Package org.springframework.security.access

Examples of org.springframework.security.access.AccessDeniedException

65
66
67
68
69
70
71
72
73
74
75
76
77
78
    String token = authentication.getConsumerCredentials().getToken();
    OAuthAccessProviderToken accessToken = null;
    if (StringUtils.hasText(token)) {
      OAuthProviderToken authToken = getTokenServices().getToken(token);
      if (authToken == null) {
        throw new AccessDeniedException("Invalid access token.");
      }
      else if (!authToken.isAccessToken()) {
        throw new AccessDeniedException("Token should be an access token.");
      }
      else if (authToken instanceof OAuthAccessProviderToken) {
        accessToken = (OAuthAccessProviderToken) authToken;
      }
    }
View Full Code Here
142
143
144
145
146
147
148
149
150
151
            denyAccess(context);
    }

  public void denyAccess(ServiceContext context) throws Exception {
    if (context.getUserSession().isAuthenticated()) {
      throw new AccessDeniedException("User is not permitted to access this resource");
    } else {
      throw new OperationNotAllowedEx();
    }
  }
View Full Code Here
87
88
89
90
91
92
93
94
95
96
97
            throw new AuthenticationCredentialsNotFoundException("User needs to log in");
        }
        User me = userRepository.findOneByUsername(context.getAuthentication().getName());

        if (me == null) {
            throw new AccessDeniedException(SecurityContextHolder.class.getSimpleName() + " has a user that is not in the database: " +
                                            context.getAuthentication());
        }

        Set<Integer> hsMyGroups = getGroups(me.getId(), me.getProfile());
View Full Code Here
62
63
64
65
66
67
68
69
70
71
72
    public void changePassword(String oldPassword, String newPassword) {
        Authentication currentUser = SecurityContextHolder.getContext().getAuthentication();

        if (currentUser == null) {
            // This would indicate bad coding somewhere
            throw new AccessDeniedException("Can't change password as no Authentication object found in context " +
                    "for current user.");
        }

        String username = currentUser.getName();
View Full Code Here
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
        if (grant > deny) {
            return;
        }

        if (deny > grant) {
            throw new AccessDeniedException(messages.getMessage("AbstractAccessDecisionManager.accessDenied",
                    "Access is denied"));
        }

        if ((grant == deny) && (grant != 0)) {
            if (this.allowIfEqualGrantedDeniedDecisions) {
                return;
            } else {
                throw new AccessDeniedException(messages.getMessage("AbstractAccessDecisionManager.accessDenied",
                        "Access is denied"));
            }
        }

        // To get this far, every AccessDecisionVoter abstained
View Full Code Here
73
74
75
76
77
78
79
80
81
82
83
                    grant++;

                    break;

                case AccessDecisionVoter.ACCESS_DENIED:
                    throw new AccessDeniedException(messages.getMessage("AbstractAccessDecisionManager.accessDenied",
                            "Access is denied"));

                default:
                    abstain++;
View Full Code Here
191
192
193
194
195
196
197
198
199
200
201
    public void changePassword(String oldPassword, String newPassword) throws AuthenticationException {
        Authentication currentUser = SecurityContextHolder.getContext().getAuthentication();

        if (currentUser == null) {
            // This would indicate bad coding somewhere
            throw new AccessDeniedException("Can't change password as no Authentication object found in context " +
                    "for current user.");
        }

        String username = currentUser.getName();
View Full Code Here
106
107
108
109
110
111
112
113
114
115
116
                return returnedObject;
            }

            logger.debug("Denying access");

            throw new AccessDeniedException(messages.getMessage("BasicAclEntryAfterInvocationProvider.noPermission",
                    new Object[] {authentication.getName(), returnedObject},
                    "Authentication {0} has NO permissions to the domain object {1}"));
        }

        return returnedObject;
View Full Code Here
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
    public void securityCheck(Acl acl, int changeType) {
        if ((SecurityContextHolder.getContext() == null)
            || (SecurityContextHolder.getContext().getAuthentication() == null)
            || !SecurityContextHolder.getContext().getAuthentication().isAuthenticated()) {
            throw new AccessDeniedException("Authenticated principal required to operate with ACLs");
        }

        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();

        // Check if authorized by virtue of ACL ownership
        Sid currentUser = new PrincipalSid(authentication);

        if (currentUser.equals(acl.getOwner())
                && ((changeType == CHANGE_GENERAL) || (changeType == CHANGE_OWNERSHIP))) {
            return;
        }

        // Not authorized by ACL ownership; try via adminstrative permissions
        GrantedAuthority requiredAuthority = null;

        if (changeType == CHANGE_AUDITING) {
            requiredAuthority = this.gaModifyAuditing;
        } else if (changeType == CHANGE_GENERAL) {
            requiredAuthority = this.gaGeneralChanges;
        } else if (changeType == CHANGE_OWNERSHIP) {
            requiredAuthority = this.gaTakeOwnership;
        } else {
            throw new IllegalArgumentException("Unknown change type");
        }

        // Iterate this principal's authorities to determine right
        if (authentication.getAuthorities().contains(requiredAuthority)) {
            return;
        }

        // Try to get permission via ACEs within the ACL
        List<Sid> sids = sidRetrievalStrategy.getSids(authentication);

        if (acl.isGranted(Arrays.asList(BasePermission.ADMINISTRATION), sids, false)) {
            return;
        }

        throw new AccessDeniedException(
                "Principal does not have required ACL permissions to perform requested operation");
    }
View Full Code Here
50
51
52
53
54
55
56
57
58
59
        if (postAuthorize != null && !ExpressionUtils.evaluateAsBoolean(postAuthorize, ctx)) {
            if (logger.isDebugEnabled()) {
                logger.debug("PostAuthorize expression rejected access");
            }
            throw new AccessDeniedException("Access is denied");
        }

        return returnedObject;
    }
View Full Code Here
TOP

Related Classes of org.springframework.security.access.AccessDeniedException

  • com.es.app.eliteSystemSOUI
  • com.gcrm.security.UrlAccessDecisionManager
  • com.gcrm.util.security.UserUtil
  • com.iisigroup.cap.mvc.action.PageAction
  • com.iisigroup.cap.security.vote.ConditionsUnanimousBased
  • com.infoclinika.mssharing.web.security.RichUser
  • com.lanyuan.security.MyAccessDecisionManager
  • com.loc.security.MyAccssDecisionManager
  • com.narirelays.ems.j2ee.filters.IPRoleAuthenticationFilter
  • com.pe.pgn.clubpgn.security.MyAccessDecisionManager
    • Copyright © 2018 www.massapicom. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.