Examples of InsufficientAuthenticationException

• org.acegisecurity.InsufficientAuthenticationException
  Thrown if an authentication request is rejected because the credentials are not sufficiently trusted.

  { {@link org.acegisecurity.vote.AccessDecisionVoter}s will typically throw this exception if they are dissatisfied with the level of the authentication, such as if performed using a remember-me mechanism or anonymously. The commonly used {@link org.acegisecurity.ui.ExceptionTranslationFilter} will thus cause the AuthenticationEntryPointto be called, allowing the principal to authenticate with a stronger level of authentication.}

  @author Ben Alex @version $Id: InsufficientAuthenticationException.java 1496 2006-05-23 13:38:33Z benalex $
• org.springframework.security.InsufficientAuthenticationException
• org.springframework.security.authentication.InsufficientAuthenticationException
  Thrown if an authentication request is rejected because the credentials are not sufficiently trusted.

  {@link org.springframework.security.access.AccessDecisionVoter}s will typically throw this exception if they are dissatisfied with the level of the authentication, such as if performed using a remember-me mechanism or anonymously. The {@code ExceptionTranslationFilter} will then typically cause the {@code AuthenticationEntryPoint}to be called, allowing the principal to authenticate with a stronger level of authentication. @author Ben Alex

Examples of org.acegisecurity.InsufficientAuthenticationException

    public static AcegiSecurityException unauthorizedAccess(String resourceName) {
        // not hide, and not filtering out a list, this
        // is an unauthorized direct resource access, complain
        Authentication user = user();
        if (user == null || user.getAuthorities().length == 0)
            return new InsufficientAuthenticationException("Cannot access "
                    + resourceName + " as anonymous");
        else
            return new AccessDeniedException("Cannot access "
                    + resourceName + " with the current privileges");
    }

Examples of org.acegisecurity.InsufficientAuthenticationException

    public static AcegiSecurityException unauthorizedAccess() {
        // not hide, and not filtering out a list, this
        // is an unauthorized direct resource access, complain
        Authentication user = user();
        if (user == null || user.getAuthorities().length == 0)
            return new InsufficientAuthenticationException("Operation unallowed with the current privileges");
        else
            return new AccessDeniedException("Operation unallowed with the current privileges");
    }

Examples of org.acegisecurity.InsufficientAuthenticationException

            // user is authenticated and has one of the required roles
            if(!allowedRoles.contains(ServiceAccessRule.ANY) && !allowedRoles.isEmpty()) {
                Authentication user = SecurityContextHolder.getContext().getAuthentication();

                if (user == null || user.getAuthorities().length == 0)
                    throw new InsufficientAuthenticationException("Cannot access "
                            + service + "." + method + " as anonymous");

                boolean roleFound = false;
                for (GrantedAuthority role : user.getAuthorities()) {
                    if(allowedRoles.contains(role.getAuthority())) {

Examples of org.acegisecurity.InsufficientAuthenticationException

        if (logger.isDebugEnabled()) {
          logger.debug("Access is denied (user is anonymous); redirecting to authentication entry point",
              exception);
        }

        sendStartAuthentication(request, response, chain, new InsufficientAuthenticationException(
            "Full authentication is required to access this resource"));
      }
      else {
        if (logger.isDebugEnabled()) {
          logger.debug("Access is denied (user is not anonymous); delegating to AccessDeniedHandler",

Examples of org.acegisecurity.InsufficientAuthenticationException

                    logger.debug("Access is denied (user is anonymous); redirecting to authentication entry point",
                        accessDenied);
                }

                sendStartAuthentication(request, response, chain,
                    new InsufficientAuthenticationException(
                        "Full authentication is required to access this resource"));
            } else {
                if (logger.isDebugEnabled()) {
                    logger.debug("Access is denied (user is not anonymous); sending back forbidden response",
                        accessDenied);

Examples of org.springframework.security.InsufficientAuthenticationException

    public static SpringSecurityException unauthorizedAccess(String resourceName) {
        // not hide, and not filtering out a list, this
        // is an unauthorized direct resource access, complain
        Authentication user = user();
        if (user == null || user.getAuthorities().length == 0)
            return new InsufficientAuthenticationException("Cannot access "
                    + resourceName + " as anonymous");
        else
            return new AccessDeniedException("Cannot access "
                    + resourceName + " with the current privileges");
    }

Examples of org.springframework.security.InsufficientAuthenticationException

    public static SpringSecurityException unauthorizedAccess() {
        // not hide, and not filtering out a list, this
        // is an unauthorized direct resource access, complain
        Authentication user = user();
        if (user == null || user.getAuthorities().length == 0)
            return new InsufficientAuthenticationException("Operation unallowed with the current privileges");
        else
            return new AccessDeniedException("Operation unallowed with the current privileges");
    }

Examples of org.springframework.security.InsufficientAuthenticationException

            // user is authenticated and has one of the required roles
            if(!allowedRoles.contains(ServiceAccessRule.ANY) && !allowedRoles.isEmpty()) {
                Authentication user = SecurityContextHolder.getContext().getAuthentication();

                if (user == null || user.getAuthorities().length == 0)
                    throw new InsufficientAuthenticationException("Cannot access "
                            + service + "." + method + " as anonymous");

                boolean roleFound = false;
                for (GrantedAuthority role : user.getAuthorities()) {
                    if(allowedRoles.contains(role.getAuthority())) {

Examples of org.springframework.security.authentication.InsufficientAuthenticationException

                if (logger.isDebugEnabled()) {
                    logger.debug("Access is denied (user is anonymous); redirecting to authentication entry point",
                                    exception);
                }

                sendStartAuthentication(request, response, chain, new InsufficientAuthenticationException(
                                "Full authentication is required to access this resource"));
            } else {
                if (logger.isDebugEnabled()) {
                    logger.debug("Access is denied (user is not anonymous); delegating to AccessDeniedHandler",
                                    exception);

Examples of org.springframework.security.authentication.InsufficientAuthenticationException

        else if (exception instanceof AccessDeniedException) {
            if (authenticationTrustResolver.isAnonymous(SecurityContextHolder.getContext().getAuthentication())) {
                logger.debug("Access is denied (user is anonymous); redirecting to authentication entry point",
                            exception);

                sendStartAuthentication(request, response, chain, new InsufficientAuthenticationException(
                        "Full authentication is required to access this resource"));
            }
            else {
                logger.debug("Access is denied (user is not anonymous); delegating to AccessDeniedHandler", exception);