1
22
23 package com.liferay.portal.spring.servlet;
24
25 import com.liferay.portal.kernel.log.Log;
26 import com.liferay.portal.kernel.log.LogFactoryUtil;
27 import com.liferay.portal.kernel.util.GetterUtil;
28 import com.liferay.portal.model.User;
29 import com.liferay.portal.security.auth.CompanyThreadLocal;
30 import com.liferay.portal.security.auth.PrincipalThreadLocal;
31 import com.liferay.portal.security.permission.PermissionChecker;
32 import com.liferay.portal.security.permission.PermissionCheckerFactory;
33 import com.liferay.portal.security.permission.PermissionThreadLocal;
34 import com.liferay.portal.service.UserLocalServiceUtil;
35 import com.liferay.portal.spring.context.TunnelApplicationContext;
36 import com.liferay.portal.util.PortalInstances;
37
38 import javax.servlet.ServletException;
39 import javax.servlet.http.HttpServletRequest;
40 import javax.servlet.http.HttpServletResponse;
41
42 import org.springframework.web.servlet.DispatcherServlet;
43
44
50 public class RemotingServlet extends DispatcherServlet {
51
52 public static final String CONTEXT_CLASS =
53 TunnelApplicationContext.class.getName();
54
55 public static final String CONTEXT_CONFIG_LOCATION =
56 "/WEB-INF/remoting-servlet.xml,/WEB-INF/remoting-servlet-ext.xml";
57
58 public Class<?> getContextClass() {
59 try {
60 return Class.forName(CONTEXT_CLASS);
61 }
62 catch (Exception e) {
63 _log.error(e);
64 }
65
66 return null;
67 }
68
69 public String getContextConfigLocation() {
70 return CONTEXT_CONFIG_LOCATION;
71 }
72
73 public void service(
74 HttpServletRequest request, HttpServletResponse response)
75 throws ServletException {
76
77 PermissionChecker permissionChecker = null;
78
79 try {
80 String remoteUser = request.getRemoteUser();
81
82 if (_log.isDebugEnabled()) {
83 _log.debug("Remote user " + remoteUser);
84 }
85
86 long companyId = PortalInstances.getCompanyId(request);
87
88 CompanyThreadLocal.setCompanyId(companyId);
89
90 if (remoteUser != null) {
91 PrincipalThreadLocal.setName(remoteUser);
92
93 long userId = GetterUtil.getLong(remoteUser);
94
95 User user = UserLocalServiceUtil.getUserById(userId);
96
97 permissionChecker = PermissionCheckerFactory.create(user, true);
98
99 PermissionThreadLocal.setPermissionChecker(permissionChecker);
100 }
101 else {
102 if (_log.isWarnEnabled()) {
103 _log.warn(
104 "User id is not provided. An exception will be " +
105 "thrown if a protected method is accessed.");
106 }
107 }
108
109 super.service(request, response);
110 }
111 catch (Exception e) {
112 throw new ServletException(e);
113 }
114 finally {
115 try {
116 PermissionCheckerFactory.recycle(permissionChecker);
117 }
118 catch (Exception e) {
119 }
120 }
121 }
122
123 private static Log _log = LogFactoryUtil.getLog(RemotingServlet.class);
124
125 }