Package org.apache.shiro.authz

Examples of org.apache.shiro.authz.AuthorizationException


  }

  protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
    //null usernames are invalid
    if (principals == null) {
      throw new AuthorizationException("PrincipalCollection method argument cannot be null.");
    }

    String username = (String) principals.fromRealm(getName()).iterator().next();

View Full Code Here


        AuthorizationInfo info;
        try {
            info = queryForAuthorizationInfo(principals, getContextFactory());
        } catch (NamingException e) {
            String msg = "LDAP naming error while attempting to retrieve authorization for user [" + principals + "].";
            throw new AuthorizationException(msg, e);
        }

        return info;
    }
View Full Code Here

    @Override
    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {

        //null usernames are invalid
        if (principals == null) {
            throw new AuthorizationException("PrincipalCollection method argument cannot be null.");
        }

        String username = (String) getAvailablePrincipal(principals);

        Connection conn = null;
        Set<String> roleNames = null;
        Set<String> permissions = null;
        try {
            conn = dataSource.getConnection();

            // Retrieve roles and permissions from database
            roleNames = getRoleNamesForUser(conn, username);
            if (permissionsLookupEnabled) {
                permissions = getPermissions(conn, username, roleNames);
            }

        } catch (SQLException e) {
            final String message = "There was a SQL error while authorizing user [" + username + "]";
            if (log.isErrorEnabled()) {
                log.error(message, e);
            }

            // Rethrow any SQL errors as an authorization exception
            throw new AuthorizationException(message, e);
        } finally {
            JdbcUtils.closeConnection(conn);
        }

        SimpleAuthorizationInfo info = new SimpleAuthorizationInfo(roleNames);
View Full Code Here

        }
        catch(AuthorizationException ae) {
            // Annotation handler doesn't know why it was called, so add the information here if possible.
            // Don't wrap the exception here since we don't want to mask the specific exception, such as
            // UnauthenticatedException etc.
            if (ae.getCause() == null) ae.initCause(new AuthorizationException("Not authorized to invoke method: " + mi.getMethod()));
            throw ae;
        }        
    }
View Full Code Here

        AuthorizationInfo info;
        try {
            info = queryForAuthorizationInfo(principals, getContextFactory());
        } catch (NamingException e) {
            String msg = "LDAP naming error while attempting to retrieve authorization for user [" + principals + "].";
            throw new AuthorizationException(msg, e);
        }

        return info;
    }
View Full Code Here

    @Override
    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {

        //null usernames are invalid
        if (principals == null) {
            throw new AuthorizationException("PrincipalCollection method argument cannot be null.");
        }

        String username = (String) getAvailablePrincipal(principals);

        Connection conn = null;
        Set<String> roleNames = null;
        Set<String> permissions = null;
        try {
            conn = dataSource.getConnection();

            // Retrieve roles and permissions from database
            roleNames = getRoleNamesForUser(conn, username);
            if (permissionsLookupEnabled) {
                permissions = getPermissions(conn, username, roleNames);
            }

        } catch (SQLException e) {
            final String message = "There was a SQL error while authorizing user [" + username + "]";
            if (log.isErrorEnabled()) {
                log.error(message, e);
            }

            // Rethrow any SQL errors as an authorization exception
            throw new AuthorizationException(message, e);
        } finally {
            JdbcUtils.closeConnection(conn);
        }

        SimpleAuthorizationInfo info = new SimpleAuthorizationInfo(roleNames);
View Full Code Here

        AuthorizationInfo info;
        try {
            info = queryForAuthorizationInfo(principals, ensureContextFactory());
        } catch (NamingException e) {
            String msg = "LDAP naming error while attempting to retrieve authorization for user [" + principals + "].";
            throw new AuthorizationException(msg, e);
        }

        return info;
    }
View Full Code Here

    } else {
      List<ControlParameter> parameters = request.getHandler().getParameters();
      for (ControlParameter parameter : parameters) {
        if (parameter instanceof ContextualParameter) {
          if (AuthorizationException.class.isAssignableFrom(parameter.getType())) {
            request.getContextualArguments().put((ContextualParameter)parameter, new AuthorizationException("Access denied "
                + request.getHandler() + " with config " + json));
            return stage.invoke();
          }
        }
      }

      return new Response.Error(new AuthorizationException("Access denied " + request.getHandler() + " with config " + json));
    }
  }
View Full Code Here

        Class<? extends Page> respondWithPage = null;
        RedirectPolicy redirectPolicy = RedirectPolicy.NEVER_REDIRECT;
       
        if(error instanceof AuthorizationException)
        {
            AuthorizationException ae = (AuthorizationException) error;
            if(authenticationNeeded(ae))
            {
                if(loginPage != null)
                {
                    onLoginRequired();
View Full Code Here

     * @throws UnauthorizedInstantiationException the login page
     *                                            has not been configured (i.e. is {@code null})
     */
    public void onUnauthorizedInstantiation(Component component)
    {
        AuthorizationException cause;
        RequestCycle rc = RequestCycle.get();
        cause = rc.getMetaData(EXCEPTION_KEY);
       
        // Show appropriate login or error page if possible
        IRequestHandler handler = onException(rc, cause);
View Full Code Here

TOP

Related Classes of org.apache.shiro.authz.AuthorizationException

Copyright © 2018 www.massapicom. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.