Package org.springframework.security.access

Examples of org.springframework.security.access.AccessDeniedException

102
103
104
105
106
107
108
109
110
111
112
                return returnedObject;
            }

            logger.debug("Denying access");

            throw new AccessDeniedException(messages.getMessage("AclEntryAfterInvocationProvider.noPermission",
                    new Object[] {authentication.getName(), returnedObject},
                    "Authentication {0} has NO permissions to the domain object {1}"));
        }

        return returnedObject;
View Full Code Here
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
    public void securityCheck(Acl acl, int changeType) {
        if ((SecurityContextHolder.getContext() == null)
            || (SecurityContextHolder.getContext().getAuthentication() == null)
            || !SecurityContextHolder.getContext().getAuthentication().isAuthenticated()) {
            throw new AccessDeniedException("Authenticated principal required to operate with ACLs");
        }

        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();

        // Check if authorized by virtue of ACL ownership
        Sid currentUser = new PrincipalSid(authentication);

        if (currentUser.equals(acl.getOwner())
                && ((changeType == CHANGE_GENERAL) || (changeType == CHANGE_OWNERSHIP))) {
            return;
        }

        // Not authorized by ACL ownership; try via adminstrative permissions
        GrantedAuthority requiredAuthority;

        if (changeType == CHANGE_AUDITING) {
            requiredAuthority = this.gaModifyAuditing;
        } else if (changeType == CHANGE_GENERAL) {
            requiredAuthority = this.gaGeneralChanges;
        } else if (changeType == CHANGE_OWNERSHIP) {
            requiredAuthority = this.gaTakeOwnership;
        } else {
            throw new IllegalArgumentException("Unknown change type");
        }

        // Iterate this principal's authorities to determine right
        if (authentication.getAuthorities().contains(requiredAuthority)) {
            return;
        }

        // Try to get permission via ACEs within the ACL
        List<Sid> sids = sidRetrievalStrategy.getSids(authentication);

        if (acl.isGranted(Arrays.asList(BasePermission.ADMINISTRATION), sids, false)) {
            return;
        }

        throw new AccessDeniedException(
                "Principal does not have required ACL permissions to perform requested operation");
    }
View Full Code Here
78
79
80
81
82
83
84
85
86
87
88
                break;
            }
        }

        if (deny > 0) {
            throw new AccessDeniedException(messages.getMessage("AbstractAccessDecisionManager.accessDenied",
                    "Access is denied"));
        }

        // To get this far, every AccessDecisionVoter abstained
        checkAllowIfAllAbstainDecisions();
View Full Code Here
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
        if (grant > deny) {
            return;
        }

        if (deny > grant) {
            throw new AccessDeniedException(messages.getMessage("AbstractAccessDecisionManager.accessDenied",
                    "Access is denied"));
        }

        if ((grant == deny) && (grant != 0)) {
            if (this.allowIfEqualGrantedDeniedDecisions) {
                return;
            } else {
                throw new AccessDeniedException(messages.getMessage("AbstractAccessDecisionManager.accessDenied",
                        "Access is denied"));
            }
        }

        // To get this far, every AccessDecisionVoter abstained
View Full Code Here
191
192
193
194
195
196
197
198
199
200
201
    public void changePassword(String oldPassword, String newPassword) throws AuthenticationException {
        Authentication currentUser = SecurityContextHolder.getContext().getAuthentication();

        if (currentUser == null) {
            // This would indicate bad coding somewhere
            throw new AccessDeniedException("Can't change password as no Authentication object found in context " +
                    "for current user.");
        }

        String username = currentUser.getName();
View Full Code Here
85
86
87
88
89
90
91
92
93
94
95
                    grant++;

                    break;

                case AccessDecisionVoter.ACCESS_DENIED:
                    throw new AccessDeniedException(messages.getMessage("AbstractAccessDecisionManager.accessDenied",
                            "Access is denied"));

                default:
                    abstain++;
View Full Code Here
78
79
80
81
82
83
84
85
86
87
88
    public void changePassword(String oldPassword, String newPassword) {
        Authentication currentUser = SecurityContextHolder.getContext().getAuthentication();

        if (currentUser == null) {
            // This would indicate bad coding somewhere
            throw new AccessDeniedException("Can't change password as no Authentication object found in context " +
                    "for current user.");
        }

        String username = currentUser.getName();
View Full Code Here
59
60
61
62
63
64
65
66
67
68
69
    @Test
    public void moreSpecificDoesNotInvokeLessSpecific() throws Exception {
        handlers.put(CsrfException.class, handler1);
        handler = new DelegatingAccessDeniedHandler(handlers, handler3);

        AccessDeniedException accessDeniedException = new AccessDeniedException("");
        handler.handle(request, response, accessDeniedException);

        verify(handler1,never()).handle(any(HttpServletRequest.class), any(HttpServletResponse.class), any(AccessDeniedException.class));
        verify(handler3).handle(request, response, accessDeniedException);
    }
View Full Code Here
72
73
74
75
76
77
78
79
80
81
82
    public void matchesDoesNotInvokeDefault() throws Exception {
        handlers.put(InvalidCsrfTokenException.class, handler1);
        handlers.put(MissingCsrfTokenException.class, handler2);
        handler = new DelegatingAccessDeniedHandler(handlers, handler3);

        AccessDeniedException accessDeniedException = new MissingCsrfTokenException("123");
        handler.handle(request, response, accessDeniedException);

        verify(handler1,never()).handle(any(HttpServletRequest.class), any(HttpServletResponse.class), any(AccessDeniedException.class));
        verify(handler2).handle(request, response, accessDeniedException);
        verify(handler3,never()).handle(any(HttpServletRequest.class), any(HttpServletResponse.class), any(AccessDeniedException.class));
View Full Code Here
83
84
85
86
87
88
89
90
91
92
93
        request.setContextPath("/mycontext");
        request.setRequestURI("/mycontext/secure/page.html");

        // Setup the FilterChain to thrown an access denied exception
        FilterChain fc = mock(FilterChain.class);
        doThrow(new AccessDeniedException("")).when(fc).doFilter(any(HttpServletRequest.class), any(HttpServletResponse.class));

        // Setup SecurityContextHolder, as filter needs to check if user is
        // anonymous
        SecurityContextHolder.getContext().setAuthentication(
                new AnonymousAuthenticationToken("ignored", "ignored", AuthorityUtils.createAuthorityList("IGNORED")));
View Full Code Here
TOP

Related Classes of org.springframework.security.access.AccessDeniedException

  • com.es.app.eliteSystemSOUI
  • com.gcrm.security.UrlAccessDecisionManager
  • com.gcrm.util.security.UserUtil
  • com.iisigroup.cap.mvc.action.PageAction
  • com.iisigroup.cap.security.vote.ConditionsUnanimousBased
  • com.infoclinika.mssharing.web.security.RichUser
  • com.lanyuan.security.MyAccessDecisionManager
  • com.loc.security.MyAccssDecisionManager
  • com.narirelays.ems.j2ee.filters.IPRoleAuthenticationFilter
  • com.pe.pgn.clubpgn.security.MyAccessDecisionManager
    • Copyright © 2018 www.massapicom. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.