001
014
015 package com.liferay.portal.servlet;
016
017 import com.liferay.portal.action.JSONServiceAction;
018 import com.liferay.portal.kernel.log.Log;
019 import com.liferay.portal.kernel.log.LogFactoryUtil;
020 import com.liferay.portal.kernel.servlet.PluginContextListener;
021 import com.liferay.portal.kernel.util.GetterUtil;
022 import com.liferay.portal.model.User;
023 import com.liferay.portal.security.auth.PrincipalThreadLocal;
024 import com.liferay.portal.security.pacl.PACLClassLoaderUtil;
025 import com.liferay.portal.security.permission.PermissionChecker;
026 import com.liferay.portal.security.permission.PermissionCheckerFactoryUtil;
027 import com.liferay.portal.security.permission.PermissionThreadLocal;
028 import com.liferay.portal.service.UserLocalServiceUtil;
029 import com.liferay.portal.struts.JSONAction;
030
031 import java.io.IOException;
032
033 import javax.servlet.ServletConfig;
034 import javax.servlet.ServletContext;
035 import javax.servlet.ServletException;
036 import javax.servlet.http.HttpServlet;
037 import javax.servlet.http.HttpServletRequest;
038 import javax.servlet.http.HttpServletResponse;
039
040
043 public class JSONServlet extends HttpServlet {
044
045 @Override
046 public void init(ServletConfig servletConfig) {
047 ServletContext servletContext = servletConfig.getServletContext();
048
049 _pluginClassLoader = (ClassLoader)servletContext.getAttribute(
050 PluginContextListener.PLUGIN_CLASS_LOADER);
051
052 _jsonAction = getJSONAction(servletContext);
053 }
054
055 @Override
056 @SuppressWarnings("unused")
057 public void service(
058 HttpServletRequest request, HttpServletResponse response)
059 throws IOException, ServletException {
060
061 try {
062 resolveRemoteUser(request);
063
064 if (_pluginClassLoader == null) {
065 _jsonAction.execute(null, null, request, response);
066 }
067 else {
068 ClassLoader contextClassLoader =
069 PACLClassLoaderUtil.getContextClassLoader();
070
071 try {
072 PACLClassLoaderUtil.setContextClassLoader(
073 _pluginClassLoader);
074
075 _jsonAction.execute(null, null, request, response);
076 }
077 finally {
078 PACLClassLoaderUtil.setContextClassLoader(
079 contextClassLoader);
080 }
081 }
082 }
083 catch (Exception e) {
084 _log.error(e, e);
085 }
086 }
087
088 protected JSONAction getJSONAction(ServletContext servletContext) {
089 JSONAction jsonAction = new JSONServiceAction();
090
091 jsonAction.setServletContext(servletContext);
092
093 return jsonAction;
094 }
095
096 protected void resolveRemoteUser(HttpServletRequest request)
097 throws Exception {
098
099 String remoteUser = request.getRemoteUser();
100
101 if (_log.isDebugEnabled()) {
102 _log.debug("Remote user " + remoteUser);
103 }
104
105 if (remoteUser != null) {
106 PrincipalThreadLocal.setName(remoteUser);
107
108 long userId = GetterUtil.getLong(remoteUser);
109
110 User user = UserLocalServiceUtil.getUserById(userId);
111
112 PermissionChecker permissionChecker =
113 PermissionCheckerFactoryUtil.create(user);
114
115 PermissionThreadLocal.setPermissionChecker(permissionChecker);
116 }
117 }
118
119 private static Log _log = LogFactoryUtil.getLog(JSONServlet.class);
120
121 private JSONAction _jsonAction;
122 private ClassLoader _pluginClassLoader;
123
124 }