001    /**
002     * Copyright (c) 2000-2013 Liferay, Inc. All rights reserved.
003     *
004     * The contents of this file are subject to the terms of the Liferay Enterprise
005     * Subscription License ("License"). You may not use this file except in
006     * compliance with the License. You can obtain a copy of the License by
007     * contacting Liferay, Inc. See the License for the specific language governing
008     * permissions and limitations under the License, including but not limited to
009     * distribution rights of the Software.
010     *
011     *
012     *
013     */
014    
015    package com.liferay.portal.servlet.filters.audit;
016    
017    import com.liferay.portal.kernel.audit.AuditRequestThreadLocal;
018    import com.liferay.portal.kernel.servlet.HttpHeaders;
019    import com.liferay.portal.kernel.servlet.TryFilter;
020    import com.liferay.portal.kernel.util.WebKeys;
021    import com.liferay.portal.servlet.filters.BasePortalFilter;
022    
023    import javax.servlet.http.HttpServletRequest;
024    import javax.servlet.http.HttpServletResponse;
025    import javax.servlet.http.HttpSession;
026    
027    /**
028     * @author Michael C. Han
029     * @author Brian Wing Shun Chan
030     */
031    public class AuditFilter extends BasePortalFilter implements TryFilter {
032    
033            @Override
034            public Object doFilterTry(
035                            HttpServletRequest request, HttpServletResponse response)
036                    throws Exception {
037    
038                    AuditRequestThreadLocal auditRequestThreadLocal =
039                            AuditRequestThreadLocal.getAuditThreadLocal();
040    
041                    auditRequestThreadLocal.setClientHost(request.getRemoteHost());
042                    auditRequestThreadLocal.setClientIP(getRemoteAddr(request));
043                    auditRequestThreadLocal.setQueryString(request.getQueryString());
044    
045                    HttpSession session = request.getSession();
046    
047                    Long userId = (Long)session.getAttribute(WebKeys.USER_ID);
048    
049                    if (userId != null) {
050                            auditRequestThreadLocal.setRealUserId(userId.longValue());
051                    }
052    
053                    auditRequestThreadLocal.setRequestURL(
054                            request.getRequestURL().toString());
055                    auditRequestThreadLocal.setServerName(request.getServerName());
056                    auditRequestThreadLocal.setServerPort(request.getServerPort());
057                    auditRequestThreadLocal.setSessionID(session.getId());
058    
059                    return null;
060            }
061    
062            protected String getRemoteAddr(HttpServletRequest request) {
063                    String remoteAddr = request.getHeader(HttpHeaders.X_FORWARDED_FOR);
064    
065                    if (remoteAddr != null) {
066                            return remoteAddr;
067                    }
068    
069                    return request.getRemoteAddr();
070            }
071    
072    }