Package org.ejbca.core.model.authorization

Examples of org.ejbca.core.model.authorization.AuthorizationDeniedException


    public void removeCertificateProfile(String name) throws AuthorizationDeniedException {
        if (authorizedToProfileName(name, true)) {
            certificateProfileSession.removeCertificateProfile(administrator, name);
            this.info.certificateProfilesEdited();
        } else {
            throw new AuthorizationDeniedException("Not authorized to remove certificate profile");
        }
    }
View Full Code Here


    public void renameCertificateProfile(String oldname, String newname) throws CertificateProfileExistsException, AuthorizationDeniedException {
        if (authorizedToProfileName(oldname, true)) {
            certificateProfileSession.renameCertificateProfile(administrator, oldname, newname);
            this.info.certificateProfilesEdited();
        } else {
            throw new AuthorizationDeniedException("Not authorized to rename certificate profile");
        }
    }
View Full Code Here

    public void cloneCertificateProfile(String originalname, String newname) throws CertificateProfileExistsException, AuthorizationDeniedException {
        if (authorizedToProfileName(originalname, false)) {
            certificateProfileSession.cloneCertificateProfile(administrator, originalname, newname, caSession.getAvailableCAs(administrator));
            this.info.certificateProfilesEdited();
        } else {
            throw new AuthorizationDeniedException("Not authorized to clone certificate profile");
        }
    }
View Full Code Here

    }

    /** Method to get a reference to a end entity profile. */
    public CertificateProfile getCertificateProfile(int id) throws AuthorizationDeniedException {
        if (!authorizedToProfileId(id, false)) {
            throw new AuthorizationDeniedException("Not authorized to certificate profile");
        }
        return certificateProfileSession.getCertificateProfile(administrator, id);
    }
View Full Code Here

        return certificateProfileSession.getCertificateProfile(administrator, id);
    }

    public CertificateProfile getCertificateProfile(String profilename) throws AuthorizationDeniedException {
        if (!authorizedToProfileName(profilename, false)) {
            throw new AuthorizationDeniedException("Not authorized to certificate profile");
        }
        return certificateProfileSession.getCertificateProfile(administrator, profilename);
    }
View Full Code Here

     }catch(AuthorizationDeniedException e){}
     try{
       approvecaaction = getEjbcaWebBean().isAuthorizedNoLog(AccessRulesConstants.REGULAR_APPROVECAACTION);
     }catch(AuthorizationDeniedException e){}   
     if(!approveendentity && !approvecaaction){
       throw new AuthorizationDeniedException("Not authorized to view approval pages");
     }
     }
View Full Code Here

    /** Checks CA authorization and logs an official error if not and throws and AuthorizationDeniedException */
    private void assertAuthorizedToCA(final Admin admin, final int caid, final String username, final int logEvent) throws AuthorizationDeniedException {
        if (!authorizedToCA(admin, caid)) {
            final String msg = intres.getLocalizedMessage("ra.errorauthca", Integer.valueOf(caid));
            logSession.log(admin, caid, LogConstants.MODULE_RA, new Date(), username, null, logEvent, msg);
            throw new AuthorizationDeniedException(msg);
        }
    }
View Full Code Here

    /** Checks EEP authorization and logs an official error if not and throws and AuthorizationDeniedException */
    private void assertAuthorizedToEndEntityProfile(final Admin admin, final int endEntityProfileId, final String accessRule, final int caId, final String username, final int logEvent) throws AuthorizationDeniedException {
        if (!authorizedToEndEntityProfile(admin, endEntityProfileId, accessRule)) {
            final String msg = intres.getLocalizedMessage("ra.errorauthprofile", Integer.valueOf(endEntityProfileId));
            logSession.log(admin, caId, LogConstants.MODULE_RA, new Date(), username, null, logEvent, msg);
            throw new AuthorizationDeniedException(msg);
        }
    }
View Full Code Here

            if (getGlobalConfiguration(admin).getEnableEndEntityProfileLimitations()) {
                // Check if administrator is authorized to view user.
                if (!authorizedToEndEntityProfile(admin, data.getEndEntityProfileId(), AccessRulesConstants.VIEW_RIGHTS)) {
                  if (requestedUsername == null) {
                      final String msg = intres.getLocalizedMessage("ra.errorauthprofile", Integer.valueOf(data.getEndEntityProfileId()));
                        throw new AuthorizationDeniedException(msg);
                  } else {
                        final String msg = intres.getLocalizedMessage("ra.errorauthprofileexist", Integer.valueOf(data.getEndEntityProfileId()), requestedUsername);
                        throw new AuthorizationDeniedException(msg);
                  }
                }
            }
            if (!authorizedToCA(admin, data.getCaId())) {
              if (requestedUsername == null) {
                    final String msg = intres.getLocalizedMessage("ra.errorauthca", Integer.valueOf(data.getCaId()));
                    throw new AuthorizationDeniedException(msg);
              } else {
                final String msg = intres.getLocalizedMessage("ra.errorauthcaexist", Integer.valueOf(data.getCaId()), requestedUsername);
                    throw new AuthorizationDeniedException(msg);
              }
            }
            return data.toUserDataVO();
        }
        return null;
View Full Code Here

        if (username != null) {
            if (UserData.findByUsername(entityManager, username) == null) {
                String msg = intres.getLocalizedMessage("ra.errorcertnouser", issuerdn, certificatesnr.toString(16));
                logSession.log(admin, LogConstants.INTERNALCAID, LogConstants.MODULE_RA, new Date(), null, null,
                        LogConstants.EVENT_ERROR_ADMINISTRATORLOGGEDIN, msg);
                throw new AuthorizationDeniedException(msg);
            }
        }
        if (log.isTraceEnabled()) {
            log.trace("<checkIfCertificateBelongToUser()");
        }
View Full Code Here

TOP

Related Classes of org.ejbca.core.model.authorization.AuthorizationDeniedException

Copyright © 2018 www.massapicom. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.