Package javax.faces.application

Examples of javax.faces.application.ProtectedViewException

375
376
377
378
379
380
381
382
                valid = false;
            }
        }
        if (!valid)
        {
            throw new ProtectedViewException();
        }
    }
View Full Code Here
375
376
377
378
379
380
381
382
                valid = false;
            }
        }
        if (!valid)
        {
            throw new ProtectedViewException();
        }
    }
View Full Code Here
387
388
389
390
391
392
393
394
                valid = false;
            }
        }
        if (!valid)
        {
            throw new ProtectedViewException();
        }
    }
View Full Code Here
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
            String incomingSecretKeyValue = extContext.getRequestParameterMap().
                get(ResponseStateManager.NON_POSTBACK_VIEW_TOKEN_PARAM);
            String correctSecretKeyValue = rsm.getCryptographicallyStrongTokenFromSession(context);
            if (null == incomingSecretKeyValue ||
                !correctSecretKeyValue.equals(incomingSecretKeyValue)) {
                throw new ProtectedViewException();
            }
            String sep = "/";
            // Check the referer header
            if (headers.containsKey("Referer")) {
                String referer = headers.get("Referer");
                boolean refererIsInProtectedSet = isProtectedView(referer, urlPatterns);
                if (!refererIsInProtectedSet) {
                    boolean refererOriginatesInThisWebapp = false;
                    try {
                        refererOriginatesInThisWebapp = originatesInWebapp(context, referer, vdl);
                    } catch(URISyntaxException ue) {
                        throw new ProtectedViewException(ue);   
                    }
                    if (!refererOriginatesInThisWebapp) {
                        String message = FacesLogger.LIFECYCLE.interpolateMessage(context,
                            "jsf.lifecycle.invalid.referer", new String [] { referer, viewId });
                        if (LOGGER.isLoggable(Level.SEVERE)) {
                            LOGGER.log(Level.SEVERE, message);
                        }
                        throw new ProtectedViewException(message);               
                    }
                }
            }
            // Check the origin header
            if (headers.containsKey("Origin")) {
                String origin = headers.get("Origin");
                boolean originIsInProtectedSet = isProtectedView(origin, urlPatterns);
                if (!originIsInProtectedSet) {
                    boolean originOriginatesInThisWebapp = false;
                    try {
                        originOriginatesInThisWebapp = originatesInWebapp(context, origin, vdl);
                    } catch(URISyntaxException ue) {
                        throw new ProtectedViewException(ue);   
                    }
                    if (!originOriginatesInThisWebapp) {
                        String message = FacesLogger.LIFECYCLE.interpolateMessage(context,
                            "jsf.lifecycle.invalid.origin", new String [] { origin, viewId });
                        if (LOGGER.isLoggable(Level.SEVERE)) {
                            LOGGER.log(Level.SEVERE, message);
                        }
                        throw new ProtectedViewException(message);               
                    }
                }
            }
        }
    }
View Full Code Here
TOP

Related Classes of javax.faces.application.ProtectedViewException

  • com.sun.faces.lifecycle.RestoreViewPhase
  • org.apache.myfaces.lifecycle.RestoreViewExecutor
    • Copyright © 2018 www.massapicom. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.