1   /**
2    * Copyright (c) 2000-2008 Liferay, Inc. All rights reserved.
3    *
4    * Permission is hereby granted, free of charge, to any person obtaining a copy
5    * of this software and associated documentation files (the "Software"), to deal
6    * in the Software without restriction, including without limitation the rights
7    * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
8    * copies of the Software, and to permit persons to whom the Software is
9    * furnished to do so, subject to the following conditions:
10   *
11   * The above copyright notice and this permission notice shall be included in
12   * all copies or substantial portions of the Software.
13   *
14   * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
15   * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
16   * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
17   * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
18   * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
19   * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
20   * SOFTWARE.
21   */
22  
23  package com.liferay.portal.struts;
24  
25  import com.liferay.portal.LayoutPermissionException;
26  import com.liferay.portal.PortletActiveException;
27  import com.liferay.portal.RequiredLayoutException;
28  import com.liferay.portal.RequiredRoleException;
29  import com.liferay.portal.UserActiveException;
30  import com.liferay.portal.kernel.portlet.FriendlyURLMapper;
31  import com.liferay.portal.kernel.portlet.LiferayWindowState;
32  import com.liferay.portal.kernel.security.permission.ActionKeys;
33  import com.liferay.portal.kernel.security.permission.PermissionChecker;
34  import com.liferay.portal.kernel.util.JavaConstants;
35  import com.liferay.portal.kernel.util.ParamUtil;
36  import com.liferay.portal.kernel.util.StringMaker;
37  import com.liferay.portal.kernel.util.StringPool;
38  import com.liferay.portal.kernel.util.Validator;
39  import com.liferay.portal.model.Layout;
40  import com.liferay.portal.model.Portlet;
41  import com.liferay.portal.model.PortletPreferencesIds;
42  import com.liferay.portal.model.User;
43  import com.liferay.portal.model.UserTracker;
44  import com.liferay.portal.model.UserTrackerPath;
45  import com.liferay.portal.model.impl.LayoutImpl;
46  import com.liferay.portal.security.auth.PrincipalException;
47  import com.liferay.portal.service.LayoutLocalServiceUtil;
48  import com.liferay.portal.service.PortletLocalServiceUtil;
49  import com.liferay.portal.service.PortletPreferencesLocalServiceUtil;
50  import com.liferay.portal.service.permission.PortletPermissionUtil;
51  import com.liferay.portal.service.persistence.UserTrackerPathUtil;
52  import com.liferay.portal.theme.ThemeDisplay;
53  import com.liferay.portal.util.*;
54  import com.liferay.portlet.CachePortlet;
55  import com.liferay.portlet.PortletConfigFactory;
56  import com.liferay.portlet.PortletInstanceFactory;
57  import com.liferay.portlet.PortletPreferencesFactoryUtil;
58  import com.liferay.portlet.PortletURLImpl;
59  import com.liferay.portlet.RenderRequestFactory;
60  import com.liferay.portlet.RenderRequestImpl;
61  import com.liferay.portlet.RenderResponseFactory;
62  import com.liferay.portlet.RenderResponseImpl;
63  import com.liferay.util.CollectionFactory;
64  import com.liferay.util.HttpUtil;
65  import com.liferay.util.servlet.SessionErrors;
66  
67  import java.io.IOException;
68  
69  import java.util.Date;
70  import java.util.Iterator;
71  import java.util.List;
72  import java.util.Map.Entry;
73  import java.util.Map;
74  import java.util.Set;
75  
76  import javax.portlet.PortletConfig;
77  import javax.portlet.PortletContext;
78  import javax.portlet.PortletMode;
79  import javax.portlet.PortletPreferences;
80  import javax.portlet.WindowState;
81  
82  import javax.servlet.ServletContext;
83  import javax.servlet.ServletException;
84  import javax.servlet.http.HttpServletRequest;
85  import javax.servlet.http.HttpServletResponse;
86  import javax.servlet.http.HttpSession;
87  import javax.servlet.jsp.PageContext;
88  
89  import org.apache.commons.logging.Log;
90  import org.apache.commons.logging.LogFactory;
91  import org.apache.struts.action.ActionMapping;
92  import org.apache.struts.config.ForwardConfig;
93  import org.apache.struts.tiles.TilesRequestProcessor;
94  
95  /**
96   * <a href="PortalRequestProcessor.java.html"><b><i>View Source</i></b></a>
97   *
98   * @author Brian Wing Shun Chan
99   * @author Jorge Ferrer
100  *
101  */
102 public class PortalRequestProcessor extends TilesRequestProcessor {
103 
104     public PortalRequestProcessor() {
105 
106         // auth.forward.last.path.
107 
108         _lastPaths = CollectionFactory.getHashSet();
109 
110         _lastPaths.add(_PATH_PORTAL_LAYOUT);
111 
112         _addPaths(_lastPaths, PropsUtil.AUTH_FORWARD_LAST_PATHS);
113 
114         // auth.public.path.
115 
116         _publicPaths = CollectionFactory.getHashSet();
117 
118         _publicPaths.add(_PATH_C);
119         _publicPaths.add(_PATH_PORTAL_CSS);
120         _publicPaths.add(_PATH_PORTAL_CSS_CACHED);
121         _publicPaths.add(_PATH_PORTAL_FLASH);
122         _publicPaths.add(_PATH_PORTAL_J_LOGIN);
123         _publicPaths.add(_PATH_PORTAL_JAVASCRIPT);
124         _publicPaths.add(_PATH_PORTAL_JAVASCRIPT_CACHED);
125         _publicPaths.add(_PATH_PORTAL_LAYOUT);
126         _publicPaths.add(_PATH_PORTAL_LOGIN);
127         _publicPaths.add(_PATH_PORTAL_LOGIN_CAPTCHA);
128         _publicPaths.add(_PATH_PORTAL_RENDER_PORTLET);
129         _publicPaths.add(_PATH_PORTAL_TCK);
130 
131         _addPaths(_publicPaths, PropsUtil.AUTH_PUBLIC_PATHS);
132 
133         _trackerIgnorePaths = CollectionFactory.getHashSet();
134 
135         _addPaths(_trackerIgnorePaths, PropsUtil.SESSION_TRACKER_IGNORE_PATHS);
136     }
137 
138     public void process(HttpServletRequest req, HttpServletResponse res)
139         throws IOException, ServletException {
140 
141         String path = super.processPath(req, res);
142 
143         ActionMapping mapping =
144             (ActionMapping)moduleConfig.findActionConfig(path);
145 
146         if ((mapping == null) && !path.startsWith(_PATH_WSRP)) {
147             String lastPath = getLastPath(req);
148 
149             if (_log.isDebugEnabled()) {
150                 _log.debug("Last path " + lastPath);
151             }
152 
153             res.sendRedirect(lastPath);
154 
155             return;
156         }
157 
158         super.process(req, res);
159 
160         try {
161             if (isPortletPath(path)) {
162                 cleanUp(req);
163             }
164         }
165         catch (Exception e) {
166             _log.error(e, e);
167         }
168     }
169 
170     protected void callParentDoForward(
171             String uri, HttpServletRequest req, HttpServletResponse res)
172         throws IOException, ServletException {
173 
174         super.doForward(uri, req, res);
175     }
176 
177     protected void doForward(
178             String uri, HttpServletRequest req, HttpServletResponse res)
179         throws IOException, ServletException {
180 
181         StrutsUtil.forward(uri, getServletContext(), req, res);
182     }
183 
184     protected void doInclude(
185             String uri, HttpServletRequest req, HttpServletResponse res)
186         throws IOException, ServletException {
187 
188         StrutsUtil.include(uri, getServletContext(), req, res);
189     }
190 
191     protected HttpServletRequest callParentProcessMultipart(
192         HttpServletRequest req) {
193 
194         return super.processMultipart(req);
195     }
196 
197     protected HttpServletRequest processMultipart(HttpServletRequest req) {
198 
199         // Disable Struts from automatically wrapping a multipart request
200 
201         return req;
202     }
203 
204     protected String callParentProcessPath(
205             HttpServletRequest req, HttpServletResponse res)
206         throws IOException {
207 
208         return super.processPath(req, res);
209     }
210 
211     protected StringMaker getFriendlyTrackerPath(
212             String path, ThemeDisplay themeDisplay, HttpServletRequest req)
213         throws Exception {
214 
215         if (!path.equals(_PATH_PORTAL_LAYOUT)) {
216             return null;
217         }
218 
219         long plid = ParamUtil.getLong(req, "p_l_id");
220 
221         if (plid == 0) {
222             return null;
223         }
224 
225         Layout layout = LayoutLocalServiceUtil.getLayout(plid);
226 
227         String layoutFriendlyURL = PortalUtil.getLayoutFriendlyURL(
228             layout, themeDisplay);
229 
230         StringMaker sm = new StringMaker();
231 
232         sm.append(layoutFriendlyURL);
233 
234         String portletId = ParamUtil.getString(req, "p_p_id");
235 
236         if (Validator.isNull(portletId)) {
237             return sm;
238         }
239 
240         long companyId = PortalUtil.getCompanyId(req);
241 
242         Portlet portlet = PortletLocalServiceUtil.getPortletById(
243             companyId, portletId);
244 
245         if (portlet == null) {
246             String strutsPath = path.substring(
247                 1, path.lastIndexOf(StringPool.SLASH));
248 
249             portlet = PortletLocalServiceUtil.getPortletByStrutsPath(
250                 companyId, strutsPath);
251         }
252 
253         if ((portlet == null) || !portlet.isActive()) {
254             sm.append(StringPool.QUESTION);
255             sm.append(req.getQueryString());
256 
257             return sm;
258         }
259 
260         String namespace = PortalUtil.getPortletNamespace(portletId);
261 
262         FriendlyURLMapper friendlyURLMapper =
263             portlet.getFriendlyURLMapperInstance();
264 
265         if (friendlyURLMapper == null) {
266             sm.append(StringPool.QUESTION);
267             sm.append(req.getQueryString());
268 
269             return sm;
270         }
271 
272         PortletURLImpl portletURL = new PortletURLImpl(
273             req, portletId, plid, false);
274 
275         Iterator itr = req.getParameterMap().entrySet().iterator();
276 
277         while (itr.hasNext()) {
278             Entry entry = (Entry)itr.next();
279 
280             String key = (String)entry.getKey();
281 
282             if (key.startsWith(namespace)) {
283                 key = key.substring(namespace.length());
284 
285                 Object value = entry.getValue();
286 
287                 if (value instanceof String[]) {
288                     portletURL.setParameter(key, (String[])entry.getValue());
289                 }
290                 else {
291                     portletURL.setParameter(key, (String)entry.getValue());
292                 }
293             }
294         }
295 
296         String portletFriendlyURL = friendlyURLMapper.buildPath(portletURL);
297 
298         if (portletFriendlyURL != null) {
299             sm.append(portletFriendlyURL);
300         }
301         else {
302             sm.append(StringPool.QUESTION);
303             sm.append(req.getQueryString());
304         }
305 
306         return sm;
307     }
308 
309     protected String processPath(
310             HttpServletRequest req, HttpServletResponse res)
311         throws IOException {
312 
313         String path = super.processPath(req, res);
314 
315         HttpSession ses = req.getSession();
316 
317         ThemeDisplay themeDisplay =
318             (ThemeDisplay)req.getAttribute(WebKeys.THEME_DISPLAY);
319 
320         // Current users
321 
322         UserTracker userTracker = LiveUsers.getUserTracker(ses.getId());
323 
324         if ((userTracker != null) && (path != null) &&
325             (!path.equals(_PATH_C)) &&
326             (path.indexOf(_PATH_J_SECURITY_CHECK) == -1) &&
327             (path.indexOf(_PATH_PORTAL_PROTECTED) == -1) &&
328             (!_trackerIgnorePaths.contains(path))) {
329 
330             StringMaker sm = null;
331 
332             try {
333                 if (PropsValues.SESSION_TRACKER_FRIENDLY_PATHS_ENABLED) {
334                     sm = getFriendlyTrackerPath(path, themeDisplay, req);
335                 }
336             }
337             catch (Exception e) {
338                 _log.error(e, e);
339             }
340 
341             if (sm == null) {
342                 sm = new StringMaker();
343 
344                 sm.append(path);
345                 sm.append(StringPool.QUESTION);
346                 sm.append(req.getQueryString());
347             }
348 
349             UserTrackerPath userTrackerPath = UserTrackerPathUtil.create(0);
350 
351             userTrackerPath.setUserTrackerId(userTracker.getUserTrackerId());
352             userTrackerPath.setPath(sm.toString());
353             userTrackerPath.setPathDate(new Date());
354 
355             userTracker.addPath(userTrackerPath);
356         }
357 
358         String remoteUser = req.getRemoteUser();
359 
360         User user = null;
361 
362         try {
363             user = PortalUtil.getUser(req);
364         }
365         catch (Exception e) {
366         }
367 
368         // Last path
369 
370         if ((path != null) && (_lastPaths.contains(path)) &&
371             (!_trackerIgnorePaths.contains(path))) {
372 
373             boolean saveLastPath = ParamUtil.getBoolean(
374                 req, "save_last_path", true);
375 
376             // Exclusive and pop up window states should never be set as the
377             // last path
378 
379             if (LiferayWindowState.isExclusive(req) ||
380                 LiferayWindowState.isPopUp(req)) {
381 
382                 saveLastPath = false;
383             }
384 
385             // Save last path
386 
387             if (saveLastPath) {
388 
389                 // Was a last path set by another servlet that dispatched to
390                 // the MainServlet? If so, use that last path instead.
391 
392                 LastPath lastPath =
393                     (LastPath)req.getAttribute(WebKeys.LAST_PATH);
394 
395                 if (lastPath == null) {
396                     lastPath = new LastPath(
397                         themeDisplay.getPathMain(), path,
398                         req.getParameterMap());
399                 }
400 
401                 ses.setAttribute(WebKeys.LAST_PATH, lastPath);
402             }
403         }
404 
405         // Authenticated users can always log out
406 
407         if ((remoteUser != null || user != null) && (path != null) &&
408             (path.equals(_PATH_PORTAL_LOGOUT))) {
409 
410             return _PATH_PORTAL_LOGOUT;
411         }
412 
413         // Authenticated users can retrieve CSS and JavaScript
414 
415         if ((remoteUser != null || user != null) && (path != null) &&
416             (path.equals(_PATH_PORTAL_CSS) ||
417              path.equals(_PATH_PORTAL_CSS_CACHED) ||
418              path.equals(_PATH_PORTAL_JAVASCRIPT) ||
419              path.equals(_PATH_PORTAL_JAVASCRIPT_CACHED))) {
420 
421             return path;
422         }
423 
424         // Authenticated users can always agree to terms of use
425 
426         if ((remoteUser != null || user != null) && (path != null) &&
427             (path.equals(_PATH_PORTAL_UPDATE_TERMS_OF_USE))) {
428 
429             return _PATH_PORTAL_UPDATE_TERMS_OF_USE;
430         }
431 
432         // Authenticated users must still exist in the system
433 
434         if ((remoteUser != null) && (user == null)) {
435             return _PATH_PORTAL_LOGOUT;
436         }
437 
438         // Authenticated users must agree to Terms of Use
439 
440         if ((user != null) && (!user.isAgreedToTermsOfUse())) {
441             if (PropsValues.TERMS_OF_USE_REQUIRED) {
442                 return _PATH_PORTAL_TERMS_OF_USE;
443             }
444         }
445 
446         // Authenticated users must be active
447 
448         if ((user != null) && (!user.isActive())) {
449             SessionErrors.add(req, UserActiveException.class.getName());
450 
451             return _PATH_PORTAL_ERROR;
452         }
453 
454         // Authenticated users may not be allowed to have simultaneous logins
455 
456         if (!PropsValues.AUTH_SIMULTANEOUS_LOGINS) {
457             Boolean staleSession =
458                 (Boolean)ses.getAttribute(WebKeys.STALE_SESSION);
459 
460             if ((user != null) && (staleSession != null) &&
461                 (staleSession.booleanValue())) {
462 
463                 return _PATH_PORTAL_ERROR;
464             }
465         }
466 
467         // Authenticated users must have a current password
468 
469         if ((user != null) && (user.isPasswordReset())) {
470             return _PATH_PORTAL_CHANGE_PASSWORD;
471         }
472 
473         // Authenticated users must have at least one personalized page
474 
475         if (user != null) {
476             List layouts = themeDisplay.getLayouts();
477 
478             if ((layouts == null) || (layouts.size() == 0)) {
479                 SessionErrors.add(
480                     req, RequiredLayoutException.class.getName());
481 
482                 return _PATH_PORTAL_ERROR;
483             }
484         }
485 
486         // Users must sign in
487 
488         if (!isPublicPath(path)) {
489             if (user == null) {
490                 SessionErrors.add(req, PrincipalException.class.getName());
491 
492                 return _PATH_PORTAL_LOGIN;
493             }
494         }
495 
496         ActionMapping mapping =
497             (ActionMapping)moduleConfig.findActionConfig(path);
498 
499         if (path.startsWith(_PATH_WSRP)) {
500             path = _PATH_WSRP;
501         }
502         else {
503             path = mapping.getPath();
504         }
505 
506         // Authenticated users must have at least one role
507 
508         if (user != null) {
509             try {
510 
511                 // FIX ME
512 
513                 if (false) {
514                     SessionErrors.add(
515                         req, RequiredRoleException.class.getName());
516 
517                     return _PATH_PORTAL_ERROR;
518                 }
519             }
520             catch (Exception e) {
521                 e.printStackTrace();
522             }
523         }
524 
525         // Define the portlet objects
526 
527         if (isPortletPath(path)) {
528             try {
529                 Portlet portlet = null;
530 
531                 long companyId = PortalUtil.getCompanyId(req);
532                 String portletId = ParamUtil.getString(req, "p_p_id");
533 
534                 if (Validator.isNotNull(portletId)) {
535                     portlet = PortletLocalServiceUtil.getPortletById(
536                         companyId, portletId);
537                 }
538 
539                 if (portlet == null) {
540                     String strutsPath = path.substring(
541                         1, path.lastIndexOf(StringPool.SLASH));
542 
543                     portlet = PortletLocalServiceUtil.getPortletByStrutsPath(
544                         companyId, strutsPath);
545                 }
546 
547                 if (portlet != null && portlet.isActive()) {
548                     defineObjects(req, res, portlet);
549                 }
550             }
551             catch (Exception e) {
552                 req.setAttribute(PageContext.EXCEPTION, e);
553 
554                 path = _PATH_COMMON_ERROR;
555             }
556         }
557 
558         // Authenticated users must have access to at least one layout
559 
560         if (SessionErrors.contains(
561                 req, LayoutPermissionException.class.getName())) {
562 
563             return _PATH_PORTAL_ERROR;
564         }
565 
566         return path;
567     }
568 
569     protected boolean callParentProcessRoles(
570             HttpServletRequest req, HttpServletResponse res,
571             ActionMapping mapping)
572         throws IOException, ServletException {
573 
574         return super.processRoles(req, res, mapping);
575     }
576 
577     protected boolean processRoles(
578             HttpServletRequest req, HttpServletResponse res,
579             ActionMapping mapping)
580         throws IOException, ServletException {
581 
582         String path = mapping.getPath();
583 
584         if (isPublicPath(path)) {
585             return true;
586         }
587 
588         boolean authorized = true;
589 
590         User user = null;
591 
592         try {
593             user = PortalUtil.getUser(req);
594         }
595         catch (Exception e) {
596         }
597 
598         if ((user != null) && isPortletPath(path)) {
599             try {
600 
601                 // Authenticated users can always log out
602 
603                 if (path.equals(_PATH_PORTAL_LOGOUT)) {
604                     return true;
605                 }
606 
607                 Portlet portlet = null;
608 
609                 String portletId = ParamUtil.getString(req, "p_p_id");
610 
611                 if (Validator.isNotNull(portletId)) {
612                     portlet = PortletLocalServiceUtil.getPortletById(
613                         user.getCompanyId(), portletId);
614                 }
615 
616                 String strutsPath = path.substring(
617                     1, path.lastIndexOf(StringPool.SLASH));
618 
619                 if (portlet != null) {
620                     if (!strutsPath.equals(portlet.getStrutsPath())) {
621                         throw new PrincipalException();
622                     }
623                 }
624                 else {
625                     portlet = PortletLocalServiceUtil.getPortletByStrutsPath(
626                         user.getCompanyId(), strutsPath);
627                 }
628 
629                 if ((portlet != null) && portlet.isActive()) {
630                     ThemeDisplay themeDisplay =
631                         (ThemeDisplay)req.getAttribute(WebKeys.THEME_DISPLAY);
632 
633                     Layout layout = themeDisplay.getLayout();
634                     PermissionChecker permissionChecker =
635                         themeDisplay.getPermissionChecker();
636 
637                     if (!PortletPermissionUtil.contains(
638                             permissionChecker, layout.getPlid(), portlet,
639                             ActionKeys.VIEW)) {
640 
641                         throw new PrincipalException();
642                     }
643                 }
644                 else if (portlet != null && !portlet.isActive()) {
645                     SessionErrors.add(
646                         req, PortletActiveException.class.getName());
647 
648                     authorized = false;
649                 }
650             }
651             catch (Exception e) {
652                 SessionErrors.add(req, PrincipalException.class.getName());
653 
654                 authorized = false;
655             }
656         }
657 
658         if (!authorized) {
659             ForwardConfig forwardConfig =
660                 mapping.findForward(_PATH_PORTAL_ERROR);
661 
662             processForwardConfig(req, res, forwardConfig);
663 
664             return false;
665         }
666         else {
667             return true;
668         }
669     }
670 
671     protected String getLastPath(HttpServletRequest req) {
672         HttpSession ses = req.getSession();
673 
674         ThemeDisplay themeDisplay =
675             (ThemeDisplay)req.getAttribute(WebKeys.THEME_DISPLAY);
676 
677         Boolean httpsInitial = (Boolean)ses.getAttribute(WebKeys.HTTPS_INITIAL);
678 
679         String portalURL = null;
680 
681         if ((PropsValues.COMPANY_SECURITY_AUTH_REQUIRES_HTTPS) &&
682             (httpsInitial != null) && (!httpsInitial.booleanValue())) {
683 
684             portalURL = PortalUtil.getPortalURL(req, false);
685         }
686         else {
687             portalURL = PortalUtil.getPortalURL(req);
688         }
689 
690         StringMaker sm = new StringMaker();
691 
692         sm.append(portalURL);
693         sm.append(themeDisplay.getPathMain());
694         sm.append(_PATH_PORTAL_LAYOUT);
695 
696         if (!PropsValues.AUTH_FORWARD_BY_LAST_PATH) {
697             if (req.getRemoteUser() != null) {
698 
699                 // If we do not forward by last path and the user is logged in,
700                 // forward to the user's default layout to prevent a lagging
701                 // loop
702 
703                 sm.append(StringPool.QUESTION);
704                 sm.append("p_l_id");
705                 sm.append(StringPool.EQUAL);
706                 sm.append(LayoutImpl.DEFAULT_PLID);
707             }
708 
709             return sm.toString();
710         }
711 
712         LastPath lastPath = (LastPath)ses.getAttribute(WebKeys.LAST_PATH);
713 
714         if (lastPath == null) {
715             return sm.toString();
716         }
717 
718         Map parameterMap = lastPath.getParameterMap();
719 
720         // Only test for existing mappings for last paths that were set when the
721         // user accessed a layout directly instead of through its friendly URL
722 
723         if (lastPath.getContextPath().equals(themeDisplay.getPathMain())) {
724             ActionMapping mapping =
725                 (ActionMapping)moduleConfig.findActionConfig(
726                     lastPath.getPath());
727 
728             if ((mapping == null) || (parameterMap == null)) {
729                 return sm.toString();
730             }
731         }
732 
733         StringMaker lastPathSM = new StringMaker();
734 
735         lastPathSM.append(portalURL);
736         lastPathSM.append(lastPath.getContextPath());
737         lastPathSM.append(lastPath.getPath());
738         lastPathSM.append(HttpUtil.parameterMapToString(parameterMap));
739 
740         return lastPathSM.toString();
741     }
742 
743     protected boolean isPortletPath(String path) {
744         if ((path != null) &&
745             (!path.equals(_PATH_C)) &&
746             (!path.startsWith(_PATH_COMMON)) &&
747             (path.indexOf(_PATH_J_SECURITY_CHECK) == -1) &&
748             (!path.startsWith(_PATH_PORTAL)) &&
749             (!path.startsWith(_PATH_WSRP))) {
750 
751             return true;
752         }
753         else {
754             return false;
755         }
756     }
757 
758     protected boolean isPublicPath(String path) {
759         if ((path != null) &&
760             (_publicPaths.contains(path)) ||
761             (path.startsWith(_PATH_COMMON)) ||
762             (path.startsWith(_PATH_WSRP))) {
763 
764             return true;
765         }
766         else {
767             return false;
768         }
769     }
770 
771     protected void defineObjects(
772             HttpServletRequest req, HttpServletResponse res, Portlet portlet)
773         throws Exception {
774 
775         String portletId = portlet.getPortletId();
776 
777         ServletContext ctx =
778             (ServletContext)req.getAttribute(WebKeys.CTX);
779 
780         CachePortlet cachePortlet = PortletInstanceFactory.create(portlet, ctx);
781 
782         PortletPreferencesIds portletPreferencesIds =
783             PortletPreferencesFactoryUtil.getPortletPreferencesIds(
784                 req, portletId);
785 
786         PortletPreferences portletPreferences =
787             PortletPreferencesLocalServiceUtil.getPreferences(
788                 portletPreferencesIds);
789 
790         PortletConfig portletConfig = PortletConfigFactory.create(portlet, ctx);
791         PortletContext portletCtx =
792             portletConfig.getPortletContext();
793 
794         RenderRequestImpl renderRequestImpl = RenderRequestFactory.create(
795             req, portlet, cachePortlet, portletCtx, WindowState.MAXIMIZED,
796             PortletMode.VIEW, portletPreferences);
797 
798         RenderResponseImpl renderResponseImpl = RenderResponseFactory.create(
799             renderRequestImpl, res, portletId, portlet.getCompanyId());
800 
801         renderRequestImpl.defineObjects(portletConfig, renderResponseImpl);
802 
803         req.setAttribute(WebKeys.PORTLET_STRUTS_EXECUTE, Boolean.TRUE);
804     }
805 
806     protected void cleanUp(HttpServletRequest req) throws Exception {
807 
808         // Clean up portlet objects that may have been created by defineObjects
809         // for portlets that are called directly from a Struts path
810 
811         RenderRequestImpl renderRequestImpl =
812             (RenderRequestImpl)req.getAttribute(
813                 JavaConstants.JAVAX_PORTLET_REQUEST);
814 
815         if (renderRequestImpl != null) {
816             RenderRequestFactory.recycle(renderRequestImpl);
817         }
818 
819         RenderResponseImpl renderResponseImpl =
820             (RenderResponseImpl)req.getAttribute(
821                 JavaConstants.JAVAX_PORTLET_RESPONSE);
822 
823         if (renderResponseImpl != null) {
824             RenderResponseFactory.recycle(renderResponseImpl);
825         }
826     }
827 
828     private void _addPaths(Set paths, String propsKey) {
829         String[] pathsArray = PropsUtil.getArray(propsKey);
830 
831         for (int i = 0; i < pathsArray.length; i++) {
832             paths.add(pathsArray[i]);
833         }
834     }
835 
836     private static String _PATH_C = "/c";
837 
838     private static String _PATH_COMMON = "/common";
839 
840     private static String _PATH_COMMON_ERROR = "/common/error";
841 
842     private static String _PATH_J_SECURITY_CHECK = "/j_security_check";
843 
844     private static String _PATH_PORTAL = "/portal";
845 
846     private static String _PATH_PORTAL_CHANGE_PASSWORD =
847         "/portal/change_password";
848 
849     private static String _PATH_PORTAL_CSS = "/portal/css";
850 
851     private static String _PATH_PORTAL_CSS_CACHED = "/portal/css_cached";
852 
853     private static String _PATH_PORTAL_ERROR = "/portal/error";
854 
855     private static String _PATH_PORTAL_FLASH = "/portal/flash";
856 
857     private static String _PATH_PORTAL_J_LOGIN = "/portal/j_login";
858 
859     private static String _PATH_PORTAL_JAVASCRIPT = "/portal/javascript";
860 
861     private static String _PATH_PORTAL_JAVASCRIPT_CACHED =
862         "/portal/javascript_cached";
863 
864     private static String _PATH_PORTAL_LAYOUT = "/portal/layout";
865 
866     private static String _PATH_PORTAL_LOGIN = "/portal/login";
867 
868     private static String _PATH_PORTAL_LOGIN_CAPTCHA = "/portal/login_captcha";
869 
870     private static String _PATH_PORTAL_LOGOUT = "/portal/logout";
871 
872     private static String _PATH_PORTAL_PROTECTED = "/portal/protected";
873 
874     private static String _PATH_PORTAL_RENDER_PORTLET =
875         "/portal/render_portlet";
876 
877     private static String _PATH_PORTAL_TCK = "/portal/tck";
878 
879     private static String _PATH_PORTAL_TERMS_OF_USE = "/portal/terms_of_use";
880 
881     private static String _PATH_PORTAL_UPDATE_TERMS_OF_USE =
882         "/portal/update_terms_of_use";
883 
884     private static String _PATH_WSRP = "/wsrp";
885 
886     private static Log _log = LogFactory.getLog(PortalRequestProcessor.class);
887 
888     private Set _lastPaths;
889     private Set _publicPaths;
890     private Set _trackerIgnorePaths;
891 
892 }