1   /**
2    * Copyright (c) 2000-2010 Liferay, Inc. All rights reserved.
3    *
4    * This library is free software; you can redistribute it and/or modify it under
5    * the terms of the GNU Lesser General Public License as published by the Free
6    * Software Foundation; either version 2.1 of the License, or (at your option)
7    * any later version.
8    *
9    * This library is distributed in the hope that it will be useful, but WITHOUT
10   * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
11   * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
12   * details.
13   */
14  
15  package com.liferay.portal.struts;
16  
17  import com.liferay.portal.LayoutPermissionException;
18  import com.liferay.portal.PortletActiveException;
19  import com.liferay.portal.RequiredRoleException;
20  import com.liferay.portal.UserActiveException;
21  import com.liferay.portal.kernel.exception.SystemException;
22  import com.liferay.portal.kernel.log.Log;
23  import com.liferay.portal.kernel.log.LogFactoryUtil;
24  import com.liferay.portal.kernel.portlet.FriendlyURLMapper;
25  import com.liferay.portal.kernel.servlet.HttpMethods;
26  import com.liferay.portal.kernel.servlet.SessionErrors;
27  import com.liferay.portal.kernel.util.GetterUtil;
28  import com.liferay.portal.kernel.util.HttpUtil;
29  import com.liferay.portal.kernel.util.JavaConstants;
30  import com.liferay.portal.kernel.util.ParamUtil;
31  import com.liferay.portal.kernel.util.PropsKeys;
32  import com.liferay.portal.kernel.util.StringBundler;
33  import com.liferay.portal.kernel.util.StringPool;
34  import com.liferay.portal.kernel.util.Validator;
35  import com.liferay.portal.liveusers.LiveUsers;
36  import com.liferay.portal.model.Layout;
37  import com.liferay.portal.model.LayoutConstants;
38  import com.liferay.portal.model.Portlet;
39  import com.liferay.portal.model.PortletPreferencesIds;
40  import com.liferay.portal.model.User;
41  import com.liferay.portal.model.UserTracker;
42  import com.liferay.portal.model.UserTrackerPath;
43  import com.liferay.portal.security.auth.PrincipalException;
44  import com.liferay.portal.security.permission.ActionKeys;
45  import com.liferay.portal.security.permission.PermissionChecker;
46  import com.liferay.portal.service.LayoutLocalServiceUtil;
47  import com.liferay.portal.service.PortletLocalServiceUtil;
48  import com.liferay.portal.service.PortletPreferencesLocalServiceUtil;
49  import com.liferay.portal.service.permission.PortletPermissionUtil;
50  import com.liferay.portal.service.persistence.UserTrackerPathUtil;
51  import com.liferay.portal.theme.ThemeDisplay;
52  import com.liferay.portal.util.PortalUtil;
53  import com.liferay.portal.util.PrefsPropsUtil;
54  import com.liferay.portal.util.PropsUtil;
55  import com.liferay.portal.util.PropsValues;
56  import com.liferay.portal.util.WebKeys;
57  import com.liferay.portlet.InvokerPortlet;
58  import com.liferay.portlet.PortletConfigFactory;
59  import com.liferay.portlet.PortletInstanceFactoryUtil;
60  import com.liferay.portlet.PortletPreferencesFactoryUtil;
61  import com.liferay.portlet.PortletURLImpl;
62  import com.liferay.portlet.RenderRequestFactory;
63  import com.liferay.portlet.RenderRequestImpl;
64  import com.liferay.portlet.RenderResponseFactory;
65  import com.liferay.portlet.RenderResponseImpl;
66  
67  import java.io.IOException;
68  
69  import java.util.Date;
70  import java.util.HashSet;
71  import java.util.Iterator;
72  import java.util.Map.Entry;
73  import java.util.Map;
74  import java.util.Set;
75  
76  import javax.portlet.PortletConfig;
77  import javax.portlet.PortletContext;
78  import javax.portlet.PortletMode;
79  import javax.portlet.PortletPreferences;
80  import javax.portlet.PortletRequest;
81  import javax.portlet.WindowState;
82  
83  import javax.servlet.ServletContext;
84  import javax.servlet.ServletException;
85  import javax.servlet.http.HttpServletRequest;
86  import javax.servlet.http.HttpServletResponse;
87  import javax.servlet.http.HttpSession;
88  import javax.servlet.jsp.PageContext;
89  
90  import org.apache.struts.action.ActionMapping;
91  import org.apache.struts.config.ForwardConfig;
92  import org.apache.struts.tiles.TilesRequestProcessor;
93  
94  /**
95   * <a href="PortalRequestProcessor.java.html"><b><i>View Source</i></b></a>
96   *
97   * @author Brian Wing Shun Chan
98   * @author Jorge Ferrer
99   */
100 public class PortalRequestProcessor extends TilesRequestProcessor {
101 
102     public PortalRequestProcessor() {
103 
104         // auth.forward.last.path.
105 
106         _lastPaths = new HashSet<String>();
107 
108         _lastPaths.add(_PATH_PORTAL_LAYOUT);
109 
110         addPaths(_lastPaths, PropsKeys.AUTH_FORWARD_LAST_PATHS);
111 
112         // auth.public.path.
113 
114         _publicPaths = new HashSet<String>();
115 
116         _publicPaths.add(_PATH_C);
117         _publicPaths.add(_PATH_PORTAL_FLASH);
118         _publicPaths.add(_PATH_PORTAL_J_LOGIN);
119         _publicPaths.add(_PATH_PORTAL_LAYOUT);
120         _publicPaths.add(_PATH_PORTAL_LOGIN);
121         _publicPaths.add(_PATH_PORTAL_RENDER_PORTLET);
122         _publicPaths.add(_PATH_PORTAL_TCK);
123 
124         addPaths(_publicPaths, PropsKeys.AUTH_PUBLIC_PATHS);
125 
126         _trackerIgnorePaths = new HashSet<String>();
127 
128         addPaths(_trackerIgnorePaths, PropsKeys.SESSION_TRACKER_IGNORE_PATHS);
129     }
130 
131     public void process(
132             HttpServletRequest request, HttpServletResponse response)
133         throws IOException, ServletException {
134 
135         String path = super.processPath(request, response);
136 
137         ActionMapping mapping = (ActionMapping)moduleConfig.findActionConfig(
138             path);
139 
140         if (mapping == null) {
141             String lastPath = getLastPath(request);
142 
143             if (_log.isDebugEnabled()) {
144                 _log.debug("Last path " + lastPath);
145             }
146 
147             response.sendRedirect(lastPath);
148 
149             return;
150         }
151 
152         super.process(request, response);
153 
154         try {
155             if (isPortletPath(path)) {
156                 cleanUp(request);
157             }
158         }
159         catch (Exception e) {
160             _log.error(e, e);
161         }
162     }
163 
164     protected void addPaths(Set<String> paths, String propsKey) {
165         String[] pathsArray = PropsUtil.getArray(propsKey);
166 
167         for (String path : pathsArray) {
168             paths.add(path);
169         }
170     }
171 
172     protected void callParentDoForward(
173             String uri, HttpServletRequest request,
174             HttpServletResponse response)
175         throws IOException, ServletException {
176 
177         super.doForward(uri, request, response);
178     }
179 
180     protected HttpServletRequest callParentProcessMultipart(
181         HttpServletRequest request) {
182 
183         return super.processMultipart(request);
184     }
185 
186     protected String callParentProcessPath(
187             HttpServletRequest request, HttpServletResponse response)
188         throws IOException {
189 
190         return super.processPath(request, response);
191     }
192 
193     protected boolean callParentProcessRoles(
194             HttpServletRequest request, HttpServletResponse response,
195             ActionMapping mapping)
196         throws IOException, ServletException {
197 
198         return super.processRoles(request, response, mapping);
199     }
200 
201     protected void cleanUp(HttpServletRequest request) throws Exception {
202 
203         // Clean up portlet objects that may have been created by defineObjects
204         // for portlets that are called directly from a Struts path
205 
206         RenderRequestImpl renderRequestImpl =
207             (RenderRequestImpl)request.getAttribute(
208                 JavaConstants.JAVAX_PORTLET_REQUEST);
209 
210         if (renderRequestImpl != null) {
211             renderRequestImpl.cleanUp();
212         }
213     }
214 
215     protected void defineObjects(
216             HttpServletRequest request, HttpServletResponse response,
217             Portlet portlet)
218         throws Exception {
219 
220         String portletId = portlet.getPortletId();
221 
222         ServletContext servletContext = (ServletContext)request.getAttribute(
223             WebKeys.CTX);
224 
225         InvokerPortlet invokerPortlet = PortletInstanceFactoryUtil.create(
226             portlet, servletContext);
227 
228         PortletPreferencesIds portletPreferencesIds =
229             PortletPreferencesFactoryUtil.getPortletPreferencesIds(
230                 request, portletId);
231 
232         PortletPreferences portletPreferences =
233             PortletPreferencesLocalServiceUtil.getPreferences(
234                 portletPreferencesIds);
235 
236         PortletConfig portletConfig = PortletConfigFactory.create(
237             portlet, servletContext);
238         PortletContext portletContext = portletConfig.getPortletContext();
239 
240         RenderRequestImpl renderRequestImpl = RenderRequestFactory.create(
241             request, portlet, invokerPortlet, portletContext,
242             WindowState.MAXIMIZED, PortletMode.VIEW, portletPreferences);
243 
244         RenderResponseImpl renderResponseImpl = RenderResponseFactory.create(
245             renderRequestImpl, response, portletId, portlet.getCompanyId());
246 
247         renderRequestImpl.defineObjects(portletConfig, renderResponseImpl);
248 
249         request.setAttribute(WebKeys.PORTLET_STRUTS_EXECUTE, Boolean.TRUE);
250     }
251 
252     protected void doForward(
253             String uri, HttpServletRequest request,
254             HttpServletResponse response)
255         throws ServletException {
256 
257         StrutsUtil.forward(uri, getServletContext(), request, response);
258     }
259 
260     protected void doInclude(
261             String uri, HttpServletRequest request,
262             HttpServletResponse response)
263         throws ServletException {
264 
265         StrutsUtil.include(uri, getServletContext(), request, response);
266     }
267 
268     protected String getFriendlyTrackerPath(
269             String path, ThemeDisplay themeDisplay, HttpServletRequest request)
270         throws Exception {
271 
272         if (!path.equals(_PATH_PORTAL_LAYOUT)) {
273             return null;
274         }
275 
276         long plid = ParamUtil.getLong(request, "p_l_id");
277 
278         if (plid == 0) {
279             return null;
280         }
281 
282         Layout layout = LayoutLocalServiceUtil.getLayout(plid);
283 
284         String layoutFriendlyURL = PortalUtil.getLayoutFriendlyURL(
285             layout, themeDisplay);
286 
287         String portletId = ParamUtil.getString(request, "p_p_id");
288 
289         if (Validator.isNull(portletId)) {
290             return layoutFriendlyURL;
291         }
292 
293         long companyId = PortalUtil.getCompanyId(request);
294 
295         Portlet portlet = PortletLocalServiceUtil.getPortletById(
296             companyId, portletId);
297 
298         if (portlet == null) {
299             String strutsPath = path.substring(
300                 1, path.lastIndexOf(StringPool.SLASH));
301 
302             portlet = PortletLocalServiceUtil.getPortletByStrutsPath(
303                 companyId, strutsPath);
304         }
305 
306         if ((portlet == null) || !portlet.isActive()) {
307             return layoutFriendlyURL.concat(StringPool.QUESTION).concat(
308                 request.getQueryString());
309         }
310 
311         String namespace = PortalUtil.getPortletNamespace(portletId);
312 
313         FriendlyURLMapper friendlyURLMapper =
314             portlet.getFriendlyURLMapperInstance();
315 
316         if (friendlyURLMapper == null) {
317             return layoutFriendlyURL.concat(StringPool.QUESTION).concat(
318                 request.getQueryString());
319         }
320 
321         PortletURLImpl portletURL = new PortletURLImpl(
322             request, portletId, plid, PortletRequest.RENDER_PHASE);
323 
324         Iterator<Map.Entry<String, String[]>> itr =
325             request.getParameterMap().entrySet().iterator();
326 
327         while (itr.hasNext()) {
328             Entry<String, String[]> entry = itr.next();
329 
330             String key = entry.getKey();
331 
332             if (key.startsWith(namespace)) {
333                 key = key.substring(namespace.length());
334 
335                 portletURL.setParameter(key, entry.getValue());
336             }
337         }
338 
339         String portletFriendlyURL = friendlyURLMapper.buildPath(portletURL);
340 
341         if (portletFriendlyURL != null) {
342             return layoutFriendlyURL.concat(portletFriendlyURL);
343         }
344         else {
345             return layoutFriendlyURL.concat(StringPool.QUESTION).concat(
346                 request.getQueryString());
347         }
348     }
349 
350     protected String getLastPath(HttpServletRequest request) {
351         HttpSession session = request.getSession();
352 
353         ThemeDisplay themeDisplay = (ThemeDisplay)request.getAttribute(
354             WebKeys.THEME_DISPLAY);
355 
356         Boolean httpsInitial = (Boolean)session.getAttribute(
357             WebKeys.HTTPS_INITIAL);
358 
359         String portalURL = null;
360 
361         if ((PropsValues.COMPANY_SECURITY_AUTH_REQUIRES_HTTPS) &&
362             (!PropsValues.SESSION_ENABLE_PHISHING_PROTECTION) &&
363             (httpsInitial != null) && (!httpsInitial.booleanValue())) {
364 
365             portalURL = PortalUtil.getPortalURL(request, false);
366         }
367         else {
368             portalURL = PortalUtil.getPortalURL(request);
369         }
370 
371         StringBundler sb = new StringBundler();
372 
373         sb.append(portalURL);
374         sb.append(themeDisplay.getPathMain());
375         sb.append(_PATH_PORTAL_LAYOUT);
376 
377         if (!PropsValues.AUTH_FORWARD_BY_LAST_PATH) {
378             if (request.getRemoteUser() != null) {
379 
380                 // If we do not forward by last path and the user is logged in,
381                 // forward to the user's default layout to prevent a lagging
382                 // loop
383 
384                 sb.append(StringPool.QUESTION);
385                 sb.append("p_l_id");
386                 sb.append(StringPool.EQUAL);
387                 sb.append(LayoutConstants.DEFAULT_PLID);
388             }
389 
390             return sb.toString();
391         }
392 
393         LastPath lastPath = (LastPath)session.getAttribute(WebKeys.LAST_PATH);
394 
395         if (lastPath == null) {
396             return sb.toString();
397         }
398 
399         Map<String, String[]> parameterMap = lastPath.getParameterMap();
400 
401         // Only test for existing mappings for last paths that were set when the
402         // user accessed a layout directly instead of through its friendly URL
403 
404         if (lastPath.getContextPath().equals(themeDisplay.getPathMain())) {
405             ActionMapping mapping =
406                 (ActionMapping)moduleConfig.findActionConfig(
407                     lastPath.getPath());
408 
409             if ((mapping == null) || (parameterMap == null)) {
410                 return sb.toString();
411             }
412         }
413 
414         StringBundler lastPathSB = new StringBundler(4);
415 
416         lastPathSB.append(portalURL);
417         lastPathSB.append(lastPath.getContextPath());
418         lastPathSB.append(lastPath.getPath());
419         lastPathSB.append(HttpUtil.parameterMapToString(parameterMap));
420 
421         return lastPathSB.toString();
422     }
423 
424     protected boolean isPortletPath(String path) {
425         if ((path != null) &&
426             (!path.equals(_PATH_C)) &&
427             (!path.startsWith(_PATH_COMMON)) &&
428             (path.indexOf(_PATH_J_SECURITY_CHECK) == -1) &&
429             (!path.startsWith(_PATH_PORTAL))) {
430 
431             return true;
432         }
433         else {
434             return false;
435         }
436     }
437 
438     protected boolean isPublicPath(String path) {
439         if ((path != null) &&
440             (_publicPaths.contains(path)) ||
441             (path.startsWith(_PATH_COMMON))) {
442 
443             return true;
444         }
445         else {
446             return false;
447         }
448     }
449 
450     protected ActionMapping processMapping(
451             HttpServletRequest request, HttpServletResponse response,
452             String path)
453         throws IOException {
454 
455         if (path == null) {
456             return null;
457         }
458 
459         ActionMapping mapping = super.processMapping(request, response, path);
460 
461         if (mapping == null) {
462             String msg = getInternal().getMessage("processInvalid");
463 
464             _log.error("User ID " + request.getRemoteUser());
465             _log.error("Current URL " + PortalUtil.getCurrentURL(request));
466             _log.error("Referer " + request.getHeader("Referer"));
467             _log.error("Remote address " + request.getRemoteAddr());
468 
469             _log.error(msg + " " + path);
470         }
471 
472         return mapping;
473     }
474 
475     protected HttpServletRequest processMultipart(HttpServletRequest request) {
476 
477         // Disable Struts from automatically wrapping a multipart request
478 
479         return request;
480     }
481 
482     protected String processPath(
483             HttpServletRequest request, HttpServletResponse response)
484         throws IOException {
485 
486         String path = GetterUtil.getString(
487             super.processPath(request, response));
488 
489         HttpSession session = request.getSession();
490 
491         ThemeDisplay themeDisplay = (ThemeDisplay)request.getAttribute(
492             WebKeys.THEME_DISPLAY);
493 
494         // Current users
495 
496         UserTracker userTracker = LiveUsers.getUserTracker(
497             themeDisplay.getCompanyId(), session.getId());
498 
499         if ((userTracker != null) && (!path.equals(_PATH_C)) &&
500             (path.indexOf(_PATH_J_SECURITY_CHECK) == -1) &&
501             (path.indexOf(_PATH_PORTAL_PROTECTED) == -1) &&
502             (!_trackerIgnorePaths.contains(path))) {
503 
504             String fullPath = path;
505 
506             try {
507                 if (PropsValues.SESSION_TRACKER_FRIENDLY_PATHS_ENABLED) {
508                     fullPath = getFriendlyTrackerPath(
509                         path, themeDisplay, request);
510                 }
511             }
512             catch (Exception e) {
513                 _log.error(e, e);
514             }
515 
516             if (fullPath == null) {
517                 fullPath = path.concat(StringPool.QUESTION).concat(
518                     request.getQueryString());
519             }
520 
521             UserTrackerPath userTrackerPath = UserTrackerPathUtil.create(0);
522 
523             userTrackerPath.setUserTrackerId(userTracker.getUserTrackerId());
524             userTrackerPath.setPath(fullPath);
525             userTrackerPath.setPathDate(new Date());
526 
527             userTracker.addPath(userTrackerPath);
528         }
529 
530         String remoteUser = request.getRemoteUser();
531 
532         User user = null;
533 
534         try {
535             user = PortalUtil.getUser(request);
536         }
537         catch (Exception e) {
538         }
539 
540         // Last path
541 
542         if (_lastPaths.contains(path) && !_trackerIgnorePaths.contains(path)) {
543             boolean saveLastPath = ParamUtil.getBoolean(
544                 request, "saveLastPath", true);
545 
546             if (themeDisplay.isLifecycleResource() ||
547                 themeDisplay.isStateExclusive() ||
548                 themeDisplay.isStatePopUp() ||
549                 !request.getMethod().equalsIgnoreCase(HttpMethods.GET)) {
550 
551                 saveLastPath = false;
552             }
553 
554             // Save last path
555 
556             if (saveLastPath) {
557 
558                 // Was a last path set by another servlet that dispatched to
559                 // the MainServlet? If so, use that last path instead.
560 
561                 LastPath lastPath = (LastPath)request.getAttribute(
562                     WebKeys.LAST_PATH);
563 
564                 if (lastPath == null) {
565                     lastPath = new LastPath(
566                         themeDisplay.getPathMain(), path,
567                         request.getParameterMap());
568                 }
569 
570                 session.setAttribute(WebKeys.LAST_PATH, lastPath);
571             }
572         }
573 
574         // Authenticated users can always log out
575 
576         if (((remoteUser != null) || (user != null)) &&
577             (path.equals(_PATH_PORTAL_LOGOUT))) {
578 
579             return path;
580         }
581 
582         // Authenticated users can always extend or confirm their session
583 
584         if (((remoteUser != null) || (user != null)) &&
585             (path.equals(_PATH_PORTAL_EXPIRE_SESSION) ||
586              path.equals(_PATH_PORTAL_EXTEND_SESSION))) {
587 
588             return path;
589         }
590 
591         // Authenticated users can always agree to terms of use
592 
593         if (((remoteUser != null) || (user != null)) &&
594             (path.equals(_PATH_PORTAL_UPDATE_TERMS_OF_USE))) {
595 
596             return path;
597         }
598 
599         // Authenticated users must still exist in the system
600 
601         if ((remoteUser != null) && (user == null)) {
602             return _PATH_PORTAL_LOGOUT;
603         }
604 
605         // Authenticated users must be active
606 
607         if ((user != null) && !user.isActive()) {
608             SessionErrors.add(request, UserActiveException.class.getName());
609 
610             return _PATH_PORTAL_ERROR;
611         }
612 
613         if (!path.equals(_PATH_PORTAL_JSON_SERVICE) &&
614             !path.equals(_PATH_PORTAL_RENDER_PORTLET) &&
615             !ParamUtil.getBoolean(request, "wsrp")) {
616 
617             // Authenticated users should agree to Terms of Use
618 
619             if ((user != null) && !user.isAgreedToTermsOfUse()) {
620                 boolean termsOfUseRequired = false;
621 
622                 try {
623                     termsOfUseRequired = PrefsPropsUtil.getBoolean(
624                         user.getCompanyId(), PropsKeys.TERMS_OF_USE_REQUIRED);
625                 }
626                 catch (SystemException se) {
627                     termsOfUseRequired = PropsValues.TERMS_OF_USE_REQUIRED;
628                 }
629 
630                 if (termsOfUseRequired) {
631                     return _PATH_PORTAL_TERMS_OF_USE;
632                 }
633             }
634 
635             // Authenticated users must have a current password
636 
637             if ((user != null) && user.isPasswordReset()) {
638                 return _PATH_PORTAL_UPDATE_PASSWORD;
639             }
640 
641             // Authenticated users must have an email address
642 
643             if ((user != null) &&
644                 Validator.isNull(user.getDisplayEmailAddress())) {
645 
646                 return _PATH_PORTAL_UPDATE_EMAIL_ADDRESS;
647             }
648 
649             // Authenticated users should have a reminder query
650 
651             if ((user != null) &&
652                 (Validator.isNull(user.getReminderQueryQuestion()) ||
653                  Validator.isNull(user.getReminderQueryAnswer()))) {
654 
655                 if (PropsValues.USERS_REMINDER_QUERIES_ENABLED) {
656                     return _PATH_PORTAL_UPDATE_REMINDER_QUERY;
657                 }
658             }
659         }
660 
661         // Users must sign in
662 
663         if (!isPublicPath(path)) {
664             if (user == null) {
665                 SessionErrors.add(request, PrincipalException.class.getName());
666 
667                 return _PATH_PORTAL_LOGIN;
668             }
669         }
670 
671         ActionMapping mapping =
672             (ActionMapping)moduleConfig.findActionConfig(path);
673 
674         path = mapping.getPath();
675 
676         // Authenticated users must have at least one role
677 
678         if (user != null) {
679             try {
680 
681                 // FIX ME
682 
683                 if (false) {
684                     SessionErrors.add(
685                         request, RequiredRoleException.class.getName());
686 
687                     return _PATH_PORTAL_ERROR;
688                 }
689             }
690             catch (Exception e) {
691                 e.printStackTrace();
692             }
693         }
694 
695         // Define the portlet objects
696 
697         if (isPortletPath(path)) {
698             try {
699                 Portlet portlet = null;
700 
701                 long companyId = PortalUtil.getCompanyId(request);
702                 String portletId = ParamUtil.getString(request, "p_p_id");
703 
704                 if (Validator.isNotNull(portletId)) {
705                     portlet = PortletLocalServiceUtil.getPortletById(
706                         companyId, portletId);
707                 }
708 
709                 if (portlet == null) {
710                     String strutsPath = path.substring(
711                         1, path.lastIndexOf(StringPool.SLASH));
712 
713                     portlet = PortletLocalServiceUtil.getPortletByStrutsPath(
714                         companyId, strutsPath);
715                 }
716 
717                 if ((portlet != null) && portlet.isActive()) {
718                     defineObjects(request, response, portlet);
719                 }
720             }
721             catch (Exception e) {
722                 request.setAttribute(PageContext.EXCEPTION, e);
723 
724                 path = _PATH_COMMON_ERROR;
725             }
726         }
727 
728         // Authenticated users must have access to at least one layout
729 
730         if (SessionErrors.contains(
731                 request, LayoutPermissionException.class.getName())) {
732 
733             return _PATH_PORTAL_ERROR;
734         }
735 
736         return path;
737     }
738 
739     protected boolean processRoles(
740             HttpServletRequest request, HttpServletResponse response,
741             ActionMapping mapping)
742         throws IOException, ServletException {
743 
744         String path = mapping.getPath();
745 
746         if (isPublicPath(path)) {
747             return true;
748         }
749 
750         boolean authorized = true;
751 
752         User user = null;
753 
754         try {
755             user = PortalUtil.getUser(request);
756         }
757         catch (Exception e) {
758         }
759 
760         if ((user != null) && isPortletPath(path)) {
761             try {
762 
763                 // Authenticated users can always log out
764 
765                 if (path.equals(_PATH_PORTAL_LOGOUT)) {
766                     return true;
767                 }
768 
769                 Portlet portlet = null;
770 
771                 String portletId = ParamUtil.getString(request, "p_p_id");
772 
773                 if (Validator.isNotNull(portletId)) {
774                     portlet = PortletLocalServiceUtil.getPortletById(
775                         user.getCompanyId(), portletId);
776                 }
777 
778                 String strutsPath = path.substring(
779                     1, path.lastIndexOf(StringPool.SLASH));
780 
781                 if (portlet != null) {
782                     if (!strutsPath.equals(portlet.getStrutsPath())) {
783                         throw new PrincipalException();
784                     }
785                 }
786                 else {
787                     portlet = PortletLocalServiceUtil.getPortletByStrutsPath(
788                         user.getCompanyId(), strutsPath);
789                 }
790 
791                 if ((portlet != null) && portlet.isActive()) {
792                     ThemeDisplay themeDisplay =
793                         (ThemeDisplay)request.getAttribute(
794                             WebKeys.THEME_DISPLAY);
795 
796                     Layout layout = themeDisplay.getLayout();
797                     PermissionChecker permissionChecker =
798                         themeDisplay.getPermissionChecker();
799 
800                     if (!PortletPermissionUtil.contains(
801                             permissionChecker, layout.getPlid(), portlet,
802                             ActionKeys.VIEW)) {
803 
804                         throw new PrincipalException();
805                     }
806                 }
807                 else if (portlet != null && !portlet.isActive()) {
808                     SessionErrors.add(
809                         request, PortletActiveException.class.getName());
810 
811                     authorized = false;
812                 }
813             }
814             catch (Exception e) {
815                 SessionErrors.add(request, PrincipalException.class.getName());
816 
817                 authorized = false;
818             }
819         }
820 
821         if (!authorized) {
822             ForwardConfig forwardConfig =
823                 mapping.findForward(_PATH_PORTAL_ERROR);
824 
825             processForwardConfig(request, response, forwardConfig);
826 
827             return false;
828         }
829         else {
830             return true;
831         }
832     }
833 
834     private static String _PATH_C = "/c";
835 
836     private static String _PATH_COMMON = "/common";
837 
838     private static String _PATH_COMMON_ERROR = "/common/error";
839 
840     private static String _PATH_J_SECURITY_CHECK = "/j_security_check";
841 
842     private static String _PATH_PORTAL = "/portal";
843 
844     private static String _PATH_PORTAL_ERROR = "/portal/error";
845 
846     private static String _PATH_PORTAL_EXPIRE_SESSION =
847         "/portal/expire_session";
848 
849     private static String _PATH_PORTAL_EXTEND_SESSION =
850         "/portal/extend_session";
851 
852     private static String _PATH_PORTAL_FLASH = "/portal/flash";
853 
854     private static String _PATH_PORTAL_J_LOGIN = "/portal/j_login";
855 
856     private static String _PATH_PORTAL_JSON_SERVICE = "/portal/json_service";
857 
858     private static String _PATH_PORTAL_LAYOUT = "/portal/layout";
859 
860     private static String _PATH_PORTAL_LOGIN = "/portal/login";
861 
862     private static String _PATH_PORTAL_LOGOUT = "/portal/logout";
863 
864     private static String _PATH_PORTAL_PROTECTED = "/portal/protected";
865 
866     private static String _PATH_PORTAL_RENDER_PORTLET =
867         "/portal/render_portlet";
868 
869     private static String _PATH_PORTAL_TCK = "/portal/tck";
870 
871     private static String _PATH_PORTAL_TERMS_OF_USE = "/portal/terms_of_use";
872 
873     private static String _PATH_PORTAL_UPDATE_EMAIL_ADDRESS =
874         "/portal/update_email_address";
875 
876     private static String _PATH_PORTAL_UPDATE_PASSWORD =
877         "/portal/update_password";
878 
879     private static String _PATH_PORTAL_UPDATE_REMINDER_QUERY =
880         "/portal/update_reminder_query";
881 
882     private static String _PATH_PORTAL_UPDATE_TERMS_OF_USE =
883         "/portal/update_terms_of_use";
884 
885     private static Log _log = LogFactoryUtil.getLog(
886         PortalRequestProcessor.class);
887 
888     private Set<String> _lastPaths;
889     private Set<String> _publicPaths;
890     private Set<String> _trackerIgnorePaths;
891 
892 }