Package javax.ws.rs

Examples of javax.ws.rs.NotAuthorizedException

223
224
225
226
227
228
229
230
231
232
233
        final Form form = response.readEntity(Form.class);
        final String accessToken = form.asMap().getFirst(OAuth1Parameters.TOKEN);
        final String accessTokenSecret = form.asMap().getFirst(OAuth1Parameters.TOKEN_SECRET);

        if (accessToken == null) {
            throw new NotAuthorizedException(LocalizationMessages.ERROR_REQUEST_ACCESS_TOKEN_NULL());
        }

        parameters.token(accessToken);
        secrets.tokenSecret(accessTokenSecret);
        final AccessToken resultToken = new AccessToken(parameters.getToken(), secrets.getTokenSecret());
View Full Code Here
301
302
303
304
305
306
307
308
309
310
   
    private SecurityContext getAndValidateSecurityContext() {
        SecurityContext securityContext = 
            (SecurityContext)getMessageContext().get(SecurityContext.class.getName());
        if (securityContext == null || securityContext.getUserPrincipal() == null) {
            throw new NotAuthorizedException(Response.status(401).build());
        }
        checkTransportSecurity();
        return securityContext;
    }
View Full Code Here
169
170
171
172
173
174
175
176
177
                client = getAndValidateClient(authInfo[0], authInfo[1]);
            }
        }
       
        if (client == null) {
            throw new NotAuthorizedException(Response.status(401).build());
        }
        return client;
    }
View Full Code Here
187
188
189
190
191
192
193
194
195
            return client;
        }
        if (clientSecret == null || client.getClientSecret() == null
            || !client.getClientId().equals(clientId)
            || !client.getClientSecret().equals(clientSecret)) {
            throw new NotAuthorizedException(Response.status(401).build());
        }
        return client;
    }
View Full Code Here
76
77
78
79
80
81
82
83
84
                client = getAndValidateClient(authInfo[0], authInfo[1]);
            }
        }
       
        if (client == null) {
            throw new NotAuthorizedException(Response.status(401).build());
        }
        return client;
    }
View Full Code Here
93
94
95
96
97
98
99
100
101
            return client;
        }
        if (clientSecret == null || client.getClientSecret() == null
            || !client.getClientId().equals(clientId)
            || !client.getClientSecret().equals(clientSecret)) {
            throw new NotAuthorizedException(Response.status(401).build());
        }
        return client;
    }
View Full Code Here
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
       
        List<String> authHeaders = messageContext.getHttpHeaders()
            .getRequestHeader(HttpHeaders.AUTHORIZATION);
        if (authHeaders.size() != 1) {
            LOG.fine("No Authorization header is available");
            throw new NotAuthorizedException(getFaultResponse());
        }
        String[] authPair = StringUtils.split(authHeaders.get(0), " ");
        if (authPair.length != 2 || !NEGOTIATE_SCHEME.equalsIgnoreCase(authPair[0])) {
            LOG.fine("Negotiate Authorization scheme is expected");
            throw new NotAuthorizedException(getFaultResponse());
        }
               
        byte[] serviceTicket = getServiceTicket(authPair[1]);
       
        try {
            Subject serviceSubject = loginAndGetSubject();
           
            GSSContext gssContext = createGSSContext();

            Subject.doAs(serviceSubject, new ValidateServiceTicketAction(gssContext, serviceTicket));
           
            GSSName srcName = gssContext.getSrcName();
            if (srcName == null) {
                throw new NotAuthorizedException(getFaultResponse());
            }
           
            String complexUserName = srcName.toString();
           
            String simpleUserName = complexUserName;
            int index = simpleUserName.lastIndexOf('@');
            if (index > 0) {
                simpleUserName = simpleUserName.substring(0, index);
            }
            if (!gssContext.getCredDelegState()) {
                gssContext.dispose();
                gssContext = null;
            }
            Message m = JAXRSUtils.getCurrentMessage();
            m.put(SecurityContext.class,
                new KerberosSecurityContext(new KerberosPrincipal(simpleUserName,
                                                                  complexUserName),
                                            gssContext));
           
        } catch (LoginException e) {
            LOG.fine("Unsuccessful JAAS login for the service principal");
            throw new NotAuthorizedException(getFaultResponse());
        } catch (GSSException e) {
            LOG.fine("GSS API exception: " + e.getMessage());
            throw new NotAuthorizedException(getFaultResponse());
        } catch (PrivilegedActionException e) {
            LOG.fine("PrivilegedActionException: " + e.getMessage());
            throw new NotAuthorizedException(getFaultResponse());
        }
    }
View Full Code Here
161
162
163
164
165
166
167
168
   
    private byte[] getServiceTicket(String encodedServiceTicket) {
        try {
            return Base64Utility.decode(encodedServiceTicket);
        } catch (Base64Exception ex) {
            throw new NotAuthorizedException(getFaultResponse());
        }
    }
View Full Code Here
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
        Form form = readFormData(message);
        MultivaluedMap<String, String> formData = form.asMap();
        String assertionType = formData.getFirst(Constants.CLIENT_AUTH_ASSERTION_TYPE);
        String decodedAssertionType = assertionType != null ? HttpUtils.urlDecode(assertionType) : null;
        if (decodedAssertionType == null || !Constants.CLIENT_AUTH_SAML2_BEARER.equals(decodedAssertionType)) {
            throw new NotAuthorizedException(errorResponse());
        }
        String assertion = formData.getFirst(Constants.CLIENT_AUTH_ASSERTION_PARAM);
       
        Element token = readToken(message, assertion);        
        String clientId = formData.getFirst(OAuthConstants.CLIENT_ID);
        validateToken(message, token, clientId);
       
       
        formData.remove(OAuthConstants.CLIENT_ID);
        formData.remove(Constants.CLIENT_AUTH_ASSERTION_PARAM);
        formData.remove(Constants.CLIENT_AUTH_ASSERTION_TYPE);
       
        // restore input stream
        try {
            FormUtils.restoreForm(provider, form, message);
        } catch (Exception ex) {
            throw new NotAuthorizedException(errorResponse());
        }
    }
View Full Code Here
86
87
88
89
90
91
92
93
   
    private Form readFormData(Message message) {
        try {
            return FormUtils.readForm(provider, message);
        } catch (Exception ex) {
            throw new NotAuthorizedException(errorResponse());   
        }
    }
View Full Code Here
TOP

Related Classes of javax.ws.rs.NotAuthorizedException

  • com.ndriven.jive.cloud.examples.addon.rest.DiagnosticsResource
  • com.ndriven.jive.cloud.examples.addon.rest.ResourceBase
  • com.restfully.shop.features.OneTimePasswordAuthenticator
  • org.apache.cxf.jaxrs.security.KerberosAuthenticationFilter
  • org.apache.cxf.jaxrs.utils.SpecExceptions
  • org.apache.cxf.rs.security.oauth.utils.OAuthUtils
  • org.apache.cxf.rs.security.oauth2.auth.saml.Saml2BearerAuthHandler
  • org.apache.cxf.rs.security.oauth2.saml.SamlOAuthValidator
  • org.apache.cxf.rs.security.oauth2.services.AbstractTokenService
  • org.apache.cxf.rs.security.oauth2.services.AccessTokenService
    • Copyright © 2018 www.massapicom. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.