001    /**
002     * Copyright (c) 2000-2010 Liferay, Inc. All rights reserved.
003     *
004     * This library is free software; you can redistribute it and/or modify it under
005     * the terms of the GNU Lesser General Public License as published by the Free
006     * Software Foundation; either version 2.1 of the License, or (at your option)
007     * any later version.
008     *
009     * This library is distributed in the hope that it will be useful, but WITHOUT
010     * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
011     * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
012     * details.
013     */
014    
015    package com.liferay.portal.spring.servlet;
016    
017    import com.liferay.portal.kernel.log.Log;
018    import com.liferay.portal.kernel.log.LogFactoryUtil;
019    import com.liferay.portal.kernel.util.GetterUtil;
020    import com.liferay.portal.model.User;
021    import com.liferay.portal.security.auth.PrincipalThreadLocal;
022    import com.liferay.portal.security.permission.PermissionChecker;
023    import com.liferay.portal.security.permission.PermissionCheckerFactoryUtil;
024    import com.liferay.portal.security.permission.PermissionThreadLocal;
025    import com.liferay.portal.service.UserLocalServiceUtil;
026    import com.liferay.portal.spring.context.TunnelApplicationContext;
027    import com.liferay.portal.util.PortalInstances;
028    
029    import javax.servlet.ServletException;
030    import javax.servlet.http.HttpServletRequest;
031    import javax.servlet.http.HttpServletResponse;
032    
033    import org.springframework.web.servlet.DispatcherServlet;
034    
035    /**
036     * @author Brian Wing Shun Chan
037     */
038    public class RemotingServlet extends DispatcherServlet {
039    
040            public static final String CONTEXT_CLASS =
041                    TunnelApplicationContext.class.getName();
042    
043            public static final String CONTEXT_CONFIG_LOCATION =
044                    "/WEB-INF/remoting-servlet.xml,/WEB-INF/remoting-servlet-ext.xml";
045    
046            public Class<?> getContextClass() {
047                    try {
048                            return Class.forName(CONTEXT_CLASS);
049                    }
050                    catch (Exception e) {
051                            _log.error(e);
052                    }
053    
054                    return null;
055            }
056    
057            public String getContextConfigLocation() {
058                    return CONTEXT_CONFIG_LOCATION;
059            }
060    
061            public void service(
062                            HttpServletRequest request, HttpServletResponse response)
063                    throws ServletException {
064    
065                    try {
066                            PortalInstances.getCompanyId(request);
067    
068                            String remoteUser = request.getRemoteUser();
069    
070                            if (_log.isDebugEnabled()) {
071                                    _log.debug("Remote user " + remoteUser);
072                            }
073    
074                            if (remoteUser != null) {
075                                    PrincipalThreadLocal.setName(remoteUser);
076    
077                                    long userId = GetterUtil.getLong(remoteUser);
078    
079                                    User user = UserLocalServiceUtil.getUserById(userId);
080    
081                                    PermissionChecker permissionChecker =
082                                            PermissionCheckerFactoryUtil.create(user, true);
083    
084                                    PermissionThreadLocal.setPermissionChecker(permissionChecker);
085                            }
086                            else {
087                                    if (_log.isWarnEnabled()) {
088                                            _log.warn(
089                                                    "User id is not provided. An exception will be " +
090                                                            "thrown  if a protected method is accessed.");
091                                    }
092                            }
093    
094                            super.service(request, response);
095                    }
096                    catch (Exception e) {
097                            throw new ServletException(e);
098                    }
099            }
100    
101            private static Log _log = LogFactoryUtil.getLog(RemotingServlet.class);
102    
103    }