001
014
015 package com.liferay.portal.spring.servlet;
016
017 import com.liferay.portal.kernel.log.Log;
018 import com.liferay.portal.kernel.log.LogFactoryUtil;
019 import com.liferay.portal.kernel.util.GetterUtil;
020 import com.liferay.portal.model.User;
021 import com.liferay.portal.security.auth.PrincipalThreadLocal;
022 import com.liferay.portal.security.permission.PermissionChecker;
023 import com.liferay.portal.security.permission.PermissionCheckerFactoryUtil;
024 import com.liferay.portal.security.permission.PermissionThreadLocal;
025 import com.liferay.portal.service.UserLocalServiceUtil;
026 import com.liferay.portal.spring.context.TunnelApplicationContext;
027 import com.liferay.portal.util.PortalInstances;
028
029 import javax.servlet.ServletException;
030 import javax.servlet.http.HttpServletRequest;
031 import javax.servlet.http.HttpServletResponse;
032
033 import org.springframework.web.servlet.DispatcherServlet;
034
035
038 public class RemotingServlet extends DispatcherServlet {
039
040 public static final String CONTEXT_CLASS =
041 TunnelApplicationContext.class.getName();
042
043 public static final String CONTEXT_CONFIG_LOCATION =
044 "/WEB-INF/remoting-servlet.xml,/WEB-INF/remoting-servlet-ext.xml";
045
046 @Override
047 public Class<?> getContextClass() {
048 try {
049 return Class.forName(CONTEXT_CLASS);
050 }
051 catch (Exception e) {
052 _log.error(e);
053 }
054
055 return null;
056 }
057
058 @Override
059 public String getContextConfigLocation() {
060 return CONTEXT_CONFIG_LOCATION;
061 }
062
063 @Override
064 public void service(
065 HttpServletRequest request, HttpServletResponse response)
066 throws ServletException {
067
068 try {
069 PortalInstances.getCompanyId(request);
070
071 String remoteUser = request.getRemoteUser();
072
073 if (_log.isDebugEnabled()) {
074 _log.debug("Remote user " + remoteUser);
075 }
076
077 if (remoteUser != null) {
078 PrincipalThreadLocal.setName(remoteUser);
079
080 long userId = GetterUtil.getLong(remoteUser);
081
082 User user = UserLocalServiceUtil.getUserById(userId);
083
084 PermissionChecker permissionChecker =
085 PermissionCheckerFactoryUtil.create(user);
086
087 PermissionThreadLocal.setPermissionChecker(permissionChecker);
088 }
089 else {
090 if (_log.isWarnEnabled()) {
091 _log.warn(
092 "User id is not provided. An exception will be " +
093 "thrown if a protected method is accessed.");
094 }
095 }
096
097 super.service(request, response);
098 }
099 catch (Exception e) {
100 throw new ServletException(e);
101 }
102 }
103
104 private static Log _log = LogFactoryUtil.getLog(RemotingServlet.class);
105
106 }