1   /**
2    * Copyright (c) 2000-2009 Liferay, Inc. All rights reserved.
3    *
4    *
5    *
6    *
7    * The contents of this file are subject to the terms of the Liferay Enterprise
8    * Subscription License ("License"). You may not use this file except in
9    * compliance with the License. You can obtain a copy of the License by
10   * contacting Liferay, Inc. See the License for the specific language governing
11   * permissions and limitations under the License, including but not limited to
12   * distribution rights of the Software.
13   *
14   * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
15   * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
16   * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
17   * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
18   * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
19   * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
20   * SOFTWARE.
21   */
22  
23  package com.liferay.portal.struts;
24  
25  import com.liferay.portal.LayoutPermissionException;
26  import com.liferay.portal.PortletActiveException;
27  import com.liferay.portal.RequiredRoleException;
28  import com.liferay.portal.SystemException;
29  import com.liferay.portal.UserActiveException;
30  import com.liferay.portal.kernel.log.Log;
31  import com.liferay.portal.kernel.log.LogFactoryUtil;
32  import com.liferay.portal.kernel.portlet.FriendlyURLMapper;
33  import com.liferay.portal.kernel.servlet.HttpMethods;
34  import com.liferay.portal.kernel.servlet.SessionErrors;
35  import com.liferay.portal.kernel.util.GetterUtil;
36  import com.liferay.portal.kernel.util.HttpUtil;
37  import com.liferay.portal.kernel.util.JavaConstants;
38  import com.liferay.portal.kernel.util.ParamUtil;
39  import com.liferay.portal.kernel.util.PropsKeys;
40  import com.liferay.portal.kernel.util.StringPool;
41  import com.liferay.portal.kernel.util.Validator;
42  import com.liferay.portal.liveusers.LiveUsers;
43  import com.liferay.portal.model.Layout;
44  import com.liferay.portal.model.LayoutConstants;
45  import com.liferay.portal.model.Portlet;
46  import com.liferay.portal.model.PortletPreferencesIds;
47  import com.liferay.portal.model.User;
48  import com.liferay.portal.model.UserTracker;
49  import com.liferay.portal.model.UserTrackerPath;
50  import com.liferay.portal.security.auth.PrincipalException;
51  import com.liferay.portal.security.permission.ActionKeys;
52  import com.liferay.portal.security.permission.PermissionChecker;
53  import com.liferay.portal.service.LayoutLocalServiceUtil;
54  import com.liferay.portal.service.PortletLocalServiceUtil;
55  import com.liferay.portal.service.PortletPreferencesLocalServiceUtil;
56  import com.liferay.portal.service.permission.PortletPermissionUtil;
57  import com.liferay.portal.service.persistence.UserTrackerPathUtil;
58  import com.liferay.portal.theme.ThemeDisplay;
59  import com.liferay.portal.util.PortalUtil;
60  import com.liferay.portal.util.PrefsPropsUtil;
61  import com.liferay.portal.util.PropsUtil;
62  import com.liferay.portal.util.PropsValues;
63  import com.liferay.portal.util.WebKeys;
64  import com.liferay.portlet.InvokerPortlet;
65  import com.liferay.portlet.PortletConfigFactory;
66  import com.liferay.portlet.PortletInstanceFactoryUtil;
67  import com.liferay.portlet.PortletPreferencesFactoryUtil;
68  import com.liferay.portlet.PortletURLImpl;
69  import com.liferay.portlet.RenderRequestFactory;
70  import com.liferay.portlet.RenderRequestImpl;
71  import com.liferay.portlet.RenderResponseFactory;
72  import com.liferay.portlet.RenderResponseImpl;
73  
74  import java.io.IOException;
75  
76  import java.util.Date;
77  import java.util.HashSet;
78  import java.util.Iterator;
79  import java.util.Map.Entry;
80  import java.util.Map;
81  import java.util.Set;
82  
83  import javax.portlet.PortletConfig;
84  import javax.portlet.PortletContext;
85  import javax.portlet.PortletMode;
86  import javax.portlet.PortletPreferences;
87  import javax.portlet.PortletRequest;
88  import javax.portlet.WindowState;
89  
90  import javax.servlet.ServletContext;
91  import javax.servlet.ServletException;
92  import javax.servlet.http.HttpServletRequest;
93  import javax.servlet.http.HttpServletResponse;
94  import javax.servlet.http.HttpSession;
95  import javax.servlet.jsp.PageContext;
96  
97  import org.apache.struts.action.ActionMapping;
98  import org.apache.struts.config.ForwardConfig;
99  import org.apache.struts.tiles.TilesRequestProcessor;
100 
101 /**
102  * <a href="PortalRequestProcessor.java.html"><b><i>View Source</i></b></a>
103  *
104  * @author Brian Wing Shun Chan
105  * @author Jorge Ferrer
106  */
107 public class PortalRequestProcessor extends TilesRequestProcessor {
108 
109     public PortalRequestProcessor() {
110 
111         // auth.forward.last.path.
112 
113         _lastPaths = new HashSet<String>();
114 
115         _lastPaths.add(_PATH_PORTAL_LAYOUT);
116 
117         addPaths(_lastPaths, PropsKeys.AUTH_FORWARD_LAST_PATHS);
118 
119         // auth.public.path.
120 
121         _publicPaths = new HashSet<String>();
122 
123         _publicPaths.add(_PATH_C);
124         _publicPaths.add(_PATH_PORTAL_FLASH);
125         _publicPaths.add(_PATH_PORTAL_J_LOGIN);
126         _publicPaths.add(_PATH_PORTAL_LAYOUT);
127         _publicPaths.add(_PATH_PORTAL_LOGIN);
128         _publicPaths.add(_PATH_PORTAL_RENDER_PORTLET);
129         _publicPaths.add(_PATH_PORTAL_TCK);
130 
131         addPaths(_publicPaths, PropsKeys.AUTH_PUBLIC_PATHS);
132 
133         _trackerIgnorePaths = new HashSet<String>();
134 
135         addPaths(_trackerIgnorePaths, PropsKeys.SESSION_TRACKER_IGNORE_PATHS);
136     }
137 
138     public void process(
139             HttpServletRequest request, HttpServletResponse response)
140         throws IOException, ServletException {
141 
142         String path = super.processPath(request, response);
143 
144         ActionMapping mapping = (ActionMapping)moduleConfig.findActionConfig(
145             path);
146 
147         if (mapping == null) {
148             String lastPath = getLastPath(request);
149 
150             if (_log.isDebugEnabled()) {
151                 _log.debug("Last path " + lastPath);
152             }
153 
154             response.sendRedirect(lastPath);
155 
156             return;
157         }
158 
159         super.process(request, response);
160 
161         try {
162             if (isPortletPath(path)) {
163                 cleanUp(request);
164             }
165         }
166         catch (Exception e) {
167             _log.error(e, e);
168         }
169     }
170 
171     protected void addPaths(Set<String> paths, String propsKey) {
172         String[] pathsArray = PropsUtil.getArray(propsKey);
173 
174         for (String path : pathsArray) {
175             paths.add(path);
176         }
177     }
178 
179     protected void callParentDoForward(
180             String uri, HttpServletRequest request,
181             HttpServletResponse response)
182         throws IOException, ServletException {
183 
184         super.doForward(uri, request, response);
185     }
186 
187     protected HttpServletRequest callParentProcessMultipart(
188         HttpServletRequest request) {
189 
190         return super.processMultipart(request);
191     }
192 
193     protected String callParentProcessPath(
194             HttpServletRequest request, HttpServletResponse response)
195         throws IOException {
196 
197         return super.processPath(request, response);
198     }
199 
200     protected boolean callParentProcessRoles(
201             HttpServletRequest request, HttpServletResponse response,
202             ActionMapping mapping)
203         throws IOException, ServletException {
204 
205         return super.processRoles(request, response, mapping);
206     }
207 
208     protected void cleanUp(HttpServletRequest request) throws Exception {
209 
210         // Clean up portlet objects that may have been created by defineObjects
211         // for portlets that are called directly from a Struts path
212 
213         RenderRequestImpl renderRequestImpl =
214             (RenderRequestImpl)request.getAttribute(
215                 JavaConstants.JAVAX_PORTLET_REQUEST);
216 
217         if (renderRequestImpl != null) {
218             renderRequestImpl.cleanUp();
219         }
220     }
221 
222     protected void defineObjects(
223             HttpServletRequest request, HttpServletResponse response,
224             Portlet portlet)
225         throws Exception {
226 
227         String portletId = portlet.getPortletId();
228 
229         ServletContext servletContext = (ServletContext)request.getAttribute(
230             WebKeys.CTX);
231 
232         InvokerPortlet invokerPortlet = PortletInstanceFactoryUtil.create(
233             portlet, servletContext);
234 
235         PortletPreferencesIds portletPreferencesIds =
236             PortletPreferencesFactoryUtil.getPortletPreferencesIds(
237                 request, portletId);
238 
239         PortletPreferences portletPreferences =
240             PortletPreferencesLocalServiceUtil.getPreferences(
241                 portletPreferencesIds);
242 
243         PortletConfig portletConfig = PortletConfigFactory.create(
244             portlet, servletContext);
245         PortletContext portletContext = portletConfig.getPortletContext();
246 
247         RenderRequestImpl renderRequestImpl = RenderRequestFactory.create(
248             request, portlet, invokerPortlet, portletContext,
249             WindowState.MAXIMIZED, PortletMode.VIEW, portletPreferences);
250 
251         RenderResponseImpl renderResponseImpl = RenderResponseFactory.create(
252             renderRequestImpl, response, portletId, portlet.getCompanyId());
253 
254         renderRequestImpl.defineObjects(portletConfig, renderResponseImpl);
255 
256         request.setAttribute(WebKeys.PORTLET_STRUTS_EXECUTE, Boolean.TRUE);
257     }
258 
259     protected void doForward(
260             String uri, HttpServletRequest request,
261             HttpServletResponse response)
262         throws ServletException {
263 
264         StrutsUtil.forward(uri, getServletContext(), request, response);
265     }
266 
267     protected void doInclude(
268             String uri, HttpServletRequest request,
269             HttpServletResponse response)
270         throws ServletException {
271 
272         StrutsUtil.include(uri, getServletContext(), request, response);
273     }
274 
275     protected StringBuilder getFriendlyTrackerPath(
276             String path, ThemeDisplay themeDisplay, HttpServletRequest request)
277         throws Exception {
278 
279         if (!path.equals(_PATH_PORTAL_LAYOUT)) {
280             return null;
281         }
282 
283         long plid = ParamUtil.getLong(request, "p_l_id");
284 
285         if (plid == 0) {
286             return null;
287         }
288 
289         Layout layout = LayoutLocalServiceUtil.getLayout(plid);
290 
291         String layoutFriendlyURL = PortalUtil.getLayoutFriendlyURL(
292             layout, themeDisplay);
293 
294         StringBuilder sb = new StringBuilder();
295 
296         sb.append(layoutFriendlyURL);
297 
298         String portletId = ParamUtil.getString(request, "p_p_id");
299 
300         if (Validator.isNull(portletId)) {
301             return sb;
302         }
303 
304         long companyId = PortalUtil.getCompanyId(request);
305 
306         Portlet portlet = PortletLocalServiceUtil.getPortletById(
307             companyId, portletId);
308 
309         if (portlet == null) {
310             String strutsPath = path.substring(
311                 1, path.lastIndexOf(StringPool.SLASH));
312 
313             portlet = PortletLocalServiceUtil.getPortletByStrutsPath(
314                 companyId, strutsPath);
315         }
316 
317         if ((portlet == null) || !portlet.isActive()) {
318             sb.append(StringPool.QUESTION);
319             sb.append(request.getQueryString());
320 
321             return sb;
322         }
323 
324         String namespace = PortalUtil.getPortletNamespace(portletId);
325 
326         FriendlyURLMapper friendlyURLMapper =
327             portlet.getFriendlyURLMapperInstance();
328 
329         if (friendlyURLMapper == null) {
330             sb.append(StringPool.QUESTION);
331             sb.append(request.getQueryString());
332 
333             return sb;
334         }
335 
336         PortletURLImpl portletURL = new PortletURLImpl(
337             request, portletId, plid, PortletRequest.RENDER_PHASE);
338 
339         Iterator<Map.Entry<String, String[]>> itr =
340             request.getParameterMap().entrySet().iterator();
341 
342         while (itr.hasNext()) {
343             Entry<String, String[]> entry = itr.next();
344 
345             String key = entry.getKey();
346 
347             if (key.startsWith(namespace)) {
348                 key = key.substring(namespace.length());
349 
350                 portletURL.setParameter(key, entry.getValue());
351             }
352         }
353 
354         String portletFriendlyURL = friendlyURLMapper.buildPath(portletURL);
355 
356         if (portletFriendlyURL != null) {
357             sb.append(portletFriendlyURL);
358         }
359         else {
360             sb.append(StringPool.QUESTION);
361             sb.append(request.getQueryString());
362         }
363 
364         return sb;
365     }
366 
367     protected String getLastPath(HttpServletRequest request) {
368         HttpSession session = request.getSession();
369 
370         ThemeDisplay themeDisplay = (ThemeDisplay)request.getAttribute(
371             WebKeys.THEME_DISPLAY);
372 
373         Boolean httpsInitial = (Boolean)session.getAttribute(
374             WebKeys.HTTPS_INITIAL);
375 
376         String portalURL = null;
377 
378         if ((PropsValues.COMPANY_SECURITY_AUTH_REQUIRES_HTTPS) &&
379             (httpsInitial != null) && (!httpsInitial.booleanValue())) {
380 
381             portalURL = PortalUtil.getPortalURL(request, false);
382         }
383         else {
384             portalURL = PortalUtil.getPortalURL(request);
385         }
386 
387         StringBuilder sb = new StringBuilder();
388 
389         sb.append(portalURL);
390         sb.append(themeDisplay.getPathMain());
391         sb.append(_PATH_PORTAL_LAYOUT);
392 
393         if (!PropsValues.AUTH_FORWARD_BY_LAST_PATH) {
394             if (request.getRemoteUser() != null) {
395 
396                 // If we do not forward by last path and the user is logged in,
397                 // forward to the user's default layout to prevent a lagging
398                 // loop
399 
400                 sb.append(StringPool.QUESTION);
401                 sb.append("p_l_id");
402                 sb.append(StringPool.EQUAL);
403                 sb.append(LayoutConstants.DEFAULT_PLID);
404             }
405 
406             return sb.toString();
407         }
408 
409         LastPath lastPath = (LastPath)session.getAttribute(WebKeys.LAST_PATH);
410 
411         if (lastPath == null) {
412             return sb.toString();
413         }
414 
415         Map<String, String[]> parameterMap = lastPath.getParameterMap();
416 
417         // Only test for existing mappings for last paths that were set when the
418         // user accessed a layout directly instead of through its friendly URL
419 
420         if (lastPath.getContextPath().equals(themeDisplay.getPathMain())) {
421             ActionMapping mapping =
422                 (ActionMapping)moduleConfig.findActionConfig(
423                     lastPath.getPath());
424 
425             if ((mapping == null) || (parameterMap == null)) {
426                 return sb.toString();
427             }
428         }
429 
430         StringBuilder lastPathSB = new StringBuilder();
431 
432         lastPathSB.append(portalURL);
433         lastPathSB.append(lastPath.getContextPath());
434         lastPathSB.append(lastPath.getPath());
435         lastPathSB.append(HttpUtil.parameterMapToString(parameterMap));
436 
437         return lastPathSB.toString();
438     }
439 
440     protected boolean isPortletPath(String path) {
441         if ((path != null) &&
442             (!path.equals(_PATH_C)) &&
443             (!path.startsWith(_PATH_COMMON)) &&
444             (path.indexOf(_PATH_J_SECURITY_CHECK) == -1) &&
445             (!path.startsWith(_PATH_PORTAL))) {
446 
447             return true;
448         }
449         else {
450             return false;
451         }
452     }
453 
454     protected boolean isPublicPath(String path) {
455         if ((path != null) &&
456             (_publicPaths.contains(path)) ||
457             (path.startsWith(_PATH_COMMON))) {
458 
459             return true;
460         }
461         else {
462             return false;
463         }
464     }
465 
466     protected ActionMapping processMapping(
467             HttpServletRequest request, HttpServletResponse response,
468             String path)
469         throws IOException {
470 
471         if (path == null) {
472             return null;
473         }
474 
475         ActionMapping mapping = super.processMapping(request, response, path);
476 
477         if (mapping == null) {
478             String msg = getInternal().getMessage("processInvalid");
479 
480             _log.error("User ID " + request.getRemoteUser());
481             _log.error("Current URL " + PortalUtil.getCurrentURL(request));
482             _log.error("Referer " + request.getHeader("Referer"));
483             _log.error("Remote address " + request.getRemoteAddr());
484 
485             _log.error(msg + " " + path);
486         }
487 
488         return mapping;
489     }
490 
491     protected HttpServletRequest processMultipart(HttpServletRequest request) {
492 
493         // Disable Struts from automatically wrapping a multipart request
494 
495         return request;
496     }
497 
498     protected String processPath(
499             HttpServletRequest request, HttpServletResponse response)
500         throws IOException {
501 
502         String path = GetterUtil.getString(
503             super.processPath(request, response));
504 
505         HttpSession session = request.getSession();
506 
507         ThemeDisplay themeDisplay = (ThemeDisplay)request.getAttribute(
508             WebKeys.THEME_DISPLAY);
509 
510         // Current users
511 
512         UserTracker userTracker = LiveUsers.getUserTracker(
513             themeDisplay.getCompanyId(), session.getId());
514 
515         if ((userTracker != null) && (!path.equals(_PATH_C)) &&
516             (path.indexOf(_PATH_J_SECURITY_CHECK) == -1) &&
517             (path.indexOf(_PATH_PORTAL_PROTECTED) == -1) &&
518             (!_trackerIgnorePaths.contains(path))) {
519 
520             StringBuilder sb = null;
521 
522             try {
523                 if (PropsValues.SESSION_TRACKER_FRIENDLY_PATHS_ENABLED) {
524                     sb = getFriendlyTrackerPath(path, themeDisplay, request);
525                 }
526             }
527             catch (Exception e) {
528                 _log.error(e, e);
529             }
530 
531             if (sb == null) {
532                 sb = new StringBuilder();
533 
534                 sb.append(path);
535                 sb.append(StringPool.QUESTION);
536                 sb.append(request.getQueryString());
537             }
538 
539             UserTrackerPath userTrackerPath = UserTrackerPathUtil.create(0);
540 
541             userTrackerPath.setUserTrackerId(userTracker.getUserTrackerId());
542             userTrackerPath.setPath(sb.toString());
543             userTrackerPath.setPathDate(new Date());
544 
545             userTracker.addPath(userTrackerPath);
546         }
547 
548         String remoteUser = request.getRemoteUser();
549 
550         User user = null;
551 
552         try {
553             user = PortalUtil.getUser(request);
554         }
555         catch (Exception e) {
556         }
557 
558         // Last path
559 
560         if (_lastPaths.contains(path) && !_trackerIgnorePaths.contains(path)) {
561             boolean saveLastPath = ParamUtil.getBoolean(
562                 request, "saveLastPath", true);
563 
564             if (themeDisplay.isLifecycleResource() ||
565                 themeDisplay.isStateExclusive() ||
566                 themeDisplay.isStatePopUp() ||
567                 !request.getMethod().equalsIgnoreCase(HttpMethods.GET)) {
568 
569                 saveLastPath = false;
570             }
571 
572             // Save last path
573 
574             if (saveLastPath) {
575 
576                 // Was a last path set by another servlet that dispatched to
577                 // the MainServlet? If so, use that last path instead.
578 
579                 LastPath lastPath = (LastPath)request.getAttribute(
580                     WebKeys.LAST_PATH);
581 
582                 if (lastPath == null) {
583                     lastPath = new LastPath(
584                         themeDisplay.getPathMain(), path,
585                         request.getParameterMap());
586                 }
587 
588                 session.setAttribute(WebKeys.LAST_PATH, lastPath);
589             }
590         }
591 
592         // Authenticated users can always log out
593 
594         if (((remoteUser != null) || (user != null)) &&
595             (path.equals(_PATH_PORTAL_LOGOUT))) {
596 
597             return path;
598         }
599 
600         // Authenticated users can always extend or confirm their session
601 
602         if (((remoteUser != null) || (user != null)) &&
603             (path.equals(_PATH_PORTAL_EXPIRE_SESSION) ||
604              path.equals(_PATH_PORTAL_EXTEND_SESSION))) {
605 
606             return path;
607         }
608 
609         // Authenticated users can always agree to terms of use
610 
611         if (((remoteUser != null) || (user != null)) &&
612             (path.equals(_PATH_PORTAL_UPDATE_TERMS_OF_USE))) {
613 
614             return path;
615         }
616 
617         // Authenticated users must still exist in the system
618 
619         if ((remoteUser != null) && (user == null)) {
620             return _PATH_PORTAL_LOGOUT;
621         }
622 
623         // Authenticated users must be active
624 
625         if ((user != null) && !user.isActive()) {
626             SessionErrors.add(request, UserActiveException.class.getName());
627 
628             return _PATH_PORTAL_ERROR;
629         }
630 
631         if (!path.equals(_PATH_PORTAL_RENDER_PORTLET) &&
632             !ParamUtil.getBoolean(request, "wsrp")) {
633 
634             // Authenticated users should agree to Terms of Use
635 
636             if ((user != null) && !user.isAgreedToTermsOfUse()) {
637                 boolean termsOfUseRequired = false;
638 
639                 try {
640                     termsOfUseRequired = PrefsPropsUtil.getBoolean(
641                         user.getCompanyId(), PropsKeys.TERMS_OF_USE_REQUIRED);
642                 }
643                 catch (SystemException se) {
644                     termsOfUseRequired = PropsValues.TERMS_OF_USE_REQUIRED;
645                 }
646 
647                 if (termsOfUseRequired) {
648                     return _PATH_PORTAL_TERMS_OF_USE;
649                 }
650             }
651 
652             // Authenticated users must have a current password
653 
654             if ((user != null) && user.isPasswordReset()) {
655                 return _PATH_PORTAL_UPDATE_PASSWORD;
656             }
657 
658             // Authenticated users must have an email address
659 
660             if ((user != null) &&
661                 Validator.isNull(user.getDisplayEmailAddress())) {
662 
663                 return _PATH_PORTAL_UPDATE_EMAIL_ADDRESS;
664             }
665 
666             // Authenticated users should have a reminder query
667 
668             if ((user != null) &&
669                 (Validator.isNull(user.getReminderQueryQuestion()) ||
670                  Validator.isNull(user.getReminderQueryAnswer()))) {
671 
672                 if (PropsValues.USERS_REMINDER_QUERIES_ENABLED) {
673                     return _PATH_PORTAL_UPDATE_REMINDER_QUERY;
674                 }
675             }
676         }
677 
678         // Users must sign in
679 
680         if (!isPublicPath(path)) {
681             if (user == null) {
682                 SessionErrors.add(request, PrincipalException.class.getName());
683 
684                 return _PATH_PORTAL_LOGIN;
685             }
686         }
687 
688         ActionMapping mapping =
689             (ActionMapping)moduleConfig.findActionConfig(path);
690 
691         path = mapping.getPath();
692 
693         // Authenticated users must have at least one role
694 
695         if (user != null) {
696             try {
697 
698                 // FIX ME
699 
700                 if (false) {
701                     SessionErrors.add(
702                         request, RequiredRoleException.class.getName());
703 
704                     return _PATH_PORTAL_ERROR;
705                 }
706             }
707             catch (Exception e) {
708                 e.printStackTrace();
709             }
710         }
711 
712         // Define the portlet objects
713 
714         if (isPortletPath(path)) {
715             try {
716                 Portlet portlet = null;
717 
718                 long companyId = PortalUtil.getCompanyId(request);
719                 String portletId = ParamUtil.getString(request, "p_p_id");
720 
721                 if (Validator.isNotNull(portletId)) {
722                     portlet = PortletLocalServiceUtil.getPortletById(
723                         companyId, portletId);
724                 }
725 
726                 if (portlet == null) {
727                     String strutsPath = path.substring(
728                         1, path.lastIndexOf(StringPool.SLASH));
729 
730                     portlet = PortletLocalServiceUtil.getPortletByStrutsPath(
731                         companyId, strutsPath);
732                 }
733 
734                 if ((portlet != null) && portlet.isActive()) {
735                     defineObjects(request, response, portlet);
736                 }
737             }
738             catch (Exception e) {
739                 request.setAttribute(PageContext.EXCEPTION, e);
740 
741                 path = _PATH_COMMON_ERROR;
742             }
743         }
744 
745         // Authenticated users must have access to at least one layout
746 
747         if (SessionErrors.contains(
748                 request, LayoutPermissionException.class.getName())) {
749 
750             return _PATH_PORTAL_ERROR;
751         }
752 
753         return path;
754     }
755 
756     protected boolean processRoles(
757             HttpServletRequest request, HttpServletResponse response,
758             ActionMapping mapping)
759         throws IOException, ServletException {
760 
761         String path = mapping.getPath();
762 
763         if (isPublicPath(path)) {
764             return true;
765         }
766 
767         boolean authorized = true;
768 
769         User user = null;
770 
771         try {
772             user = PortalUtil.getUser(request);
773         }
774         catch (Exception e) {
775         }
776 
777         if ((user != null) && isPortletPath(path)) {
778             try {
779 
780                 // Authenticated users can always log out
781 
782                 if (path.equals(_PATH_PORTAL_LOGOUT)) {
783                     return true;
784                 }
785 
786                 Portlet portlet = null;
787 
788                 String portletId = ParamUtil.getString(request, "p_p_id");
789 
790                 if (Validator.isNotNull(portletId)) {
791                     portlet = PortletLocalServiceUtil.getPortletById(
792                         user.getCompanyId(), portletId);
793                 }
794 
795                 String strutsPath = path.substring(
796                     1, path.lastIndexOf(StringPool.SLASH));
797 
798                 if (portlet != null) {
799                     if (!strutsPath.equals(portlet.getStrutsPath())) {
800                         throw new PrincipalException();
801                     }
802                 }
803                 else {
804                     portlet = PortletLocalServiceUtil.getPortletByStrutsPath(
805                         user.getCompanyId(), strutsPath);
806                 }
807 
808                 if ((portlet != null) && portlet.isActive()) {
809                     ThemeDisplay themeDisplay =
810                         (ThemeDisplay)request.getAttribute(
811                             WebKeys.THEME_DISPLAY);
812 
813                     Layout layout = themeDisplay.getLayout();
814                     PermissionChecker permissionChecker =
815                         themeDisplay.getPermissionChecker();
816 
817                     if (!PortletPermissionUtil.contains(
818                             permissionChecker, layout.getPlid(), portlet,
819                             ActionKeys.VIEW)) {
820 
821                         throw new PrincipalException();
822                     }
823                 }
824                 else if (portlet != null && !portlet.isActive()) {
825                     SessionErrors.add(
826                         request, PortletActiveException.class.getName());
827 
828                     authorized = false;
829                 }
830             }
831             catch (Exception e) {
832                 SessionErrors.add(request, PrincipalException.class.getName());
833 
834                 authorized = false;
835             }
836         }
837 
838         if (!authorized) {
839             ForwardConfig forwardConfig =
840                 mapping.findForward(_PATH_PORTAL_ERROR);
841 
842             processForwardConfig(request, response, forwardConfig);
843 
844             return false;
845         }
846         else {
847             return true;
848         }
849     }
850 
851     private static String _PATH_C = "/c";
852 
853     private static String _PATH_COMMON = "/common";
854 
855     private static String _PATH_COMMON_ERROR = "/common/error";
856 
857     private static String _PATH_J_SECURITY_CHECK = "/j_security_check";
858 
859     private static String _PATH_PORTAL = "/portal";
860 
861     private static String _PATH_PORTAL_ERROR = "/portal/error";
862 
863     private static String _PATH_PORTAL_EXPIRE_SESSION =
864         "/portal/expire_session";
865 
866     private static String _PATH_PORTAL_EXTEND_SESSION =
867         "/portal/extend_session";
868 
869     private static String _PATH_PORTAL_FLASH = "/portal/flash";
870 
871     private static String _PATH_PORTAL_J_LOGIN = "/portal/j_login";
872 
873     private static String _PATH_PORTAL_LAYOUT = "/portal/layout";
874 
875     private static String _PATH_PORTAL_LOGIN = "/portal/login";
876 
877     private static String _PATH_PORTAL_LOGOUT = "/portal/logout";
878 
879     private static String _PATH_PORTAL_PROTECTED = "/portal/protected";
880 
881     private static String _PATH_PORTAL_RENDER_PORTLET =
882         "/portal/render_portlet";
883 
884     private static String _PATH_PORTAL_TCK = "/portal/tck";
885 
886     private static String _PATH_PORTAL_TERMS_OF_USE = "/portal/terms_of_use";
887 
888     private static String _PATH_PORTAL_UPDATE_EMAIL_ADDRESS =
889         "/portal/update_email_address";
890 
891     private static String _PATH_PORTAL_UPDATE_PASSWORD =
892         "/portal/update_password";
893 
894     private static String _PATH_PORTAL_UPDATE_REMINDER_QUERY =
895         "/portal/update_reminder_query";
896 
897     private static String _PATH_PORTAL_UPDATE_TERMS_OF_USE =
898         "/portal/update_terms_of_use";
899 
900     private static Log _log =
901         LogFactoryUtil.getLog(PortalRequestProcessor.class);
902 
903     private Set<String> _lastPaths;
904     private Set<String> _publicPaths;
905     private Set<String> _trackerIgnorePaths;
906 
907 }