1   /**
2    * Copyright (c) 2000-2010 Liferay, Inc. All rights reserved.
3    *
4    * The contents of this file are subject to the terms of the Liferay Enterprise
5    * Subscription License ("License"). You may not use this file except in
6    * compliance with the License. You can obtain a copy of the License by
7    * contacting Liferay, Inc. See the License for the specific language governing
8    * permissions and limitations under the License, including but not limited to
9    * distribution rights of the Software.
10   *
11   *
12   * 
13   */
14  
15  package com.liferay.portal.spring.servlet;
16  
17  import com.liferay.portal.kernel.log.Log;
18  import com.liferay.portal.kernel.log.LogFactoryUtil;
19  import com.liferay.portal.kernel.util.GetterUtil;
20  import com.liferay.portal.model.User;
21  import com.liferay.portal.security.auth.PrincipalThreadLocal;
22  import com.liferay.portal.security.permission.PermissionChecker;
23  import com.liferay.portal.security.permission.PermissionCheckerFactory;
24  import com.liferay.portal.security.permission.PermissionThreadLocal;
25  import com.liferay.portal.service.UserLocalServiceUtil;
26  import com.liferay.portal.spring.context.TunnelApplicationContext;
27  import com.liferay.portal.util.PortalInstances;
28  
29  import javax.servlet.ServletException;
30  import javax.servlet.http.HttpServletRequest;
31  import javax.servlet.http.HttpServletResponse;
32  
33  import org.springframework.web.servlet.DispatcherServlet;
34  
35  /**
36   * <a href="RemotingServlet.java.html"><b><i>View Source</i></b></a>
37   *
38   * @author Brian Wing Shun Chan
39   */
40  public class RemotingServlet extends DispatcherServlet {
41  
42      public static final String CONTEXT_CLASS =
43          TunnelApplicationContext.class.getName();
44  
45      public static final String CONTEXT_CONFIG_LOCATION =
46          "/WEB-INF/remoting-servlet.xml,/WEB-INF/remoting-servlet-ext.xml";
47  
48      public Class<?> getContextClass() {
49          try {
50              return Class.forName(CONTEXT_CLASS);
51          }
52          catch (Exception e) {
53              _log.error(e);
54          }
55  
56          return null;
57      }
58  
59      public String getContextConfigLocation() {
60          return CONTEXT_CONFIG_LOCATION;
61      }
62  
63      public void service(
64              HttpServletRequest request, HttpServletResponse response)
65          throws ServletException {
66  
67          PermissionChecker permissionChecker = null;
68  
69          try {
70              PortalInstances.getCompanyId(request);
71  
72              String remoteUser = request.getRemoteUser();
73  
74              if (_log.isDebugEnabled()) {
75                  _log.debug("Remote user " + remoteUser);
76              }
77  
78              if (remoteUser != null) {
79                  PrincipalThreadLocal.setName(remoteUser);
80  
81                  long userId = GetterUtil.getLong(remoteUser);
82  
83                  User user = UserLocalServiceUtil.getUserById(userId);
84  
85                  permissionChecker = PermissionCheckerFactory.create(user, true);
86  
87                  PermissionThreadLocal.setPermissionChecker(permissionChecker);
88              }
89              else {
90                  if (_log.isWarnEnabled()) {
91                      _log.warn(
92                          "User id is not provided. An exception will be " +
93                              "thrown  if a protected method is accessed.");
94                  }
95              }
96  
97              super.service(request, response);
98          }
99          catch (Exception e) {
100             throw new ServletException(e);
101         }
102         finally {
103             try {
104                 PermissionCheckerFactory.recycle(permissionChecker);
105             }
106             catch (Exception e) {
107             }
108         }
109     }
110 
111     private static Log _log = LogFactoryUtil.getLog(RemotingServlet.class);
112 
113 }