protected void processServicePrePrincipalException(
Throwable t, long userId, HttpServletRequest request, HttpServletResponse response)
throws IOException, ServletException {
if (userId > 0) {
sendError(HttpServletResponse.SC_UNAUTHORIZED, t, request, response);
return;
}
String redirect = PortalUtil.getPathMain().concat("/portal/login");
String currentURL = PortalUtil.getCurrentURL(request);
redirect = HttpUtil.addParameter(redirect, "redirect", currentURL);
long plid = ParamUtil.getLong(request, "p_l_id");
if (plid > 0) {
try {
Layout layout = LayoutLocalServiceUtil.getLayout(plid);
Group group = layout.getGroup();
plid = group.getDefaultPublicPlid();
if ((plid == LayoutConstants.DEFAULT_PLID) || group.isStagingGroup()) {
Group guestGroup =
GroupLocalServiceUtil.getGroup(layout.getCompanyId(), GroupConstants.GUEST);
plid = guestGroup.getDefaultPublicPlid();
}
redirect = HttpUtil.addParameter(redirect, "p_l_id", plid);
} catch (Exception e) {
}
}
response.sendRedirect(redirect);
}
@Override
public void service(HttpServletRequest request, HttpServletResponse response)
throws IOException, ServletException {
if (PortalUtil.isMultipartRequest(request)) {
UploadServletRequest uploadServletRequest = new UploadServletRequestImpl(request);
request = uploadServletRequest;
}
String path = GetterUtil.getString(request.getPathInfo());
if ((!path.equals(StringPool.BLANK) && !path.equals(StringPool.SLASH))
|| (request.getParameter("discover") != null)) {
Locale locale = PortalUtil.getLocale(request, response, true);
LocaleThreadLocal.setThemeDisplayLocale(locale);
super.service(request, response);
return;
}
if (_log.isDebugEnabled()) {
_log.debug("Servlet context " + request.getContextPath());
}
String apiPath = PortalUtil.getPathMain() + "/portal/api/jsonws";
HttpSession session = request.getSession();
ServletContext servletContext = session.getServletContext();
boolean remoteAccess = AccessControlThreadLocal.isRemoteAccess();
try {
AccessControlThreadLocal.setRemoteAccess(true);
String contextPath = PortalContextLoaderListener.getPortalServletContextPath();
if (servletContext.getContext(contextPath) != null) {
if (!contextPath.equals(StringPool.SLASH) && apiPath.startsWith(contextPath)) {
apiPath = apiPath.substring(contextPath.length());
}
RequestDispatcher requestDispatcher = request.getRequestDispatcher(apiPath);
requestDispatcher.forward(request, response);
} else {
String servletContextPath = ContextPathUtil.getContextPath(servletContext);
String redirectPath = "/api/jsonws?contextPath=" + HttpUtil.encodeURL(servletContextPath);
response.sendRedirect(redirectPath);
}
} finally {
AccessControlThreadLocal.setRemoteAccess(remoteAccess);
}
}
@Override
protected void processFilter(
HttpServletRequest request, HttpServletResponse response, FilterChain filterChain)
throws Exception {
long companyId = PortalUtil.getCompanyId(request);
OpenSSOConfiguration openSSOConfiguration = getOpenSSOConfiguration(companyId);
String requestURI = GetterUtil.getString(request.getRequestURI());
if (requestURI.endsWith("/portal/logout")) {
HttpSession session = request.getSession();
session.invalidate();
response.sendRedirect(openSSOConfiguration.logoutURL());
return;
}
boolean authenticated = false;
try {
// LEP-5943
authenticated = _openSSO.isAuthenticated(request, openSSOConfiguration.serviceURL());
} catch (Exception e) {
_log.error(e, e);
processFilter(OpenSSOFilter.class, request, response, filterChain);
return;
}
HttpSession session = request.getSession();
if (authenticated) {
// LEP-5943
String newSubjectId = _openSSO.getSubjectId(request, openSSOConfiguration.serviceURL());
String oldSubjectId = (String) session.getAttribute(_SUBJECT_ID_KEY);
if (oldSubjectId == null) {
session.setAttribute(_SUBJECT_ID_KEY, newSubjectId);
} else if (!newSubjectId.equals(oldSubjectId)) {
session.invalidate();
session = request.getSession();
session.setAttribute(_SUBJECT_ID_KEY, newSubjectId);
}
processFilter(OpenSSOFilter.class, request, response, filterChain);
return;
} else if (PortalUtil.getUserId(request) > 0) {
session.invalidate();
}
if (!PropsValues.AUTH_FORWARD_BY_LAST_PATH
|| !openSSOConfiguration.loginURL().contains("/portal/login")) {
response.sendRedirect(openSSOConfiguration.loginURL());
return;
}
String currentURL = PortalUtil.getCurrentURL(request);
String redirect = currentURL;
if (currentURL.contains("/portal/login")) {
redirect = ParamUtil.getString(request, "redirect");
if (Validator.isNull(redirect)) {
redirect = PortalUtil.getPathMain();
}
}
redirect =
openSSOConfiguration.loginURL()
+ HttpUtil.encodeURL("?redirect=" + HttpUtil.encodeURL(redirect));
response.sendRedirect(redirect);
}
