org.springframework.security.access.AccessDeniedException类的使用及代码示例
本文整理了Java中org.springframework.security.access.AccessDeniedException类的一些代码示例,展示了AccessDeniedException类的具体用法。这些代码示例主要来源于Github/Stackoverflow/Maven等平台,是从一些精选项目中提取出来的代码,具有较强的参考意义,能在一定程度帮忙到你。AccessDeniedException类的具体详情如下:
包路径:org.springframework.security.access.AccessDeniedException
类名称:AccessDeniedException
AccessDeniedException介绍
[英]Thrown if an org.springframework.security.core.Authenticationobject does not hold a required authority.
[中]如果一个组织被抛出。springframework。安全果心Authenticationobject没有所需的权限。
代码示例
代码示例来源:origin: stackoverflow.com
@RequestMapping(value = "/system/login", method = RequestMethod.GET)
public void login(@RequestBody Login login) {
if(login.username == "test" && login.password == "test") {
throw new AllRightException();
}
else {
throw new AccessDeniedException();
}
}
@ExceptionHandler(AllRightException.class)
@ResponseStatus(HttpStatus.OK)
public void whenAllRight() {
}
@ExceptionHandler(AccessDeniedException.class)
@ResponseStatus(HttpStatus.BAD_REQUEST)
public void whenAccessDenied() {
}代码示例来源:origin: macrozheng/mall
@Override
public void handle(HttpServletRequest request, HttpServletResponse response, AccessDeniedException accessDeniedException) throws IOException, ServletException {
response.setHeader("Content-Type", "application/json;charset=utf-8");
response.getWriter().print("{\"code\":401,\"message\":\""+"未认证:"+accessDeniedException.getMessage()+"\"}");
response.getWriter().flush();
}
}代码示例来源:origin: synyx/urlaubsverwaltung
@ResponseStatus(HttpStatus.FORBIDDEN)
@ExceptionHandler(AccessDeniedException.class)
@ResponseBody
public ErrorResponse handleException(AccessDeniedException exception) {
LOG.debug(exception.toString());
return new ErrorResponse(HttpStatus.FORBIDDEN, exception);
}代码示例来源:origin: spring-projects/spring-security
public Object decide(Authentication authentication,
Object object,
Collection<ConfigAttribute> attributes,
Object returnedObject) throws AccessDeniedException {
throw new AccessDeniedException("custom AfterInvocationManager");
}代码示例来源:origin: macrozheng/mall
@Override
public void handle(HttpServletRequest request,
HttpServletResponse response,
AccessDeniedException e) throws IOException, ServletException {
response.setCharacterEncoding("UTF-8");
response.setContentType("application/json");
response.getWriter().println(JsonUtil.objectToJson(new CommonResult().forbidden(e.getMessage())));
response.getWriter().flush();
}
}代码示例来源:origin: spring-projects/spring-security
public void decide(Authentication authentication, Object object, Collection<ConfigAttribute> configAttributes) {
throw new AccessDeniedException("Always Denied");
}
public boolean supports(ConfigAttribute attribute) {代码示例来源:origin: org.springframework.boot/spring-boot-actuator
private void onAuthorizationFailureEvent(AuthorizationFailureEvent event) {
Map<String, Object> data = new HashMap<>();
data.put("type", event.getAccessDeniedException().getClass().getName());
data.put("message", event.getAccessDeniedException().getMessage());
if (event.getAuthentication().getDetails() != null) {
data.put("details", event.getAuthentication().getDetails());
}
publish(new AuditEvent(event.getAuthentication().getName(), AUTHORIZATION_FAILURE,
data));
}代码示例来源:origin: spring-projects/spring-security
@Override
public void decide(Authentication authentication, Object object, Collection<ConfigAttribute> configAttributes) throws AccessDeniedException, InsufficientAuthenticationException {
throw new AccessDeniedException("teapot");
}代码示例来源:origin: stormpath/stormpath-sdk-java
@ExceptionHandler(AccessDeniedException.class)
@ResponseStatus(HttpStatus.UNAUTHORIZED)
@ResponseBody
public Error processAccessDeniedException(AccessDeniedException e) {
return new Error(ErrorConstants.ERR_ACCESS_DENIED, e.getMessage());
}
}代码示例来源:origin: spring-projects/spring-security-oauth
@ExceptionHandler(HttpSessionRequiredException.class)
public ModelAndView handleHttpSessionRequiredException(HttpSessionRequiredException e, ServletWebRequest webRequest)
throws Exception {
logger.info("Handling Session required error: " + e.getMessage());
return handleException(new AccessDeniedException("Could not obtain authorization request from session", e),
webRequest);
}代码示例来源:origin: devicehive/devicehive-java-server
@Override
public Response toResponse(AccessDeniedException exception) {
return Response.status(Response.Status.FORBIDDEN)
.type(MediaType.APPLICATION_JSON_TYPE)
.entity(new ErrorResponse(Response.Status.FORBIDDEN.getStatusCode(), exception.getMessage()))
.build();
}代码示例来源:origin: 527515025/springBoot
@Override
public void decide(Authentication authentication, Object object, Collection<ConfigAttribute> configAttributes) throws AccessDeniedException, InsufficientAuthenticationException {
if(null== configAttributes || configAttributes.size() <=0) {
return;
}
ConfigAttribute c;
String needRole;
for(Iterator<ConfigAttribute> iter = configAttributes.iterator(); iter.hasNext(); ) {
c = iter.next();
needRole = c.getAttribute();
for(GrantedAuthority ga : authentication.getAuthorities()) {
if(needRole.trim().equals(ga.getAuthority())) {
return;
}
}
}
throw new AccessDeniedException("no right");
}代码示例来源:origin: com.stormpath.spring/stormpath-spring-security-webmvc
@ExceptionHandler(AccessDeniedException.class)
@ResponseStatus(HttpStatus.UNAUTHORIZED)
@ResponseBody
public Error processAccessDeniedException(AccessDeniedException e) {
return new Error(ErrorConstants.ERR_ACCESS_DENIED, e.getMessage());
}
}代码示例来源:origin: spring-projects/spring-security
public void changePassword(String oldPassword, String newPassword) {
Authentication currentUser = SecurityContextHolder.getContext()
.getAuthentication();
if (currentUser == null) {
// This would indicate bad coding somewhere
throw new AccessDeniedException(
"Can't change password as no Authentication object found in context "
+ "for current user.");
}
String username = currentUser.getName();
logger.debug("Changing password for user '" + username + "'");
// If an authentication manager has been set, re-authenticate the user with the
// supplied password.
if (authenticationManager != null) {
logger.debug("Reauthenticating user '" + username
+ "' for password change request.");
authenticationManager.authenticate(new UsernamePasswordAuthenticationToken(
username, oldPassword));
}
else {
logger.debug("No authentication manager set. Password won't be re-checked.");
}
MutableUserDetails user = users.get(username);
if (user == null) {
throw new IllegalStateException("Current user doesn't exist in database.");
}
user.setPassword(newPassword);
}代码示例来源:origin: org.apache.syncope.core/syncope-core-spring
@Override
public void handle(final HttpServletRequest request, final HttpServletResponse response,
final AccessDeniedException accessDeniedException) throws IOException, ServletException {
response.addHeader(RESTHeaders.ERROR_INFO, accessDeniedException.getMessage());
super.handle(request, response, accessDeniedException);
}代码示例来源:origin: geoserver/geoserver
public static RuntimeException unauthorizedAccess() {
// not hide, and not filtering out a list, this
// is an unauthorized direct resource access, complain
Authentication user = user();
if (user == null || user.getAuthorities().size() == 0)
return new InsufficientAuthenticationException(
"Operation unallowed with the current privileges");
else return new AccessDeniedException("Operation unallowed with the current privileges");
}代码示例来源:origin: fuhaiwei/springboot_security_restful_api
@Override
public void handle(HttpServletRequest request, HttpServletResponse response, AccessDeniedException accessDeniedException) throws IOException {
responseText(response, errorMessage(accessDeniedException.getMessage()));
}
}代码示例来源:origin: geoserver/geoserver
public static RuntimeException unauthorizedAccess(String resourceName) {
// not hide, and not filtering out a list, this
// is an unauthorized direct resource access, complain
Authentication user = user();
if (user == null || user.getAuthorities().size() == 0)
return new InsufficientAuthenticationException(
"Cannot access " + resourceName + " as anonymous");
else
return new AccessDeniedException(
"Cannot access " + resourceName + " with the current privileges");
}代码示例来源:origin: synyx/urlaubsverwaltung
@ResponseStatus(HttpStatus.FORBIDDEN)
@ExceptionHandler(AccessDeniedException.class)
public ModelAndView handleException(AccessDeniedException exception) {
LOG.debug("An exception was thrown: " + exception.getClass().getName());
LOG.debug("An error occurred: " + exception.getMessage());
return ExceptionHandlerControllerAdvice.getErrorPage(exception, HttpStatus.FORBIDDEN);
}代码示例来源:origin: spring-projects/spring-security-oauth
/**
* Get the verification key for the token signatures. The principal has to
* be provided only if the key is secret
* (shared not public).
*
* @param principal the currently authenticated user if there is one
* @return the key used to verify tokens
*/
@RequestMapping(value = "/oauth/token_key", method = RequestMethod.GET)
@ResponseBody
public Map<String, String> getKey(Principal principal) {
if ((principal == null || principal instanceof AnonymousAuthenticationToken) && !converter.isPublic()) {
throw new AccessDeniedException("You need to authenticate to see a shared key");
}
Map<String, String> result = converter.getKey();
return result;
}内容来源于网络,如有侵权,请联系作者删除!
