Examples of org.apache.shiro.authz.UnauthenticatedException

org.apache.shiro.authz.UnauthenticatedException
Exception thrown when attempting to execute an authorization action when a successful authentication hasn't yet occurred.
Authorizations can only be performed after a successful authentication because authorization data (roles, permissions, etc) must always be associated with a known identity. Such a known identity can only be obtained upon a successful log-in. @author Les Hazlewood @since 0.1

                    "be executing " + Subject.class.getName() + ".login(AuthenticationToken) or when 'Remember Me' " +
                    "functionality is enabled by the SecurityManager.  This exception can also occur when a " +
                    "previously logged-in Subject has logged out which " +
                    "makes it anonymous again.  Because an identity is currently not known due to any of these " +
                    "conditions, authorization is denied.";
            throw new UnauthenticatedException(msg);
        }
    }

View Full Code Here

     * @throws org.apache.shiro.authz.AuthorizationException
     *          if the calling <code>Subject</code> is not a &quot;guest&quot;.
     */
    public void assertAuthorized(Annotation a) throws AuthorizationException {
        if (a instanceof RequiresGuest && getSubject().getPrincipal() != null) {
            throw new UnauthenticatedException("Attempting to perform a guest-only operation.  The current Subject is " +
                    "not a guest (they have been authenticated or remembered from a previous login).  Access " +
                    "denied.");
        }
    }

View Full Code Here

                    "be executing " + Subject.class.getName() + ".login(AuthenticationToken) or when 'Remember Me' " +
                    "functionality is enabled by the SecurityManager.  This exception can also occur when a " +
                    "previously logged-in Subject has logged out which " +
                    "makes it anonymous again.  Because an identity is currently not known due to any of these " +
                    "conditions, authorization is denied.";
            throw new UnauthenticatedException(msg);
        }
    }

View Full Code Here

     * @throws org.apache.shiro.authz.UnauthenticatedException if the calling <code>Subject</code> has not yet
     * authenticated.
     */
    public void assertAuthorized(Annotation a) throws UnauthenticatedException {
        if (a instanceof RequiresAuthentication && !getSubject().isAuthenticated() ) {
            throw new UnauthenticatedException( "The current Subject is not authenticated.  Access denied." );
        }
    }

View Full Code Here

     * @throws org.apache.shiro.authz.AuthorizationException
     *         if the calling <code>Subject</code> is not authenticated or remembered via rememberMe services.
     */
    public void assertAuthorized(Annotation a) throws AuthorizationException {
        if (a instanceof RequiresUser && getSubject().getPrincipal() == null) {
            throw new UnauthenticatedException("Attempting to perform a user-only operation.  The current Subject is " +
                    "not a user (they haven't been authenticated or remembered from a previous login).  " +
                    "Access denied.");
        }
    }

View Full Code Here

            System.out.println(getClass()+": "+value);
          }else{
            throw new UnauthorizedException();
          }
        }else{
          throw new UnauthenticatedException();
        }
      }else{
        throw new ConstraintViolationException(new HashSet<ConstraintViolation<?>>());
      }
    }

View Full Code Here

    Subject subject = getSubject();


    if (subject.getPrincipal() == null) {
      return;
    }
    throw new UnauthenticatedException("Attempting to perform a guest-only operation.  The current Subject is " +
        "not a guest (they have been authenticated or remembered from a previous login).  Access " +
        "denied.");
  }

View Full Code Here

  }


  @Override
  public void assertAuthorized() throws AuthorizationException {
    if (!getSubject().isAuthenticated()) {
      throw new UnauthenticatedException("The current Subject is not authenticated.  Access denied.");
    }
  }

View Full Code Here


  @Override
  public void assertAuthorized() throws AuthorizationException {
    Subject subject = getSubject();
    if (subject.getPrincipal() == null) {
      throw new UnauthenticatedException("Attempting to perform a user-only operation.  The current Subject is " +
          "not a user (they haven't been authenticated or remembered from a previous login).  " +
          "Access denied.");
    }
  }

View Full Code Here

                    "be executing " + Subject.class.getName() + ".login(AuthenticationToken) or when 'Remember Me' " +
                    "functionality is enabled by the SecurityManager.  This exception can also occur when a " +
                    "previously logged-in Subject has logged out which " +
                    "makes it anonymous again.  Because an identity is currently not known due to any of these " +
                    "conditions, authorization is denied.";
            throw new UnauthenticatedException(msg);
        }
    }

View Full Code Here

0 1 2

TOP

Related Classes of org.apache.shiro.authz.UnauthenticatedException

cn.dreampie.common.plugin.shiro.plugin.AuthenticatedAuthzHandler

cn.dreampie.common.plugin.shiro.plugin.GuestAuthzHandler

cn.dreampie.common.plugin.shiro.plugin.UserAuthzHandler

cn.dreampie.shiro.core.handler.AuthenticatedAuthzHandler

cn.dreampie.shiro.core.handler.GuestAuthzHandler

cn.dreampie.shiro.core.handler.UserAuthzHandler

com.jfinal.ext.plugin.shiro.AuthenticatedAuthzHandler

com.jfinal.ext.plugin.shiro.GuestAuthzHandler

com.jfinal.ext.plugin.shiro.UserAuthzHandler

com.tododev.shiro.GuiceAopTest$NoAop

All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.