001
014
015 package com.liferay.portal.spring.servlet;
016
017 import com.liferay.portal.kernel.log.Log;
018 import com.liferay.portal.kernel.log.LogFactoryUtil;
019 import com.liferay.portal.kernel.util.GetterUtil;
020 import com.liferay.portal.model.User;
021 import com.liferay.portal.security.auth.PrincipalThreadLocal;
022 import com.liferay.portal.security.permission.PermissionChecker;
023 import com.liferay.portal.security.permission.PermissionCheckerFactoryUtil;
024 import com.liferay.portal.security.permission.PermissionThreadLocal;
025 import com.liferay.portal.service.UserLocalServiceUtil;
026 import com.liferay.portal.spring.context.TunnelApplicationContext;
027 import com.liferay.portal.util.PortalInstances;
028
029 import javax.servlet.ServletException;
030 import javax.servlet.http.HttpServletRequest;
031 import javax.servlet.http.HttpServletResponse;
032
033 import org.springframework.web.servlet.DispatcherServlet;
034
035
038 public class RemotingServlet extends DispatcherServlet {
039
040 public static final String CONTEXT_CLASS =
041 TunnelApplicationContext.class.getName();
042
043 public static final String CONTEXT_CONFIG_LOCATION =
044 "/WEB-INF/remoting-servlet.xml,/WEB-INF/remoting-servlet-ext.xml";
045
046 public Class<?> getContextClass() {
047 try {
048 return Class.forName(CONTEXT_CLASS);
049 }
050 catch (Exception e) {
051 _log.error(e);
052 }
053
054 return null;
055 }
056
057 public String getContextConfigLocation() {
058 return CONTEXT_CONFIG_LOCATION;
059 }
060
061 public void service(
062 HttpServletRequest request, HttpServletResponse response)
063 throws ServletException {
064
065 try {
066 PortalInstances.getCompanyId(request);
067
068 String remoteUser = request.getRemoteUser();
069
070 if (_log.isDebugEnabled()) {
071 _log.debug("Remote user " + remoteUser);
072 }
073
074 if (remoteUser != null) {
075 PrincipalThreadLocal.setName(remoteUser);
076
077 long userId = GetterUtil.getLong(remoteUser);
078
079 User user = UserLocalServiceUtil.getUserById(userId);
080
081 PermissionChecker permissionChecker =
082 PermissionCheckerFactoryUtil.create(user, true);
083
084 PermissionThreadLocal.setPermissionChecker(permissionChecker);
085 }
086 else {
087 if (_log.isWarnEnabled()) {
088 _log.warn(
089 "User id is not provided. An exception will be " +
090 "thrown if a protected method is accessed.");
091 }
092 }
093
094 super.service(request, response);
095 }
096 catch (Exception e) {
097 throw new ServletException(e);
098 }
099 }
100
101 private static Log _log = LogFactoryUtil.getLog(RemotingServlet.class);
102
103 }