1   /**
2    * Copyright (c) 2000-2009 Liferay, Inc. All rights reserved.
3    *
4    *
5    *
6    *
7    * The contents of this file are subject to the terms of the Liferay Enterprise
8    * Subscription License ("License"). You may not use this file except in
9    * compliance with the License. You can obtain a copy of the License by
10   * contacting Liferay, Inc. See the License for the specific language governing
11   * permissions and limitations under the License, including but not limited to
12   * distribution rights of the Software.
13   *
14   * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
15   * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
16   * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
17   * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
18   * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
19   * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
20   * SOFTWARE.
21   */
22  
23  package com.liferay.portal.struts;
24  
25  import com.liferay.portal.LayoutPermissionException;
26  import com.liferay.portal.PortletActiveException;
27  import com.liferay.portal.RequiredRoleException;
28  import com.liferay.portal.SystemException;
29  import com.liferay.portal.UserActiveException;
30  import com.liferay.portal.kernel.log.Log;
31  import com.liferay.portal.kernel.log.LogFactoryUtil;
32  import com.liferay.portal.kernel.portlet.FriendlyURLMapper;
33  import com.liferay.portal.kernel.servlet.HttpMethods;
34  import com.liferay.portal.kernel.servlet.SessionErrors;
35  import com.liferay.portal.kernel.util.GetterUtil;
36  import com.liferay.portal.kernel.util.HttpUtil;
37  import com.liferay.portal.kernel.util.JavaConstants;
38  import com.liferay.portal.kernel.util.ParamUtil;
39  import com.liferay.portal.kernel.util.PropsKeys;
40  import com.liferay.portal.kernel.util.StringPool;
41  import com.liferay.portal.kernel.util.Validator;
42  import com.liferay.portal.liveusers.LiveUsers;
43  import com.liferay.portal.model.Layout;
44  import com.liferay.portal.model.LayoutConstants;
45  import com.liferay.portal.model.Portlet;
46  import com.liferay.portal.model.PortletPreferencesIds;
47  import com.liferay.portal.model.User;
48  import com.liferay.portal.model.UserTracker;
49  import com.liferay.portal.model.UserTrackerPath;
50  import com.liferay.portal.security.auth.PrincipalException;
51  import com.liferay.portal.security.permission.ActionKeys;
52  import com.liferay.portal.security.permission.PermissionChecker;
53  import com.liferay.portal.service.LayoutLocalServiceUtil;
54  import com.liferay.portal.service.PortletLocalServiceUtil;
55  import com.liferay.portal.service.PortletPreferencesLocalServiceUtil;
56  import com.liferay.portal.service.permission.PortletPermissionUtil;
57  import com.liferay.portal.service.persistence.UserTrackerPathUtil;
58  import com.liferay.portal.theme.ThemeDisplay;
59  import com.liferay.portal.util.PortalUtil;
60  import com.liferay.portal.util.PrefsPropsUtil;
61  import com.liferay.portal.util.PropsUtil;
62  import com.liferay.portal.util.PropsValues;
63  import com.liferay.portal.util.WebKeys;
64  import com.liferay.portlet.InvokerPortlet;
65  import com.liferay.portlet.PortletConfigFactory;
66  import com.liferay.portlet.PortletInstanceFactoryUtil;
67  import com.liferay.portlet.PortletPreferencesFactoryUtil;
68  import com.liferay.portlet.PortletURLImpl;
69  import com.liferay.portlet.RenderRequestFactory;
70  import com.liferay.portlet.RenderRequestImpl;
71  import com.liferay.portlet.RenderResponseFactory;
72  import com.liferay.portlet.RenderResponseImpl;
73  
74  import java.io.IOException;
75  
76  import java.util.Date;
77  import java.util.HashSet;
78  import java.util.Iterator;
79  import java.util.Map.Entry;
80  import java.util.Map;
81  import java.util.Set;
82  
83  import javax.portlet.PortletConfig;
84  import javax.portlet.PortletContext;
85  import javax.portlet.PortletMode;
86  import javax.portlet.PortletPreferences;
87  import javax.portlet.PortletRequest;
88  import javax.portlet.WindowState;
89  
90  import javax.servlet.ServletContext;
91  import javax.servlet.ServletException;
92  import javax.servlet.http.HttpServletRequest;
93  import javax.servlet.http.HttpServletResponse;
94  import javax.servlet.http.HttpSession;
95  import javax.servlet.jsp.PageContext;
96  
97  import org.apache.struts.action.ActionMapping;
98  import org.apache.struts.config.ForwardConfig;
99  import org.apache.struts.tiles.TilesRequestProcessor;
100 
101 /**
102  * <a href="PortalRequestProcessor.java.html"><b><i>View Source</i></b></a>
103  *
104  * @author Brian Wing Shun Chan
105  * @author Jorge Ferrer
106  */
107 public class PortalRequestProcessor extends TilesRequestProcessor {
108 
109     public PortalRequestProcessor() {
110 
111         // auth.forward.last.path.
112 
113         _lastPaths = new HashSet<String>();
114 
115         _lastPaths.add(_PATH_PORTAL_LAYOUT);
116 
117         addPaths(_lastPaths, PropsKeys.AUTH_FORWARD_LAST_PATHS);
118 
119         // auth.public.path.
120 
121         _publicPaths = new HashSet<String>();
122 
123         _publicPaths.add(_PATH_C);
124         _publicPaths.add(_PATH_PORTAL_FLASH);
125         _publicPaths.add(_PATH_PORTAL_J_LOGIN);
126         _publicPaths.add(_PATH_PORTAL_LAYOUT);
127         _publicPaths.add(_PATH_PORTAL_LOGIN);
128         _publicPaths.add(_PATH_PORTAL_RENDER_PORTLET);
129         _publicPaths.add(_PATH_PORTAL_TCK);
130 
131         addPaths(_publicPaths, PropsKeys.AUTH_PUBLIC_PATHS);
132 
133         _trackerIgnorePaths = new HashSet<String>();
134 
135         addPaths(_trackerIgnorePaths, PropsKeys.SESSION_TRACKER_IGNORE_PATHS);
136     }
137 
138     public void process(
139             HttpServletRequest request, HttpServletResponse response)
140         throws IOException, ServletException {
141 
142         String path = super.processPath(request, response);
143 
144         ActionMapping mapping = (ActionMapping)moduleConfig.findActionConfig(
145             path);
146 
147         if ((mapping == null) && !path.startsWith(_PATH_WSRP)) {
148             String lastPath = getLastPath(request);
149 
150             if (_log.isDebugEnabled()) {
151                 _log.debug("Last path " + lastPath);
152             }
153 
154             response.sendRedirect(lastPath);
155 
156             return;
157         }
158 
159         super.process(request, response);
160 
161         try {
162             if (isPortletPath(path)) {
163                 cleanUp(request);
164             }
165         }
166         catch (Exception e) {
167             _log.error(e, e);
168         }
169     }
170 
171     protected void addPaths(Set<String> paths, String propsKey) {
172         String[] pathsArray = PropsUtil.getArray(propsKey);
173 
174         for (String path : pathsArray) {
175             paths.add(path);
176         }
177     }
178 
179     protected void callParentDoForward(
180             String uri, HttpServletRequest request,
181             HttpServletResponse response)
182         throws IOException, ServletException {
183 
184         super.doForward(uri, request, response);
185     }
186 
187     protected HttpServletRequest callParentProcessMultipart(
188         HttpServletRequest request) {
189 
190         return super.processMultipart(request);
191     }
192 
193     protected String callParentProcessPath(
194             HttpServletRequest request, HttpServletResponse response)
195         throws IOException {
196 
197         return super.processPath(request, response);
198     }
199 
200     protected boolean callParentProcessRoles(
201             HttpServletRequest request, HttpServletResponse response,
202             ActionMapping mapping)
203         throws IOException, ServletException {
204 
205         return super.processRoles(request, response, mapping);
206     }
207 
208     protected void cleanUp(HttpServletRequest request) throws Exception {
209 
210         // Clean up portlet objects that may have been created by defineObjects
211         // for portlets that are called directly from a Struts path
212 
213         RenderRequestImpl renderRequestImpl =
214             (RenderRequestImpl)request.getAttribute(
215                 JavaConstants.JAVAX_PORTLET_REQUEST);
216 
217         if (renderRequestImpl != null) {
218             renderRequestImpl.cleanUp();
219         }
220     }
221 
222     protected void defineObjects(
223             HttpServletRequest request, HttpServletResponse response,
224             Portlet portlet)
225         throws Exception {
226 
227         String portletId = portlet.getPortletId();
228 
229         ServletContext servletContext = (ServletContext)request.getAttribute(
230             WebKeys.CTX);
231 
232         InvokerPortlet invokerPortlet = PortletInstanceFactoryUtil.create(
233             portlet, servletContext);
234 
235         PortletPreferencesIds portletPreferencesIds =
236             PortletPreferencesFactoryUtil.getPortletPreferencesIds(
237                 request, portletId);
238 
239         PortletPreferences portletPreferences =
240             PortletPreferencesLocalServiceUtil.getPreferences(
241                 portletPreferencesIds);
242 
243         PortletConfig portletConfig = PortletConfigFactory.create(
244             portlet, servletContext);
245         PortletContext portletContext = portletConfig.getPortletContext();
246 
247         RenderRequestImpl renderRequestImpl = RenderRequestFactory.create(
248             request, portlet, invokerPortlet, portletContext,
249             WindowState.MAXIMIZED, PortletMode.VIEW, portletPreferences);
250 
251         RenderResponseImpl renderResponseImpl = RenderResponseFactory.create(
252             renderRequestImpl, response, portletId, portlet.getCompanyId());
253 
254         renderRequestImpl.defineObjects(portletConfig, renderResponseImpl);
255 
256         request.setAttribute(WebKeys.PORTLET_STRUTS_EXECUTE, Boolean.TRUE);
257     }
258 
259     protected void doForward(
260             String uri, HttpServletRequest request,
261             HttpServletResponse response)
262         throws ServletException {
263 
264         StrutsUtil.forward(uri, getServletContext(), request, response);
265     }
266 
267     protected void doInclude(
268             String uri, HttpServletRequest request,
269             HttpServletResponse response)
270         throws ServletException {
271 
272         StrutsUtil.include(uri, getServletContext(), request, response);
273     }
274 
275     protected StringBuilder getFriendlyTrackerPath(
276             String path, ThemeDisplay themeDisplay, HttpServletRequest request)
277         throws Exception {
278 
279         if (!path.equals(_PATH_PORTAL_LAYOUT)) {
280             return null;
281         }
282 
283         long plid = ParamUtil.getLong(request, "p_l_id");
284 
285         if (plid == 0) {
286             return null;
287         }
288 
289         Layout layout = LayoutLocalServiceUtil.getLayout(plid);
290 
291         String layoutFriendlyURL = PortalUtil.getLayoutFriendlyURL(
292             layout, themeDisplay);
293 
294         StringBuilder sb = new StringBuilder();
295 
296         sb.append(layoutFriendlyURL);
297 
298         String portletId = ParamUtil.getString(request, "p_p_id");
299 
300         if (Validator.isNull(portletId)) {
301             return sb;
302         }
303 
304         long companyId = PortalUtil.getCompanyId(request);
305 
306         Portlet portlet = PortletLocalServiceUtil.getPortletById(
307             companyId, portletId);
308 
309         if (portlet == null) {
310             String strutsPath = path.substring(
311                 1, path.lastIndexOf(StringPool.SLASH));
312 
313             portlet = PortletLocalServiceUtil.getPortletByStrutsPath(
314                 companyId, strutsPath);
315         }
316 
317         if ((portlet == null) || !portlet.isActive()) {
318             sb.append(StringPool.QUESTION);
319             sb.append(request.getQueryString());
320 
321             return sb;
322         }
323 
324         String namespace = PortalUtil.getPortletNamespace(portletId);
325 
326         FriendlyURLMapper friendlyURLMapper =
327             portlet.getFriendlyURLMapperInstance();
328 
329         if (friendlyURLMapper == null) {
330             sb.append(StringPool.QUESTION);
331             sb.append(request.getQueryString());
332 
333             return sb;
334         }
335 
336         PortletURLImpl portletURL = new PortletURLImpl(
337             request, portletId, plid, PortletRequest.RENDER_PHASE);
338 
339         Iterator<Map.Entry<String, String[]>> itr =
340             request.getParameterMap().entrySet().iterator();
341 
342         while (itr.hasNext()) {
343             Entry<String, String[]> entry = itr.next();
344 
345             String key = entry.getKey();
346 
347             if (key.startsWith(namespace)) {
348                 key = key.substring(namespace.length());
349 
350                 portletURL.setParameter(key, entry.getValue());
351             }
352         }
353 
354         String portletFriendlyURL = friendlyURLMapper.buildPath(portletURL);
355 
356         if (portletFriendlyURL != null) {
357             sb.append(portletFriendlyURL);
358         }
359         else {
360             sb.append(StringPool.QUESTION);
361             sb.append(request.getQueryString());
362         }
363 
364         return sb;
365     }
366 
367     protected String getLastPath(HttpServletRequest request) {
368         HttpSession session = request.getSession();
369 
370         ThemeDisplay themeDisplay = (ThemeDisplay)request.getAttribute(
371             WebKeys.THEME_DISPLAY);
372 
373         Boolean httpsInitial = (Boolean)session.getAttribute(
374             WebKeys.HTTPS_INITIAL);
375 
376         String portalURL = null;
377 
378         if ((PropsValues.COMPANY_SECURITY_AUTH_REQUIRES_HTTPS) &&
379             (httpsInitial != null) && (!httpsInitial.booleanValue())) {
380 
381             portalURL = PortalUtil.getPortalURL(request, false);
382         }
383         else {
384             portalURL = PortalUtil.getPortalURL(request);
385         }
386 
387         StringBuilder sb = new StringBuilder();
388 
389         sb.append(portalURL);
390         sb.append(themeDisplay.getPathMain());
391         sb.append(_PATH_PORTAL_LAYOUT);
392 
393         if (!PropsValues.AUTH_FORWARD_BY_LAST_PATH) {
394             if (request.getRemoteUser() != null) {
395 
396                 // If we do not forward by last path and the user is logged in,
397                 // forward to the user's default layout to prevent a lagging
398                 // loop
399 
400                 sb.append(StringPool.QUESTION);
401                 sb.append("p_l_id");
402                 sb.append(StringPool.EQUAL);
403                 sb.append(LayoutConstants.DEFAULT_PLID);
404             }
405 
406             return sb.toString();
407         }
408 
409         LastPath lastPath = (LastPath)session.getAttribute(WebKeys.LAST_PATH);
410 
411         if (lastPath == null) {
412             return sb.toString();
413         }
414 
415         Map<String, String[]> parameterMap = lastPath.getParameterMap();
416 
417         // Only test for existing mappings for last paths that were set when the
418         // user accessed a layout directly instead of through its friendly URL
419 
420         if (lastPath.getContextPath().equals(themeDisplay.getPathMain())) {
421             ActionMapping mapping =
422                 (ActionMapping)moduleConfig.findActionConfig(
423                     lastPath.getPath());
424 
425             if ((mapping == null) || (parameterMap == null)) {
426                 return sb.toString();
427             }
428         }
429 
430         StringBuilder lastPathSB = new StringBuilder();
431 
432         lastPathSB.append(portalURL);
433         lastPathSB.append(lastPath.getContextPath());
434         lastPathSB.append(lastPath.getPath());
435         lastPathSB.append(HttpUtil.parameterMapToString(parameterMap));
436 
437         return lastPathSB.toString();
438     }
439 
440     protected boolean isPortletPath(String path) {
441         if ((path != null) &&
442             (!path.equals(_PATH_C)) &&
443             (!path.startsWith(_PATH_COMMON)) &&
444             (path.indexOf(_PATH_J_SECURITY_CHECK) == -1) &&
445             (!path.startsWith(_PATH_PORTAL)) &&
446             (!path.startsWith(_PATH_WSRP))) {
447 
448             return true;
449         }
450         else {
451             return false;
452         }
453     }
454 
455     protected boolean isPublicPath(String path) {
456         if ((path != null) &&
457             (_publicPaths.contains(path)) ||
458             (path.startsWith(_PATH_COMMON)) ||
459             (path.startsWith(_PATH_WSRP))) {
460 
461             return true;
462         }
463         else {
464             return false;
465         }
466     }
467 
468     protected ActionMapping processMapping(
469             HttpServletRequest request, HttpServletResponse response,
470             String path)
471         throws IOException {
472 
473         if (path == null) {
474             return null;
475         }
476 
477         ActionMapping mapping = super.processMapping(request, response, path);
478 
479         if (mapping == null) {
480             String msg = getInternal().getMessage("processInvalid");
481 
482             _log.error("User ID " + request.getRemoteUser());
483             _log.error("Current URL " + PortalUtil.getCurrentURL(request));
484             _log.error("Referer " + request.getHeader("Referer"));
485             _log.error("Remote address " + request.getRemoteAddr());
486 
487             _log.error(msg + " " + path);
488         }
489 
490         return mapping;
491     }
492 
493     protected HttpServletRequest processMultipart(HttpServletRequest request) {
494 
495         // Disable Struts from automatically wrapping a multipart request
496 
497         return request;
498     }
499 
500     protected String processPath(
501             HttpServletRequest request, HttpServletResponse response)
502         throws IOException {
503 
504         String path = GetterUtil.getString(
505             super.processPath(request, response));
506 
507         HttpSession session = request.getSession();
508 
509         ThemeDisplay themeDisplay = (ThemeDisplay)request.getAttribute(
510             WebKeys.THEME_DISPLAY);
511 
512         // Current users
513 
514         UserTracker userTracker = LiveUsers.getUserTracker(
515             themeDisplay.getCompanyId(), session.getId());
516 
517         if ((userTracker != null) && (!path.equals(_PATH_C)) &&
518             (path.indexOf(_PATH_J_SECURITY_CHECK) == -1) &&
519             (path.indexOf(_PATH_PORTAL_PROTECTED) == -1) &&
520             (!_trackerIgnorePaths.contains(path))) {
521 
522             StringBuilder sb = null;
523 
524             try {
525                 if (PropsValues.SESSION_TRACKER_FRIENDLY_PATHS_ENABLED) {
526                     sb = getFriendlyTrackerPath(path, themeDisplay, request);
527                 }
528             }
529             catch (Exception e) {
530                 _log.error(e, e);
531             }
532 
533             if (sb == null) {
534                 sb = new StringBuilder();
535 
536                 sb.append(path);
537                 sb.append(StringPool.QUESTION);
538                 sb.append(request.getQueryString());
539             }
540 
541             UserTrackerPath userTrackerPath = UserTrackerPathUtil.create(0);
542 
543             userTrackerPath.setUserTrackerId(userTracker.getUserTrackerId());
544             userTrackerPath.setPath(sb.toString());
545             userTrackerPath.setPathDate(new Date());
546 
547             userTracker.addPath(userTrackerPath);
548         }
549 
550         String remoteUser = request.getRemoteUser();
551 
552         User user = null;
553 
554         try {
555             user = PortalUtil.getUser(request);
556         }
557         catch (Exception e) {
558         }
559 
560         // Last path
561 
562         if (_lastPaths.contains(path) && !_trackerIgnorePaths.contains(path)) {
563             boolean saveLastPath = ParamUtil.getBoolean(
564                 request, "saveLastPath", true);
565 
566             if (themeDisplay.isLifecycleResource() ||
567                 themeDisplay.isStateExclusive() ||
568                 themeDisplay.isStatePopUp() ||
569                 !request.getMethod().equalsIgnoreCase(HttpMethods.GET)) {
570 
571                 saveLastPath = false;
572             }
573 
574             // Save last path
575 
576             if (saveLastPath) {
577 
578                 // Was a last path set by another servlet that dispatched to
579                 // the MainServlet? If so, use that last path instead.
580 
581                 LastPath lastPath = (LastPath)request.getAttribute(
582                     WebKeys.LAST_PATH);
583 
584                 if (lastPath == null) {
585                     lastPath = new LastPath(
586                         themeDisplay.getPathMain(), path,
587                         request.getParameterMap());
588                 }
589 
590                 session.setAttribute(WebKeys.LAST_PATH, lastPath);
591             }
592         }
593 
594         // Authenticated users can always log out
595 
596         if (((remoteUser != null) || (user != null)) &&
597             (path.equals(_PATH_PORTAL_LOGOUT))) {
598 
599             return path;
600         }
601 
602         // Authenticated users can always extend or confirm their session
603 
604         if (((remoteUser != null) || (user != null)) &&
605             (path.equals(_PATH_PORTAL_EXPIRE_SESSION) ||
606              path.equals(_PATH_PORTAL_EXTEND_SESSION))) {
607 
608             return path;
609         }
610 
611         // Authenticated users can always agree to terms of use
612 
613         if (((remoteUser != null) || (user != null)) &&
614             (path.equals(_PATH_PORTAL_UPDATE_TERMS_OF_USE))) {
615 
616             return path;
617         }
618 
619         // Authenticated users must still exist in the system
620 
621         if ((remoteUser != null) && (user == null)) {
622             return _PATH_PORTAL_LOGOUT;
623         }
624 
625         // Authenticated users must be active
626 
627         if ((user != null) && !user.isActive()) {
628             SessionErrors.add(request, UserActiveException.class.getName());
629 
630             return _PATH_PORTAL_ERROR;
631         }
632 
633         if (!path.equals(_PATH_PORTAL_RENDER_PORTLET)) {
634 
635             // Authenticated users should agree to Terms of Use
636 
637             if ((user != null) && !user.isAgreedToTermsOfUse()) {
638                 boolean termsOfUseRequired = false;
639 
640                 try {
641                     termsOfUseRequired = PrefsPropsUtil.getBoolean(
642                         user.getCompanyId(), PropsKeys.TERMS_OF_USE_REQUIRED);
643                 }
644                 catch (SystemException se) {
645                     termsOfUseRequired = PropsValues.TERMS_OF_USE_REQUIRED;
646                 }
647 
648                 if (termsOfUseRequired) {
649                     return _PATH_PORTAL_TERMS_OF_USE;
650                 }
651             }
652 
653             // Authenticated users must have a current password
654 
655             if ((user != null) && user.isPasswordReset()) {
656                 return _PATH_PORTAL_UPDATE_PASSWORD;
657             }
658 
659             // Authenticated users must have an email address
660 
661             if ((user != null) &&
662                 Validator.isNull(user.getDisplayEmailAddress())) {
663 
664                 return _PATH_PORTAL_UPDATE_EMAIL_ADDRESS;
665             }
666 
667             // Authenticated users should have a reminder query
668 
669             if ((user != null) &&
670                 (Validator.isNull(user.getReminderQueryQuestion()) ||
671                  Validator.isNull(user.getReminderQueryAnswer()))) {
672 
673                 if (PropsValues.USERS_REMINDER_QUERIES_ENABLED) {
674                     return _PATH_PORTAL_UPDATE_REMINDER_QUERY;
675                 }
676             }
677         }
678 
679         // Users must sign in
680 
681         if (!isPublicPath(path)) {
682             if (user == null) {
683                 SessionErrors.add(request, PrincipalException.class.getName());
684 
685                 return _PATH_PORTAL_LOGIN;
686             }
687         }
688 
689         ActionMapping mapping =
690             (ActionMapping)moduleConfig.findActionConfig(path);
691 
692         if (path.startsWith(_PATH_WSRP)) {
693             path = _PATH_WSRP;
694         }
695         else {
696             path = mapping.getPath();
697         }
698 
699         // Authenticated users must have at least one role
700 
701         if (user != null) {
702             try {
703 
704                 // FIX ME
705 
706                 if (false) {
707                     SessionErrors.add(
708                         request, RequiredRoleException.class.getName());
709 
710                     return _PATH_PORTAL_ERROR;
711                 }
712             }
713             catch (Exception e) {
714                 e.printStackTrace();
715             }
716         }
717 
718         // Define the portlet objects
719 
720         if (isPortletPath(path)) {
721             try {
722                 Portlet portlet = null;
723 
724                 long companyId = PortalUtil.getCompanyId(request);
725                 String portletId = ParamUtil.getString(request, "p_p_id");
726 
727                 if (Validator.isNotNull(portletId)) {
728                     portlet = PortletLocalServiceUtil.getPortletById(
729                         companyId, portletId);
730                 }
731 
732                 if (portlet == null) {
733                     String strutsPath = path.substring(
734                         1, path.lastIndexOf(StringPool.SLASH));
735 
736                     portlet = PortletLocalServiceUtil.getPortletByStrutsPath(
737                         companyId, strutsPath);
738                 }
739 
740                 if ((portlet != null) && portlet.isActive()) {
741                     defineObjects(request, response, portlet);
742                 }
743             }
744             catch (Exception e) {
745                 request.setAttribute(PageContext.EXCEPTION, e);
746 
747                 path = _PATH_COMMON_ERROR;
748             }
749         }
750 
751         // Authenticated users must have access to at least one layout
752 
753         if (SessionErrors.contains(
754                 request, LayoutPermissionException.class.getName())) {
755 
756             return _PATH_PORTAL_ERROR;
757         }
758 
759         return path;
760     }
761 
762     protected boolean processRoles(
763             HttpServletRequest request, HttpServletResponse response,
764             ActionMapping mapping)
765         throws IOException, ServletException {
766 
767         String path = mapping.getPath();
768 
769         if (isPublicPath(path)) {
770             return true;
771         }
772 
773         boolean authorized = true;
774 
775         User user = null;
776 
777         try {
778             user = PortalUtil.getUser(request);
779         }
780         catch (Exception e) {
781         }
782 
783         if ((user != null) && isPortletPath(path)) {
784             try {
785 
786                 // Authenticated users can always log out
787 
788                 if (path.equals(_PATH_PORTAL_LOGOUT)) {
789                     return true;
790                 }
791 
792                 Portlet portlet = null;
793 
794                 String portletId = ParamUtil.getString(request, "p_p_id");
795 
796                 if (Validator.isNotNull(portletId)) {
797                     portlet = PortletLocalServiceUtil.getPortletById(
798                         user.getCompanyId(), portletId);
799                 }
800 
801                 String strutsPath = path.substring(
802                     1, path.lastIndexOf(StringPool.SLASH));
803 
804                 if (portlet != null) {
805                     if (!strutsPath.equals(portlet.getStrutsPath())) {
806                         throw new PrincipalException();
807                     }
808                 }
809                 else {
810                     portlet = PortletLocalServiceUtil.getPortletByStrutsPath(
811                         user.getCompanyId(), strutsPath);
812                 }
813 
814                 if ((portlet != null) && portlet.isActive()) {
815                     ThemeDisplay themeDisplay =
816                         (ThemeDisplay)request.getAttribute(
817                             WebKeys.THEME_DISPLAY);
818 
819                     Layout layout = themeDisplay.getLayout();
820                     PermissionChecker permissionChecker =
821                         themeDisplay.getPermissionChecker();
822 
823                     if (!PortletPermissionUtil.contains(
824                             permissionChecker, layout.getPlid(), portlet,
825                             ActionKeys.VIEW)) {
826 
827                         throw new PrincipalException();
828                     }
829                 }
830                 else if (portlet != null && !portlet.isActive()) {
831                     SessionErrors.add(
832                         request, PortletActiveException.class.getName());
833 
834                     authorized = false;
835                 }
836             }
837             catch (Exception e) {
838                 SessionErrors.add(request, PrincipalException.class.getName());
839 
840                 authorized = false;
841             }
842         }
843 
844         if (!authorized) {
845             ForwardConfig forwardConfig =
846                 mapping.findForward(_PATH_PORTAL_ERROR);
847 
848             processForwardConfig(request, response, forwardConfig);
849 
850             return false;
851         }
852         else {
853             return true;
854         }
855     }
856 
857     private static String _PATH_C = "/c";
858 
859     private static String _PATH_COMMON = "/common";
860 
861     private static String _PATH_COMMON_ERROR = "/common/error";
862 
863     private static String _PATH_J_SECURITY_CHECK = "/j_security_check";
864 
865     private static String _PATH_PORTAL = "/portal";
866 
867     private static String _PATH_PORTAL_ERROR = "/portal/error";
868 
869     private static String _PATH_PORTAL_EXPIRE_SESSION =
870         "/portal/expire_session";
871 
872     private static String _PATH_PORTAL_EXTEND_SESSION =
873         "/portal/extend_session";
874 
875     private static String _PATH_PORTAL_FLASH = "/portal/flash";
876 
877     private static String _PATH_PORTAL_J_LOGIN = "/portal/j_login";
878 
879     private static String _PATH_PORTAL_LAYOUT = "/portal/layout";
880 
881     private static String _PATH_PORTAL_LOGIN = "/portal/login";
882 
883     private static String _PATH_PORTAL_LOGOUT = "/portal/logout";
884 
885     private static String _PATH_PORTAL_PROTECTED = "/portal/protected";
886 
887     private static String _PATH_PORTAL_RENDER_PORTLET =
888         "/portal/render_portlet";
889 
890     private static String _PATH_PORTAL_TCK = "/portal/tck";
891 
892     private static String _PATH_PORTAL_TERMS_OF_USE = "/portal/terms_of_use";
893 
894     private static String _PATH_PORTAL_UPDATE_EMAIL_ADDRESS =
895         "/portal/update_email_address";
896 
897     private static String _PATH_PORTAL_UPDATE_PASSWORD =
898         "/portal/update_password";
899 
900     private static String _PATH_PORTAL_UPDATE_REMINDER_QUERY =
901         "/portal/update_reminder_query";
902 
903     private static String _PATH_PORTAL_UPDATE_TERMS_OF_USE =
904         "/portal/update_terms_of_use";
905 
906     private static String _PATH_WSRP = "/wsrp";
907 
908     private static Log _log =
909         LogFactoryUtil.getLog(PortalRequestProcessor.class);
910 
911     private Set<String> _lastPaths;
912     private Set<String> _publicPaths;
913     private Set<String> _trackerIgnorePaths;
914 
915 }