.getFriendlyURLMapperInstance();
334 
335         if (friendlyURLMapper == null) {
336             sb.append(StringPool.QUESTION);
337             sb.append(request.getQueryString());
338 
339             return sb;
340         }
341 
342         PortletURLImpl portletURL = new PortletURLImpl(
343             request, portletId, plid, PortletRequest.RENDER_PHASE);
344 
345         Iterator<Map.Entry<String, String[]>> itr =
346             request.getParameterMap().entrySet().iterator();
347 
348         while (itr.hasNext()) {
349             Entry<String, String[]> entry = itr.next();
350 
351             String key = entry.getKey();
352 
353             if (key.startsWith(namespace)) {
354                 key = key.substring(namespace.length());
355 
356                 portletURL.setParameter(key, entry.getValue());
357             }
358         }
359 
360         String portletFriendlyURL = friendlyURLMapper.buildPath(portletURL);
361 
362         if (portletFriendlyURL != null) {
363             sb.append(portletFriendlyURL);
364         }
365         else {
366             sb.append(StringPool.QUESTION);
367             sb.append(request.getQueryString());
368         }
369 
370         return sb;
371     }
372 
373     protected String getLastPath(HttpServletRequest request) {
374         HttpSession session = request.getSession();
375 
376         ThemeDisplay themeDisplay = (ThemeDisplay)request.getAttribute(
377             WebKeys.THEME_DISPLAY);
378 
379         Boolean httpsInitial = (Boolean)session.getAttribute(
380             WebKeys.HTTPS_INITIAL);
381 
382         String portalURL = null;
383 
384         if ((PropsValues.COMPANY_SECURITY_AUTH_REQUIRES_HTTPS) &&
385             (httpsInitial != null) && (!httpsInitial.booleanValue())) {
386 
387             portalURL = PortalUtil.getPortalURL(request, false);
388         }
389         else {
390             portalURL = PortalUtil.getPortalURL(request);
391         }
392 
393         StringBuilder sb = new StringBuilder();
394 
395         sb.append(portalURL);
396         sb.append(themeDisplay.getPathMain());
397         sb.append(_PATH_PORTAL_LAYOUT);
398 
399         if (!PropsValues.AUTH_FORWARD_BY_LAST_PATH) {
400             if (request.getRemoteUser() != null) {
401 
402                 // If we do not forward by last path and the user is logged in,
403                 // forward to the user's default layout to prevent a lagging
404                 // loop
405 
406                 sb.append(StringPool.QUESTION);
407                 sb.append("p_l_id");
408                 sb.append(StringPool.EQUAL);
409                 sb.append(LayoutConstants.DEFAULT_PLID);
410             }
411 
412             return sb.toString();
413         }
414 
415         LastPath lastPath = (LastPath)session.getAttribute(WebKeys.LAST_PATH);
416 
417         if (lastPath == null) {
418             return sb.toString();
419         }
420 
421         Map<String, String[]> parameterMap = lastPath.getParameterMap();
422 
423         // Only test for existing mappings for last paths that were set when the
424         // user accessed a layout directly instead of through its friendly URL
425 
426         if (lastPath.getContextPath().equals(themeDisplay.getPathMain())) {
427             ActionMapping mapping =
428                 (ActionMapping)moduleConfig.findActionConfig(
429                     lastPath.getPath());
430 
431             if ((mapping == null) || (parameterMap == null)) {
432                 return sb.toString();
433             }
434         }
435 
436         StringBuilder lastPathSB = new StringBuilder();
437 
438         lastPathSB.append(portalURL);
439         lastPathSB.append(lastPath.getContextPath());
440         lastPathSB.append(lastPath.getPath());
441         lastPathSB.append(HttpUtil.parameterMapToString(parameterMap));
442 
443         return lastPathSB.toString();
444     }
445 
446     protected boolean isPortletPath(String path) {
447         if ((path != null) &&
448             (!path.equals(_PATH_C)) &&
449             (!path.startsWith(_PATH_COMMON)) &&
450             (path.indexOf(_PATH_J_SECURITY_CHECK) == -1) &&
451             (!path.startsWith(_PATH_PORTAL)) &&
452             (!path.startsWith(_PATH_WSRP))) {
453 
454             return true;
455         }
456         else {
457             return false;
458         }
459     }
460 
461     protected boolean isPublicPath(String path) {
462         if ((path != null) &&
463             (_publicPaths.contains(path)) ||
464             (path.startsWith(_PATH_COMMON)) ||
465             (path.startsWith(_PATH_WSRP))) {
466 
467             return true;
468         }
469         else {
470             return false;
471         }
472     }
473 
474     protected ActionMapping processMapping(
475             HttpServletRequest request, HttpServletResponse response,
476             String path)
477         throws IOException {
478 
479         if (path == null) {
480             return null;
481         }
482 
483         ActionMapping mapping = super.processMapping(request, response, path);
484 
485         if (mapping == null) {
486             String msg = getInternal().getMessage("processInvalid");
487 
488             _log.error("User ID " + request.getRemoteUser());
489             _log.error("Current URL " + PortalUtil.getCurrentURL(request));
490             _log.error("Referer " + request.getHeader("Referer"));
491             _log.error("Remote address " + request.getRemoteAddr());
492 
493             _log.error(msg + " " + path);
494         }
495 
496         return mapping;
497     }
498 
499     protected HttpServletRequest processMultipart(HttpServletRequest request) {
500 
501         // Disable Struts from automatically wrapping a multipart request
502 
503         return request;
504     }
505 
506     protected String processPath(
507             HttpServletRequest request, HttpServletResponse response)
508         throws IOException {
509 
510         String path = super.processPath(request, response);
511 
512         HttpSession session = request.getSession();
513 
514         ThemeDisplay themeDisplay = (ThemeDisplay)request.getAttribute(
515             WebKeys.THEME_DISPLAY);
516 
517         // Current users
518 
519         UserTracker userTracker = LiveUsers.getUserTracker(
520             themeDisplay.getCompanyId(), session.getId());
521 
522         if ((userTracker != null) && (path != null) &&
523             (!path.equals(_PATH_C)) &&
524             (path.indexOf(_PATH_J_SECURITY_CHECK) == -1) &&
525             (path.indexOf(_PATH_PORTAL_PROTECTED) == -1) &&
526             (!_trackerIgnorePaths.contains(path))) {
527 
528             StringBuilder sb = null;
529 
530             try {
531                 if (PropsValues.SESSION_TRACKER_FRIENDLY_PATHS_ENABLED) {
532                     sb = getFriendlyTrackerPath(path, themeDisplay, request);
533                 }
534             }
535             catch (Exception e) {
536                 _log.error(e, e);
537             }
538 
539             if (sb == null) {
540                 sb = new StringBuilder();
541 
542                 sb.append(path);
543                 sb.append(StringPool.QUESTION);
544                 sb.append(request.getQueryString());
545             }
546 
547             UserTrackerPath userTrackerPath = UserTrackerPathUtil.create(0);
548 
549             userTrackerPath.setUserTrackerId(userTracker.getUserTrackerId());
550             userTrackerPath.setPath(sb.toString());
551             userTrackerPath.setPathDate(new Date());
552 
553             userTracker.addPath(userTrackerPath);
554         }
555 
556         String remoteUser = request.getRemoteUser();
557 
558         User user = null;
559 
560         try {
561             user = PortalUtil.getUser(request);
562         }
563         catch (Exception e) {
564         }
565 
566         // Last path
567 
568         if ((path != null) && (_lastPaths.contains(path)) &&
569             (!_trackerIgnorePaths.contains(path))) {
570 
571             boolean saveLastPath = ParamUtil.getBoolean(
572                 request, "saveLastPath", true);
573 
574             if (themeDisplay.isLifecycleResource() ||
575                 themeDisplay.isStateExclusive() ||
576                 themeDisplay.isStatePopUp() ||
577                 !request.getMethod().equalsIgnoreCase(HttpMethods.GET)) {
578 
579                 saveLastPath = false;
580             }
581 
582             // Save last path
583 
584             if (saveLastPath) {
585 
586                 // Was a last path set by another servlet that dispatched to
587                 // the MainServlet? If so, use that last path instead.
588 
589                 LastPath lastPath = (LastPath)request.getAttribute(
590                     WebKeys.LAST_PATH);
591 
592                 if (lastPath == null) {
593                     lastPath = new LastPath(
594                         themeDisplay.getPathMain(), path,
595                         request.getParameterMap());
596                 }
597 
598                 session.setAttribute(WebKeys.LAST_PATH, lastPath);
599             }
600         }
601 
602         // Authenticated users can always log out
603 
604         if (((remoteUser != null) || (user != null)) && (path != null) &&
605             (path.equals(_PATH_PORTAL_LOGOUT))) {
606 
607             return path;
608         }
609 
610         // Authenticated users can always extend or confirm their session
611 
612         if (((remoteUser != null) || (user != null)) && (path != null) &&
613             (path.equals(_PATH_PORTAL_EXPIRE_SESSION) ||
614              path.equals(_PATH_PORTAL_EXTEND_SESSION))) {
615 
616             return path;
617         }
618 
619         // Authenticated users can always agree to terms of use
620 
621         if (((remoteUser != null) || (user != null)) && (path != null) &&
622             (path.equals(_PATH_PORTAL_UPDATE_TERMS_OF_USE))) {
623 
624             return path;
625         }
626 
627         // Authenticated users must still exist in the system
628 
629         if ((remoteUser != null) && (user == null)) {
630             return _PATH_PORTAL_LOGOUT;
631         }
632 
633         // Authenticated users must agree to Terms of Use
634 
635         if ((user != null) && (!user.isAgreedToTermsOfUse())) {
636             if (PropsValues.TERMS_OF_USE_REQUIRED) {
637                 return _PATH_PORTAL_TERMS_OF_USE;
638             }
639         }
640 
641         // Authenticated users must be active
642 
643         if ((user != null) && (!user.isActive())) {
644             SessionErrors.add(request, UserActiveException.class.getName());
645 
646             return _PATH_PORTAL_ERROR;
647         }
648 
649         // Authenticated users must have a current password
650 
651         if ((user != null) && (user.isPasswordReset())) {
652             return _PATH_PORTAL_CHANGE_PASSWORD;
653         }
654 
655         // Authenticated users must have at least one personalized page
656 
657         if (user != null) {
658             List<Layout> layouts = themeDisplay.getLayouts();
659 
660             if ((layouts == null) || (layouts.size() == 0)) {
661                 SessionErrors.add(
662                     request, RequiredLayoutException.class.getName());
663 
664                 return _PATH_PORTAL_ERROR;
665             }
666         }
667 
668         // Users must sign in
669 
670         if (!isPublicPath(path)) {
671             if (user == null) {
672                 SessionErrors.add(request, PrincipalException.class.getName());
673 
674                 return _PATH_PORTAL_LOGIN;
675             }
676         }
677 
678         ActionMapping mapping =
679             (ActionMapping)moduleConfig.findActionConfig(path);
680 
681         if (path.startsWith(_PATH_WSRP)) {
682             path = _PATH_WSRP;
683         }
684         else {
685             path = mapping.getPath();
686         }
687 
688         // Authenticated users must have at least one role
689 
690         if (user != null) {
691             try {
692 
693                 // FIX ME
694 
695                 if (false) {
696                     SessionErrors.add(
697                         request, RequiredRoleException.class.getName());
698 
699                     return _PATH_PORTAL_ERROR;
700                 }
701             }
702             catch (Exception e) {
703                 e.printStackTrace();
704             }
705         }
706 
707         // Define the portlet objects
708 
709         if (isPortletPath(path)) {
710             try {
711                 Portlet portlet = null;
712 
713                 long companyId = PortalUtil.getCompanyId(request);
714                 String portletId = ParamUtil.getString(request, "p_p_id");
715 
716                 if (Validator.isNotNull(portletId)) {
717                     portlet = PortletLocalServiceUtil.getPortletById(
718                         companyId, portletId);
719                 }
720 
721                 if (portlet == null) {
722                     String strutsPath = path.substring(
723                         1, path.lastIndexOf(StringPool.SLASH));
724 
725                     portlet = PortletLocalServiceUtil.getPortletByStrutsPath(
726                         companyId, strutsPath);
727                 }
728 
729                 if ((portlet != null) && portlet.isActive()) {
730                     defineObjects(request, response, portlet);
731                 }
732             }
733             catch (Exception e) {
734                 request.setAttribute(PageContext.EXCEPTION, e);
735 
736                 path = _PATH_COMMON_ERROR;
737             }
738         }
739 
740         // Authenticated users must have access to at least one layout
741 
742         if (SessionErrors.contains(
743                 request, LayoutPermissionException.class.getName())) {
744 
745             return _PATH_PORTAL_ERROR;
746         }
747 
748         return path;
749     }
750 
751     protected boolean processRoles(
752             HttpServletRequest request, HttpServletResponse response,
753             ActionMapping mapping)
754         throws IOException, ServletException {
755 
756         String path = mapping.getPath();
757 
758         if (isPublicPath(path)) {
759             return true;
760         }
761 
762         boolean authorized = true;
763 
764         User user = null;
765 
766         try {
767             user = PortalUtil.getUser(request);
768         }
769         catch (Exception e) {
770         }
771 
772         if ((user != null) && isPortletPath(path)) {
773             try {
774 
775                 // Authenticated users can always log out
776 
777                 if (path.equals(_PATH_PORTAL_LOGOUT)) {
778                     return true;
779                 }
780 
781                 Portlet portlet = null;
782 
783                 String portletId = ParamUtil.getString(request, "p_p_id");
784 
785                 if (Validator.isNotNull(portletId)) {
786                     portlet = PortletLocalServiceUtil.getPortletById(
787                         user.getCompanyId(), portletId);
788                 }
789 
790                 String strutsPath = path.substring(
791                     1, path.lastIndexOf(StringPool.SLASH));
792 
793                 if (portlet != null) {
794                     if (!strutsPath.equals(portlet.getStrutsPath())) {
795                         throw new PrincipalException();
796                     }
797                 }
798                 else {
799                     portlet = PortletLocalServiceUtil.getPortletByStrutsPath(
800                         user.getCompanyId(), strutsPath);
801                 }
802 
803                 if ((portlet != null) && portlet.isActive()) {
804                     ThemeDisplay themeDisplay =
805                         (ThemeDisplay)request.getAttribute(
806                             WebKeys.THEME_DISPLAY);
807 
808                     Layout layout = themeDisplay.getLayout();
809                     PermissionChecker permissionChecker =
810                         themeDisplay.getPermissionChecker();
811 
812                     if (!PortletPermissionUtil.contains(
813                             permissionChecker, layout.getPlid(), portlet,
814                             ActionKeys.VIEW)) {
815 
816                         throw new PrincipalException();
817                     }
818                 }
819                 else if (portlet != null && !portlet.isActive()) {
820                     SessionErrors.add(
821                         request, PortletActiveException.class.getName());
822 
823                     authorized = false;
824                 }
825             }
826             catch (Exception e) {
827                 SessionErrors.add(request, PrincipalException.class.getName());
828 
829                 authorized = false;
830             }
831         }
832 
833         if (!authorized) {
834             ForwardConfig forwardConfig =
835                 mapping.findForward(_PATH_PORTAL_ERROR);
836 
837             processForwardConfig(request, response, forwardConfig);
838 
839             return false;
840         }
841         else {
842             return true;
843         }
844     }
845 
846     private static String _PATH_C = "/c";
847 
848     private static String _PATH_COMMON = "/common";
849 
850     private static String _PATH_COMMON_ERROR = "/common/error";
851 
852     private static String _PATH_J_SECURITY_CHECK = "/j_security_check";
853 
854     private static String _PATH_PORTAL = "/portal";
855 
856     private static String _PATH_PORTAL_CHANGE_PASSWORD =
857         "/portal/change_password";
858 
859     private static String _PATH_PORTAL_ERROR = "/portal/error";
860 
861     private static String _PATH_PORTAL_EXPIRE_SESSION =
862         "/portal/expire_session";
863 
864     private static String _PATH_PORTAL_EXTEND_SESSION =
865         "/portal/extend_session";
866 
867     private static String _PATH_PORTAL_FLASH = "/portal/flash";
868 
869     private static String _PATH_PORTAL_J_LOGIN = "/portal/j_login";
870 
871     private static String _PATH_PORTAL_LAYOUT = "/portal/layout";
872 
873     private static String _PATH_PORTAL_LOGIN = "/portal/login";
874 
875     private static String _PATH_PORTAL_LOGIN_CAPTCHA = "/portal/login_captcha";
876 
877     private static String _PATH_PORTAL_LOGOUT = "/portal/logout";
878 
879     private static String _PATH_PORTAL_PROTECTED = "/portal/protected";
880 
881     private static String _PATH_PORTAL_RENDER_PORTLET =
882         "/portal/render_portlet";
883 
884     private static String _PATH_PORTAL_TCK = "/portal/tck";
885 
886     private static String _PATH_PORTAL_TERMS_OF_USE = "/portal/terms_of_use";
887 
888     private static String _PATH_PORTAL_UPDATE_TERMS_OF_USE =
889         "/portal/update_terms_of_use";
890 
891     private static String _PATH_WSRP = "/wsrp";
892 
893     private static Log _log =
894          LogFactoryUtil.getLog(PortalRequestProcessor.class);
895 
896     private Set<String> _lastPaths;
897     private Set<String> _publicPaths;
898     private Set<String> _trackerIgnorePaths;
899 
900 }