1   /**
2    * Copyright (c) 2000-2009 Liferay, Inc. All rights reserved.
3    *
4    *
5    *
6    *
7    * The contents of this file are subject to the terms of the Liferay Enterprise
8    * Subscription License ("License"). You may not use this file except in
9    * compliance with the License. You can obtain a copy of the License by
10   * contacting Liferay, Inc. See the License for the specific language governing
11   * permissions and limitations under the License, including but not limited to
12   * distribution rights of the Software.
13   *
14   * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
15   * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
16   * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
17   * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
18   * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
19   * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
20   * SOFTWARE.
21   */
22  
23  package com.liferay.portal.struts;
24  
25  import com.liferay.portal.LayoutPermissionException;
26  import com.liferay.portal.PortletActiveException;
27  import com.liferay.portal.RequiredRoleException;
28  import com.liferay.portal.SystemException;
29  import com.liferay.portal.UserActiveException;
30  import com.liferay.portal.kernel.log.Log;
31  import com.liferay.portal.kernel.log.LogFactoryUtil;
32  import com.liferay.portal.kernel.portlet.FriendlyURLMapper;
33  import com.liferay.portal.kernel.servlet.HttpMethods;
34  import com.liferay.portal.kernel.servlet.SessionErrors;
35  import com.liferay.portal.kernel.util.GetterUtil;
36  import com.liferay.portal.kernel.util.HttpUtil;
37  import com.liferay.portal.kernel.util.JavaConstants;
38  import com.liferay.portal.kernel.util.ParamUtil;
39  import com.liferay.portal.kernel.util.StringPool;
40  import com.liferay.portal.kernel.util.Validator;
41  import com.liferay.portal.liveusers.LiveUsers;
42  import com.liferay.portal.model.Layout;
43  import com.liferay.portal.model.LayoutConstants;
44  import com.liferay.portal.model.Portlet;
45  import com.liferay.portal.model.PortletPreferencesIds;
46  import com.liferay.portal.model.User;
47  import com.liferay.portal.model.UserTracker;
48  import com.liferay.portal.model.UserTrackerPath;
49  import com.liferay.portal.security.auth.PrincipalException;
50  import com.liferay.portal.security.permission.ActionKeys;
51  import com.liferay.portal.security.permission.PermissionChecker;
52  import com.liferay.portal.service.LayoutLocalServiceUtil;
53  import com.liferay.portal.service.PortletLocalServiceUtil;
54  import com.liferay.portal.service.PortletPreferencesLocalServiceUtil;
55  import com.liferay.portal.service.permission.PortletPermissionUtil;
56  import com.liferay.portal.service.persistence.UserTrackerPathUtil;
57  import com.liferay.portal.theme.ThemeDisplay;
58  import com.liferay.portal.util.PortalUtil;
59  import com.liferay.portal.util.PrefsPropsUtil;
60  import com.liferay.portal.util.PropsKeys;
61  import com.liferay.portal.util.PropsUtil;
62  import com.liferay.portal.util.PropsValues;
63  import com.liferay.portal.util.WebKeys;
64  import com.liferay.portlet.InvokerPortlet;
65  import com.liferay.portlet.PortletConfigFactory;
66  import com.liferay.portlet.PortletInstanceFactoryUtil;
67  import com.liferay.portlet.PortletPreferencesFactoryUtil;
68  import com.liferay.portlet.PortletURLImpl;
69  import com.liferay.portlet.RenderRequestFactory;
70  import com.liferay.portlet.RenderRequestImpl;
71  import com.liferay.portlet.RenderResponseFactory;
72  import com.liferay.portlet.RenderResponseImpl;
73  
74  import java.io.IOException;
75  
76  import java.util.Date;
77  import java.util.HashSet;
78  import java.util.Iterator;
79  import java.util.Map.Entry;
80  import java.util.Map;
81  import java.util.Set;
82  
83  import javax.portlet.PortletConfig;
84  import javax.portlet.PortletContext;
85  import javax.portlet.PortletMode;
86  import javax.portlet.PortletPreferences;
87  import javax.portlet.PortletRequest;
88  import javax.portlet.WindowState;
89  
90  import javax.servlet.ServletContext;
91  import javax.servlet.ServletException;
92  import javax.servlet.http.HttpServletRequest;
93  import javax.servlet.http.HttpServletResponse;
94  import javax.servlet.http.HttpSession;
95  import javax.servlet.jsp.PageContext;
96  
97  import org.apache.struts.action.ActionMapping;
98  import org.apache.struts.config.ForwardConfig;
99  import org.apache.struts.tiles.TilesRequestProcessor;
100 
101 /**
102  * <a href="PortalRequestProcessor.java.html"><b><i>View Source</i></b></a>
103  *
104  * @author Brian Wing Shun Chan
105  * @author Jorge Ferrer
106  *
107  */
108 public class PortalRequestProcessor extends TilesRequestProcessor {
109 
110     public PortalRequestProcessor() {
111 
112         // auth.forward.last.path.
113 
114         _lastPaths = new HashSet<String>();
115 
116         _lastPaths.add(_PATH_PORTAL_LAYOUT);
117 
118         addPaths(_lastPaths, PropsKeys.AUTH_FORWARD_LAST_PATHS);
119 
120         // auth.public.path.
121 
122         _publicPaths = new HashSet<String>();
123 
124         _publicPaths.add(_PATH_C);
125         _publicPaths.add(_PATH_PORTAL_FLASH);
126         _publicPaths.add(_PATH_PORTAL_J_LOGIN);
127         _publicPaths.add(_PATH_PORTAL_LAYOUT);
128         _publicPaths.add(_PATH_PORTAL_LOGIN);
129         _publicPaths.add(_PATH_PORTAL_RENDER_PORTLET);
130         _publicPaths.add(_PATH_PORTAL_TCK);
131 
132         addPaths(_publicPaths, PropsKeys.AUTH_PUBLIC_PATHS);
133 
134         _trackerIgnorePaths = new HashSet<String>();
135 
136         addPaths(_trackerIgnorePaths, PropsKeys.SESSION_TRACKER_IGNORE_PATHS);
137     }
138 
139     public void process(
140             HttpServletRequest request, HttpServletResponse response)
141         throws IOException, ServletException {
142 
143         String path = super.processPath(request, response);
144 
145         ActionMapping mapping = (ActionMapping)moduleConfig.findActionConfig(
146             path);
147 
148         if ((mapping == null) && !path.startsWith(_PATH_WSRP)) {
149             String lastPath = getLastPath(request);
150 
151             if (_log.isDebugEnabled()) {
152                 _log.debug("Last path " + lastPath);
153             }
154 
155             response.sendRedirect(lastPath);
156 
157             return;
158         }
159 
160         super.process(request, response);
161 
162         try {
163             if (isPortletPath(path)) {
164                 cleanUp(request);
165             }
166         }
167         catch (Exception e) {
168             _log.error(e, e);
169         }
170     }
171 
172     protected void addPaths(Set<String> paths, String propsKey) {
173         String[] pathsArray = PropsUtil.getArray(propsKey);
174 
175         for (String path : pathsArray) {
176             paths.add(path);
177         }
178     }
179 
180     protected void callParentDoForward(
181             String uri, HttpServletRequest request,
182             HttpServletResponse response)
183         throws IOException, ServletException {
184 
185         super.doForward(uri, request, response);
186     }
187 
188     protected HttpServletRequest callParentProcessMultipart(
189         HttpServletRequest request) {
190 
191         return super.processMultipart(request);
192     }
193 
194     protected String callParentProcessPath(
195             HttpServletRequest request, HttpServletResponse response)
196         throws IOException {
197 
198         return super.processPath(request, response);
199     }
200 
201     protected boolean callParentProcessRoles(
202             HttpServletRequest request, HttpServletResponse response,
203             ActionMapping mapping)
204         throws IOException, ServletException {
205 
206         return super.processRoles(request, response, mapping);
207     }
208 
209     protected void cleanUp(HttpServletRequest request) throws Exception {
210 
211         // Clean up portlet objects that may have been created by defineObjects
212         // for portlets that are called directly from a Struts path
213 
214         RenderRequestImpl renderRequestImpl =
215             (RenderRequestImpl)request.getAttribute(
216                 JavaConstants.JAVAX_PORTLET_REQUEST);
217 
218         if (renderRequestImpl != null) {
219             renderRequestImpl.cleanUp();
220         }
221     }
222 
223     protected void defineObjects(
224             HttpServletRequest request, HttpServletResponse response,
225             Portlet portlet)
226         throws Exception {
227 
228         String portletId = portlet.getPortletId();
229 
230         ServletContext servletContext = (ServletContext)request.getAttribute(
231             WebKeys.CTX);
232 
233         InvokerPortlet invokerPortlet = PortletInstanceFactoryUtil.create(
234             portlet, servletContext);
235 
236         PortletPreferencesIds portletPreferencesIds =
237             PortletPreferencesFactoryUtil.getPortletPreferencesIds(
238                 request, portletId);
239 
240         PortletPreferences portletPreferences =
241             PortletPreferencesLocalServiceUtil.getPreferences(
242                 portletPreferencesIds);
243 
244         PortletConfig portletConfig = PortletConfigFactory.create(
245             portlet, servletContext);
246         PortletContext portletContext = portletConfig.getPortletContext();
247 
248         RenderRequestImpl renderRequestImpl = RenderRequestFactory.create(
249             request, portlet, invokerPortlet, portletContext,
250             WindowState.MAXIMIZED, PortletMode.VIEW, portletPreferences);
251 
252         RenderResponseImpl renderResponseImpl = RenderResponseFactory.create(
253             renderRequestImpl, response, portletId, portlet.getCompanyId());
254 
255         renderRequestImpl.defineObjects(portletConfig, renderResponseImpl);
256 
257         request.setAttribute(WebKeys.PORTLET_STRUTS_EXECUTE, Boolean.TRUE);
258     }
259 
260     protected void doForward(
261             String uri, HttpServletRequest request,
262             HttpServletResponse response)
263         throws ServletException {
264 
265         StrutsUtil.forward(uri, getServletContext(), request, response);
266     }
267 
268     protected void doInclude(
269             String uri, HttpServletRequest request,
270             HttpServletResponse response)
271         throws ServletException {
272 
273         StrutsUtil.include(uri, getServletContext(), request, response);
274     }
275 
276     protected StringBuilder getFriendlyTrackerPath(
277             String path, ThemeDisplay themeDisplay, HttpServletRequest request)
278         throws Exception {
279 
280         if (!path.equals(_PATH_PORTAL_LAYOUT)) {
281             return null;
282         }
283 
284         long plid = ParamUtil.getLong(request, "p_l_id");
285 
286         if (plid == 0) {
287             return null;
288         }
289 
290         Layout layout = LayoutLocalServiceUtil.getLayout(plid);
291 
292         String layoutFriendlyURL = PortalUtil.getLayoutFriendlyURL(
293             layout, themeDisplay);
294 
295         StringBuilder sb = new StringBuilder();
296 
297         sb.append(layoutFriendlyURL);
298 
299         String portletId = ParamUtil.getString(request, "p_p_id");
300 
301         if (Validator.isNull(portletId)) {
302             return sb;
303         }
304 
305         long companyId = PortalUtil.getCompanyId(request);
306 
307         Portlet portlet = PortletLocalServiceUtil.getPortletById(
308             companyId, portletId);
309 
310         if (portlet == null) {
311             String strutsPath = path.substring(
312                 1, path.lastIndexOf(StringPool.SLASH));
313 
314             portlet = PortletLocalServiceUtil.getPortletByStrutsPath(
315                 companyId, strutsPath);
316         }
317 
318         if ((portlet == null) || !portlet.isActive()) {
319             sb.append(StringPool.QUESTION);
320             sb.append(request.getQueryString());
321 
322             return sb;
323         }
324 
325         String namespace = PortalUtil.getPortletNamespace(portletId);
326 
327         FriendlyURLMapper friendlyURLMapper =
328             portlet.getFriendlyURLMapperInstance();
329 
330         if (friendlyURLMapper == null) {
331             sb.append(StringPool.QUESTION);
332             sb.append(request.getQueryString());
333 
334             return sb;
335         }
336 
337         PortletURLImpl portletURL = new PortletURLImpl(
338             request, portletId, plid, PortletRequest.RENDER_PHASE);
339 
340         Iterator<Map.Entry<String, String[]>> itr =
341             request.getParameterMap().entrySet().iterator();
342 
343         while (itr.hasNext()) {
344             Entry<String, String[]> entry = itr.next();
345 
346             String key = entry.getKey();
347 
348             if (key.startsWith(namespace)) {
349                 key = key.substring(namespace.length());
350 
351                 portletURL.setParameter(key, entry.getValue());
352             }
353         }
354 
355         String portletFriendlyURL = friendlyURLMapper.buildPath(portletURL);
356 
357         if (portletFriendlyURL != null) {
358             sb.append(portletFriendlyURL);
359         }
360         else {
361             sb.append(StringPool.QUESTION);
362             sb.append(request.getQueryString());
363         }
364 
365         return sb;
366     }
367 
368     protected String getLastPath(HttpServletRequest request) {
369         HttpSession session = request.getSession();
370 
371         ThemeDisplay themeDisplay = (ThemeDisplay)request.getAttribute(
372             WebKeys.THEME_DISPLAY);
373 
374         Boolean httpsInitial = (Boolean)session.getAttribute(
375             WebKeys.HTTPS_INITIAL);
376 
377         String portalURL = null;
378 
379         if ((PropsValues.COMPANY_SECURITY_AUTH_REQUIRES_HTTPS) &&
380             (httpsInitial != null) && (!httpsInitial.booleanValue())) {
381 
382             portalURL = PortalUtil.getPortalURL(request, false);
383         }
384         else {
385             portalURL = PortalUtil.getPortalURL(request);
386         }
387 
388         StringBuilder sb = new StringBuilder();
389 
390         sb.append(portalURL);
391         sb.append(themeDisplay.getPathMain());
392         sb.append(_PATH_PORTAL_LAYOUT);
393 
394         if (!PropsValues.AUTH_FORWARD_BY_LAST_PATH) {
395             if (request.getRemoteUser() != null) {
396 
397                 // If we do not forward by last path and the user is logged in,
398                 // forward to the user's default layout to prevent a lagging
399                 // loop
400 
401                 sb.append(StringPool.QUESTION);
402                 sb.append("p_l_id");
403                 sb.append(StringPool.EQUAL);
404                 sb.append(LayoutConstants.DEFAULT_PLID);
405             }
406 
407             return sb.toString();
408         }
409 
410         LastPath lastPath = (LastPath)session.getAttribute(WebKeys.LAST_PATH);
411 
412         if (lastPath == null) {
413             return sb.toString();
414         }
415 
416         Map<String, String[]> parameterMap = lastPath.getParameterMap();
417 
418         // Only test for existing mappings for last paths that were set when the
419         // user accessed a layout directly instead of through its friendly URL
420 
421         if (lastPath.getContextPath().equals(themeDisplay.getPathMain())) {
422             ActionMapping mapping =
423                 (ActionMapping)moduleConfig.findActionConfig(
424                     lastPath.getPath());
425 
426             if ((mapping == null) || (parameterMap == null)) {
427                 return sb.toString();
428             }
429         }
430 
431         StringBuilder lastPathSB = new StringBuilder();
432 
433         lastPathSB.append(portalURL);
434         lastPathSB.append(lastPath.getContextPath());
435         lastPathSB.append(lastPath.getPath());
436         lastPathSB.append(HttpUtil.parameterMapToString(parameterMap));
437 
438         return lastPathSB.toString();
439     }
440 
441     protected boolean isPortletPath(String path) {
442         if ((path != null) &&
443             (!path.equals(_PATH_C)) &&
444             (!path.startsWith(_PATH_COMMON)) &&
445             (path.indexOf(_PATH_J_SECURITY_CHECK) == -1) &&
446             (!path.startsWith(_PATH_PORTAL)) &&
447             (!path.startsWith(_PATH_WSRP))) {
448 
449             return true;
450         }
451         else {
452             return false;
453         }
454     }
455 
456     protected boolean isPublicPath(String path) {
457         if ((path != null) &&
458             (_publicPaths.contains(path)) ||
459             (path.startsWith(_PATH_COMMON)) ||
460             (path.startsWith(_PATH_WSRP))) {
461 
462             return true;
463         }
464         else {
465             return false;
466         }
467     }
468 
469     protected ActionMapping processMapping(
470             HttpServletRequest request, HttpServletResponse response,
471             String path)
472         throws IOException {
473 
474         if (path == null) {
475             return null;
476         }
477 
478         ActionMapping mapping = super.processMapping(request, response, path);
479 
480         if (mapping == null) {
481             String msg = getInternal().getMessage("processInvalid");
482 
483             _log.error("User ID " + request.getRemoteUser());
484             _log.error("Current URL " + PortalUtil.getCurrentURL(request));
485             _log.error("Referer " + request.getHeader("Referer"));
486             _log.error("Remote address " + request.getRemoteAddr());
487 
488             _log.error(msg + " " + path);
489         }
490 
491         return mapping;
492     }
493 
494     protected HttpServletRequest processMultipart(HttpServletRequest request) {
495 
496         // Disable Struts from automatically wrapping a multipart request
497 
498         return request;
499     }
500 
501     protected String processPath(
502             HttpServletRequest request, HttpServletResponse response)
503         throws IOException {
504 
505         String path = GetterUtil.getString(
506             super.processPath(request, response));
507 
508         HttpSession session = request.getSession();
509 
510         ThemeDisplay themeDisplay = (ThemeDisplay)request.getAttribute(
511             WebKeys.THEME_DISPLAY);
512 
513         // Current users
514 
515         UserTracker userTracker = LiveUsers.getUserTracker(
516             themeDisplay.getCompanyId(), session.getId());
517 
518         if ((userTracker != null) && (!path.equals(_PATH_C)) &&
519             (path.indexOf(_PATH_J_SECURITY_CHECK) == -1) &&
520             (path.indexOf(_PATH_PORTAL_PROTECTED) == -1) &&
521             (!_trackerIgnorePaths.contains(path))) {
522 
523             StringBuilder sb = null;
524 
525             try {
526                 if (PropsValues.SESSION_TRACKER_FRIENDLY_PATHS_ENABLED) {
527                     sb = getFriendlyTrackerPath(path, themeDisplay, request);
528                 }
529             }
530             catch (Exception e) {
531                 _log.error(e, e);
532             }
533 
534             if (sb == null) {
535                 sb = new StringBuilder();
536 
537                 sb.append(path);
538                 sb.append(StringPool.QUESTION);
539                 sb.append(request.getQueryString());
540             }
541 
542             UserTrackerPath userTrackerPath = UserTrackerPathUtil.create(0);
543 
544             userTrackerPath.setUserTrackerId(userTracker.getUserTrackerId());
545             userTrackerPath.setPath(sb.toString());
546             userTrackerPath.setPathDate(new Date());
547 
548             userTracker.addPath(userTrackerPath);
549         }
550 
551         String remoteUser = request.getRemoteUser();
552 
553         User user = null;
554 
555         try {
556             user = PortalUtil.getUser(request);
557         }
558         catch (Exception e) {
559         }
560 
561         // Last path
562 
563         if (_lastPaths.contains(path) && !_trackerIgnorePaths.contains(path)) {
564             boolean saveLastPath = ParamUtil.getBoolean(
565                 request, "saveLastPath", true);
566 
567             if (themeDisplay.isLifecycleResource() ||
568                 themeDisplay.isStateExclusive() ||
569                 themeDisplay.isStatePopUp() ||
570                 !request.getMethod().equalsIgnoreCase(HttpMethods.GET)) {
571 
572                 saveLastPath = false;
573             }
574 
575             // Save last path
576 
577             if (saveLastPath) {
578 
579                 // Was a last path set by another servlet that dispatched to
580                 // the MainServlet? If so, use that last path instead.
581 
582                 LastPath lastPath = (LastPath)request.getAttribute(
583                     WebKeys.LAST_PATH);
584 
585                 if (lastPath == null) {
586                     lastPath = new LastPath(
587                         themeDisplay.getPathMain(), path,
588                         request.getParameterMap());
589                 }
590 
591                 session.setAttribute(WebKeys.LAST_PATH, lastPath);
592             }
593         }
594 
595         // Authenticated users can always log out
596 
597         if (((remoteUser != null) || (user != null)) &&
598             (path.equals(_PATH_PORTAL_LOGOUT))) {
599 
600             return path;
601         }
602 
603         // Authenticated users can always extend or confirm their session
604 
605         if (((remoteUser != null) || (user != null)) &&
606             (path.equals(_PATH_PORTAL_EXPIRE_SESSION) ||
607              path.equals(_PATH_PORTAL_EXTEND_SESSION))) {
608 
609             return path;
610         }
611 
612         // Authenticated users can always agree to terms of use
613 
614         if (((remoteUser != null) || (user != null)) &&
615             (path.equals(_PATH_PORTAL_UPDATE_TERMS_OF_USE))) {
616 
617             return path;
618         }
619 
620         // Authenticated users must still exist in the system
621 
622         if ((remoteUser != null) && (user == null)) {
623             return _PATH_PORTAL_LOGOUT;
624         }
625 
626         // Authenticated users must be active
627 
628         if ((user != null) && !user.isActive()) {
629             SessionErrors.add(request, UserActiveException.class.getName());
630 
631             return _PATH_PORTAL_ERROR;
632         }
633 
634         if (!path.equals(_PATH_PORTAL_RENDER_PORTLET)) {
635 
636             // Authenticated users should agree to Terms of Use
637 
638             if ((user != null) && !user.isAgreedToTermsOfUse()) {
639                 boolean termsOfUseRequired = false;
640 
641                 try {
642                     termsOfUseRequired = PrefsPropsUtil.getBoolean(
643                         user.getCompanyId(), PropsKeys.TERMS_OF_USE_REQUIRED);
644                 }
645                 catch (SystemException se) {
646                     termsOfUseRequired = PropsValues.TERMS_OF_USE_REQUIRED;
647                 }
648 
649                 if (termsOfUseRequired) {
650                     return _PATH_PORTAL_TERMS_OF_USE;
651                 }
652             }
653 
654             // Authenticated users must have a current password
655 
656             if ((user != null) && user.isPasswordReset()) {
657                 return _PATH_PORTAL_UPDATE_PASSWORD;
658             }
659 
660             // Authenticated users must have an email address
661 
662             if ((user != null) && Validator.isNull(user.getEmailAddress())) {
663                 return _PATH_PORTAL_UPDATE_EMAIL_ADDRESS;
664             }
665 
666             // Authenticated users should have a reminder query
667 
668             if ((user != null) &&
669                 (Validator.isNull(user.getReminderQueryQuestion()) ||
670                  Validator.isNull(user.getReminderQueryAnswer()))) {
671 
672                 if (PropsValues.USERS_REMINDER_QUERIES_ENABLED) {
673                     return _PATH_PORTAL_UPDATE_REMINDER_QUERY;
674                 }
675             }
676         }
677 
678         // Users must sign in
679 
680         if (!isPublicPath(path)) {
681             if (user == null) {
682                 SessionErrors.add(request, PrincipalException.class.getName());
683 
684                 return _PATH_PORTAL_LOGIN;
685             }
686         }
687 
688         ActionMapping mapping =
689             (ActionMapping)moduleConfig.findActionConfig(path);
690 
691         if (path.startsWith(_PATH_WSRP)) {
692             path = _PATH_WSRP;
693         }
694         else {
695             path = mapping.getPath();
696         }
697 
698         // Authenticated users must have at least one role
699 
700         if (user != null) {
701             try {
702 
703                 // FIX ME
704 
705                 if (false) {
706                     SessionErrors.add(
707                         request, RequiredRoleException.class.getName());
708 
709                     return _PATH_PORTAL_ERROR;
710                 }
711             }
712             catch (Exception e) {
713                 e.printStackTrace();
714             }
715         }
716 
717         // Define the portlet objects
718 
719         if (isPortletPath(path)) {
720             try {
721                 Portlet portlet = null;
722 
723                 long companyId = PortalUtil.getCompanyId(request);
724                 String portletId = ParamUtil.getString(request, "p_p_id");
725 
726                 if (Validator.isNotNull(portletId)) {
727                     portlet = PortletLocalServiceUtil.getPortletById(
728                         companyId, portletId);
729                 }
730 
731                 if (portlet == null) {
732                     String strutsPath = path.substring(
733                         1, path.lastIndexOf(StringPool.SLASH));
734 
735                     portlet = PortletLocalServiceUtil.getPortletByStrutsPath(
736                         companyId, strutsPath);
737                 }
738 
739                 if ((portlet != null) && portlet.isActive()) {
740                     defineObjects(request, response, portlet);
741                 }
742             }
743             catch (Exception e) {
744                 request.setAttribute(PageContext.EXCEPTION, e);
745 
746                 path = _PATH_COMMON_ERROR;
747             }
748         }
749 
750         // Authenticated users must have access to at least one layout
751 
752         if (SessionErrors.contains(
753                 request, LayoutPermissionException.class.getName())) {
754 
755             return _PATH_PORTAL_ERROR;
756         }
757 
758         return path;
759     }
760 
761     protected boolean processRoles(
762             HttpServletRequest request, HttpServletResponse response,
763             ActionMapping mapping)
764         throws IOException, ServletException {
765 
766         String path = mapping.getPath();
767 
768         if (isPublicPath(path)) {
769             return true;
770         }
771 
772         boolean authorized = true;
773 
774         User user = null;
775 
776         try {
777             user = PortalUtil.getUser(request);
778         }
779         catch (Exception e) {
780         }
781 
782         if ((user != null) && isPortletPath(path)) {
783             try {
784 
785                 // Authenticated users can always log out
786 
787                 if (path.equals(_PATH_PORTAL_LOGOUT)) {
788                     return true;
789                 }
790 
791                 Portlet portlet = null;
792 
793                 String portletId = ParamUtil.getString(request, "p_p_id");
794 
795                 if (Validator.isNotNull(portletId)) {
796                     portlet = PortletLocalServiceUtil.getPortletById(
797                         user.getCompanyId(), portletId);
798                 }
799 
800                 String strutsPath = path.substring(
801                     1, path.lastIndexOf(StringPool.SLASH));
802 
803                 if (portlet != null) {
804                     if (!strutsPath.equals(portlet.getStrutsPath())) {
805                         throw new PrincipalException();
806                     }
807                 }
808                 else {
809                     portlet = PortletLocalServiceUtil.getPortletByStrutsPath(
810                         user.getCompanyId(), strutsPath);
811                 }
812 
813                 if ((portlet != null) && portlet.isActive()) {
814                     ThemeDisplay themeDisplay =
815                         (ThemeDisplay)request.getAttribute(
816                             WebKeys.THEME_DISPLAY);
817 
818                     Layout layout = themeDisplay.getLayout();
819                     PermissionChecker permissionChecker =
820                         themeDisplay.getPermissionChecker();
821 
822                     if (!PortletPermissionUtil.contains(
823                             permissionChecker, layout.getPlid(), portlet,
824                             ActionKeys.VIEW)) {
825 
826                         throw new PrincipalException();
827                     }
828                 }
829                 else if (portlet != null && !portlet.isActive()) {
830                     SessionErrors.add(
831                         request, PortletActiveException.class.getName());
832 
833                     authorized = false;
834                 }
835             }
836             catch (Exception e) {
837                 SessionErrors.add(request, PrincipalException.class.getName());
838 
839                 authorized = false;
840             }
841         }
842 
843         if (!authorized) {
844             ForwardConfig forwardConfig =
845                 mapping.findForward(_PATH_PORTAL_ERROR);
846 
847             processForwardConfig(request, response, forwardConfig);
848 
849             return false;
850         }
851         else {
852             return true;
853         }
854     }
855 
856     private static String _PATH_C = "/c";
857 
858     private static String _PATH_COMMON = "/common";
859 
860     private static String _PATH_COMMON_ERROR = "/common/error";
861 
862     private static String _PATH_J_SECURITY_CHECK = "/j_security_check";
863 
864     private static String _PATH_PORTAL = "/portal";
865 
866     private static String _PATH_PORTAL_ERROR = "/portal/error";
867 
868     private static String _PATH_PORTAL_EXPIRE_SESSION =
869         "/portal/expire_session";
870 
871     private static String _PATH_PORTAL_EXTEND_SESSION =
872         "/portal/extend_session";
873 
874     private static String _PATH_PORTAL_FLASH = "/portal/flash";
875 
876     private static String _PATH_PORTAL_J_LOGIN = "/portal/j_login";
877 
878     private static String _PATH_PORTAL_LAYOUT = "/portal/layout";
879 
880     private static String _PATH_PORTAL_LOGIN = "/portal/login";
881 
882     private static String _PATH_PORTAL_LOGOUT = "/portal/logout";
883 
884     private static String _PATH_PORTAL_PROTECTED = "/portal/protected";
885 
886     private static String _PATH_PORTAL_RENDER_PORTLET =
887         "/portal/render_portlet";
888 
889     private static String _PATH_PORTAL_TCK = "/portal/tck";
890 
891     private static String _PATH_PORTAL_TERMS_OF_USE = "/portal/terms_of_use";
892 
893     private static String _PATH_PORTAL_UPDATE_EMAIL_ADDRESS =
894         "/portal/update_email_address";
895 
896     private static String _PATH_PORTAL_UPDATE_PASSWORD =
897         "/portal/update_password";
898 
899     private static String _PATH_PORTAL_UPDATE_REMINDER_QUERY =
900         "/portal/update_reminder_query";
901 
902     private static String _PATH_PORTAL_UPDATE_TERMS_OF_USE =
903         "/portal/update_terms_of_use";
904 
905     private static String _PATH_WSRP = "/wsrp";
906 
907     private static Log _log =
908         LogFactoryUtil.getLog(PortalRequestProcessor.class);
909 
910     private Set<String> _lastPaths;
911     private Set<String> _publicPaths;
912     private Set<String> _trackerIgnorePaths;
913 
914 }