Thursday, November 20, 2008

RESTlet with Portlet in Liferay

Liferay allows authentication plugins in order to flexibly accommodate implementations that need more than what comes out-of-the-box. Incidentally, a portlet we have been working on has some rules governing its render state. There are situations where it shouldn't be rendered due to a blacklisting strategy in our requirements. Unfortunately, Liferay's permissions are strictly based on whitelists.

So, how to not render the portlet for a group of people and do render it for others using a whitelist? Logic for who should see it is purely internal to the portlet and it made sense (in simplicity and respecting separation of concerns) to expose a RESTlet for consumption of our authentication module. The authentication module in turn puts people in the proper groups for various community and portlet access. Setup was incredibly simple and it didn't take much more effort to enable JPA transaction support with this class:

* Enables JPA transactional support for subclassed Restlets.
public abstract class AbstractJpaRestlet extends Restlet {
private static final Logger logger = Logger.getLogger(AbstractJpaRestlet.class);

private EntityManagerFactory emf;

* Handler for Restlet requests and responses. Implementing this method
* will ensure db connectivity and transactions support with the DAOs
* @param req incoming Request
* @param resp outgoing Response
public abstract void doHandle(Request req, Response resp);

public void handle(Request request, Response response) {
EntityManager em = emf.createEntityManager();
TransactionSynchronizationManager.bindResource(emf, new EntityManagerHolder(em));

try {

doHandle(request, response);
} catch (Throwable t) {

logger.error(this, t);

throw new RestletException(t.getMessage());

This is my first RESTlet and I'd be interested in any feedback or pointers in this approach. I'm quite happy with how fast it was to code up. There's only one implementation of this class at this point, but the pattern is very simple and allows for quick future expansion as we need to expose more data.

No comments: