001
014
015 package com.liferay.portal.servlet;
016
017 import com.liferay.portal.action.JSONServiceAction;
018 import com.liferay.portal.kernel.log.Log;
019 import com.liferay.portal.kernel.log.LogFactoryUtil;
020 import com.liferay.portal.kernel.servlet.PortletServlet;
021 import com.liferay.portal.kernel.util.GetterUtil;
022 import com.liferay.portal.model.User;
023 import com.liferay.portal.security.auth.PrincipalThreadLocal;
024 import com.liferay.portal.security.permission.PermissionChecker;
025 import com.liferay.portal.security.permission.PermissionCheckerFactoryUtil;
026 import com.liferay.portal.security.permission.PermissionThreadLocal;
027 import com.liferay.portal.service.UserLocalServiceUtil;
028 import com.liferay.portal.struts.JSONAction;
029
030 import java.io.IOException;
031
032 import javax.servlet.ServletConfig;
033 import javax.servlet.ServletContext;
034 import javax.servlet.ServletException;
035 import javax.servlet.http.HttpServlet;
036 import javax.servlet.http.HttpServletRequest;
037 import javax.servlet.http.HttpServletResponse;
038
039
042 public class JSONServlet extends HttpServlet {
043
044 @Override
045 public void init(ServletConfig servletConfig) {
046 ServletContext servletContext = servletConfig.getServletContext();
047
048 _portletClassLoader = (ClassLoader)servletContext.getAttribute(
049 PortletServlet.PORTLET_CLASS_LOADER);
050
051 _jsonAction = getJSONAction(servletContext);
052 }
053
054 @Override
055 @SuppressWarnings("unused")
056 public void service(
057 HttpServletRequest request, HttpServletResponse response)
058 throws IOException, ServletException {
059
060 try {
061 resolveRemoteUser(request);
062
063 if (_portletClassLoader == null) {
064 _jsonAction.execute(null, null, request, response);
065 }
066 else {
067 Thread currentThread = Thread.currentThread();
068
069 ClassLoader contextClassLoader =
070 currentThread.getContextClassLoader();
071
072 try {
073 currentThread.setContextClassLoader(_portletClassLoader);
074
075 _jsonAction.execute(null, null, request, response);
076 }
077 finally {
078 currentThread.setContextClassLoader(contextClassLoader);
079 }
080 }
081 }
082 catch (Exception e) {
083 _log.error(e, e);
084 }
085 }
086
087 protected JSONAction getJSONAction(ServletContext servletContext) {
088 JSONAction jsonAction = new JSONServiceAction();
089
090 jsonAction.setServletContext(servletContext);
091
092 return jsonAction;
093 }
094
095 protected void resolveRemoteUser(HttpServletRequest request)
096 throws Exception {
097
098 String remoteUser = request.getRemoteUser();
099
100 if (_log.isDebugEnabled()) {
101 _log.debug("Remote user " + remoteUser);
102 }
103
104 if (remoteUser != null) {
105 PrincipalThreadLocal.setName(remoteUser);
106
107 long userId = GetterUtil.getLong(remoteUser);
108
109 User user = UserLocalServiceUtil.getUserById(userId);
110
111 PermissionChecker permissionChecker =
112 PermissionCheckerFactoryUtil.create(user);
113
114 PermissionThreadLocal.setPermissionChecker(permissionChecker);
115 }
116 }
117
118 private static Log _log = LogFactoryUtil.getLog(JSONServlet.class);
119
120 private JSONAction _jsonAction;
121 private ClassLoader _portletClassLoader;
122
123 }