Package nexj.core.runtime

Examples of nexj.core.runtime.SecurityViolationException


    */
   public void checkReadAccess(PrivilegeSet privilegeSet) throws SecurityViolationException
   {
      if (m_nVisibility != Metaclass.PUBLIC)
      {
         throw new SecurityViolationException("err.rpc.attributeVisibility",
            new Object[]{getName(), m_metaclass.getName()});
      }

      if (m_readPrivilege != null && !privilegeSet.contains(m_readPrivilege))
      {
         throw new SecurityViolationException("err.rpc.attributeReadPrivilege",
            new Object[]{getName(), m_metaclass.getName(), m_readPrivilege.getName()});
      }
   }
View Full Code Here


    */
   public void checkUpdateAccess(PrivilegeSet privilegeSet) throws SecurityViolationException
   {
      if (m_nVisibility != Metaclass.PUBLIC)
      {
         throw new SecurityViolationException("err.rpc.attributeVisibility",
            new Object[]{getName(), m_metaclass.getName()});
      }

      if (m_bReadOnly)
      {
         throw new SecurityViolationException("err.runtime.attributeReadOnlyAccess",
            new Object[]{getName(), m_metaclass.getName()});
      }

      if (m_updatePrivilege != null && !privilegeSet.contains(m_updatePrivilege))
      {
         throw new SecurityViolationException("err.rpc.attributeUpdatePrivilege",
            new Object[]{getName(), m_metaclass.getName(), m_updatePrivilege.getName()});
      }
   }
View Full Code Here

   {
      PrimitivePrivilege privilege = context.getMetadata().getGenericRPCPrivilege();

      if (privilege != null && !context.getPrivilegeSet().contains(privilege))
      {
         throw new SecurityViolationException("err.rpc.privilege",
            new Object[]{context.getPrincipal().getName(), privilege.getName()});
      }
   }
View Full Code Here

      }
      else
      {
         if (m_context.isSecure() && instance != null && !instance.isReadable())
         {
            throw new SecurityViolationException("err.rpc.instanceAccess",
               new Object[]{instance.getLazyCaption(), instance.getLazyClassName()});
         }
      }

      if (instance != null && ! m_invocationList.contains(tobj))
View Full Code Here

      boolean bSecure = m_context.isSecure();

      if (bSecure && service.getPrivilege() != null &&
         !m_context.getPrivilegeSet().contains(service.getPrivilege()))
      {
         throw new SecurityViolationException("err.integration.service.unauthorized",
            new Object[]{service.getFullName()});
      }

      if (service.getInterface() != null)
      {
View Full Code Here

         }
      }

      if (!isCached() && m_context.isProtected() && m_context.isSecure() && oid != null && !instance.isReadable())
      {
         throw new SecurityViolationException("err.rpc.instanceAccess", new Object[]
         {
            metaclass.getCaption(),
            metaclass.getName()
         });
      }
View Full Code Here

                  new Object[]{member.getName(), metaclass.getName()});
            }

            if (m_context.isProtected() && member.getVisibility() != Metaclass.PUBLIC)
            {
               throw new SecurityViolationException("err.rpc.eventVisibility",
                  new Object[]{member.getName(), metaclass.getName()});
            }

            Event event = (Event)member;
            Object[] args = new Object[nArgCount + 1];
View Full Code Here

      // Deny anonymous access to non-anonymous channels, and vice-versa
      if (HTTPUtil.isAnonymousRequest(m_request, metadata))
      {
         if (http.getAuthMode() != HTTPChannel.AUTH_NONE)
         {
            throw new SecurityViolationException("err.rpc.anonymous");
         }
      }
      else if (http.getAuthMode() == HTTPChannel.AUTH_NONE)
      {
         throw new SecurityViolationException("err.rpc.notAnonymous", new Object[]{sChannel});
      }

      boolean bRequestUsesCertificateAuth = HTTPUtil.isUsingClientCertificateAuthentication(m_request);

      // Deny access to client certificate channels if no certificate present
      if (http.getAuthMode() == HTTPChannel.AUTH_CERT)
      {
         if (!bRequestUsesCertificateAuth)
         {
            throw new SecurityViolationException("err.rpc.http.certificateRequired", new Object[]{sChannel});
         }

         X509Certificate[] certs = (X509Certificate[])m_request.getAttribute(HTTPUtil.CLIENT_CERTIFICATE_ATTRIBUTE_NAME);

         if (certs == null)
         {
            throw new SecurityViolationException("err.integration.missingCertificate", new Object[]{sChannel});
         }

         // The certificate should now be validated against allowed certificates for this channel.
         if (!HTTPUtil.isCertificateMatched(http.getTrustedCertificate(), certs))
         {
            throw new SecurityViolationException("err.integration.unauthorized", new Object[]{sChannel});
         }
      }
      else if (bRequestUsesCertificateAuth)
      {
         // Deny access to non-certificate-auth channels through certificate authentication.
         throw new SecurityViolationException("err.integration.unauthorized", new Object[]{sChannel});
      }

      if (http.getPrivilege() != null && !m_context.getPrivilegeSet().contains(http.getPrivilege()))
      {
         throw new SecurityViolationException("err.integration.unauthorized", new Object[]{sChannel});
      }
     
      m_lMaxRequestSize = http.getMaxRequestSize();

      HTTPAdapter adapter = (HTTPAdapter)channel.getReceiver().getInstance(m_context);
View Full Code Here

         );
      }

      if (!isAnonEnabled() && HTTPUtil.isAnonymousRequest(m_request, metadata))
      {
         throw new SecurityViolationException("err.rpc.anonymous");
      }
   }
View Full Code Here

      if (bRequestUsesCertificateAuth)
      {
         if (trustedCertificate == null)
         {
            throw new SecurityViolationException("err.integration.unauthorized", new Object[]{m_servlet.getServletName()});
         }

         X509Certificate[] certs = (X509Certificate[])m_request.getAttribute(HTTPUtil.CLIENT_CERTIFICATE_ATTRIBUTE_NAME);

         if (certs == null)
         {
            throw new SecurityViolationException("err.integration.missingCertificate", new Object[]{m_servlet.getServletName()});
         }

         // The certificate should now be validated against allowed certificates for this channel.
         if (!HTTPUtil.isCertificateMatched(trustedCertificate, certs))
         {
            throw new SecurityViolationException("err.integration.unauthorized", new Object[]{m_servlet.getServletName()});
         }
      }
      else if (HttpServletRequest.BASIC_AUTH.equals(m_request.getAuthType()))
      {
         if (!bAllowBasic)
         {
            throw new SecurityViolationException("err.integration.unauthorized", new Object[]{m_servlet.getServletName()});
         }
      }
   }
View Full Code Here

TOP

Related Classes of nexj.core.runtime.SecurityViolationException

Copyright © 2018 www.massapicom. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.