org.springframework.security.access.AccessDeniedException类的使用及代码示例

x33g5p2x  于11个月前 转载在 其他  
字(9.1k)|赞(0)|评价(0)|浏览(53)

本文整理了Java中org.springframework.security.access.AccessDeniedException类的一些代码示例,展示了AccessDeniedException类的具体用法。这些代码示例主要来源于Github/Stackoverflow/Maven等平台,是从一些精选项目中提取出来的代码,具有较强的参考意义,能在一定程度帮忙到你。AccessDeniedException类的具体详情如下:
包路径:org.springframework.security.access.AccessDeniedException
类名称:AccessDeniedException

AccessDeniedException介绍

[英]Thrown if an org.springframework.security.core.Authenticationobject does not hold a required authority.
[中]如果一个组织被抛出。springframework。安全果心Authenticationobject没有所需的权限。

代码示例

代码示例来源:origin: stackoverflow.com

@RequestMapping(value =  "/system/login", method = RequestMethod.GET)
public void login(@RequestBody Login login) {
  if(login.username == "test" && login.password == "test") {
     throw new AllRightException();
  }
  else {
     throw new AccessDeniedException();
  }
}

@ExceptionHandler(AllRightException.class)
@ResponseStatus(HttpStatus.OK)
public void whenAllRight() {

}

@ExceptionHandler(AccessDeniedException.class)
@ResponseStatus(HttpStatus.BAD_REQUEST)
public void whenAccessDenied() {

}

代码示例来源:origin: macrozheng/mall

@Override
  public void handle(HttpServletRequest request, HttpServletResponse response, AccessDeniedException accessDeniedException) throws IOException, ServletException {
    response.setHeader("Content-Type", "application/json;charset=utf-8");
    response.getWriter().print("{\"code\":401,\"message\":\""+"未认证:"+accessDeniedException.getMessage()+"\"}");
    response.getWriter().flush();
  }
}

代码示例来源:origin: synyx/urlaubsverwaltung

@ResponseStatus(HttpStatus.FORBIDDEN)
@ExceptionHandler(AccessDeniedException.class)
@ResponseBody
public ErrorResponse handleException(AccessDeniedException exception) {
  LOG.debug(exception.toString());
  return new ErrorResponse(HttpStatus.FORBIDDEN, exception);
}

代码示例来源:origin: spring-projects/spring-security

public Object decide(Authentication authentication,
            Object object,
            Collection<ConfigAttribute> attributes,
            Object returnedObject) throws AccessDeniedException {
  throw new AccessDeniedException("custom AfterInvocationManager");
}

代码示例来源:origin: macrozheng/mall

@Override
  public void handle(HttpServletRequest request,
            HttpServletResponse response,
            AccessDeniedException e) throws IOException, ServletException {
    response.setCharacterEncoding("UTF-8");
    response.setContentType("application/json");
    response.getWriter().println(JsonUtil.objectToJson(new CommonResult().forbidden(e.getMessage())));
    response.getWriter().flush();
  }
}

代码示例来源:origin: spring-projects/spring-security

public void decide(Authentication authentication, Object object, Collection<ConfigAttribute> configAttributes) {
  throw new AccessDeniedException("Always Denied");
}
public boolean supports(ConfigAttribute attribute) {

代码示例来源:origin: org.springframework.boot/spring-boot-actuator

private void onAuthorizationFailureEvent(AuthorizationFailureEvent event) {
  Map<String, Object> data = new HashMap<>();
  data.put("type", event.getAccessDeniedException().getClass().getName());
  data.put("message", event.getAccessDeniedException().getMessage());
  if (event.getAuthentication().getDetails() != null) {
    data.put("details", event.getAuthentication().getDetails());
  }
  publish(new AuditEvent(event.getAuthentication().getName(), AUTHORIZATION_FAILURE,
      data));
}

代码示例来源:origin: spring-projects/spring-security

@Override
public void decide(Authentication authentication, Object object, Collection<ConfigAttribute> configAttributes) throws AccessDeniedException, InsufficientAuthenticationException {
  throw new AccessDeniedException("teapot");
}

代码示例来源:origin: stormpath/stormpath-sdk-java

@ExceptionHandler(AccessDeniedException.class)
  @ResponseStatus(HttpStatus.UNAUTHORIZED)
  @ResponseBody
  public Error processAccessDeniedException(AccessDeniedException e) {
    return new Error(ErrorConstants.ERR_ACCESS_DENIED, e.getMessage());
  }
}

代码示例来源:origin: spring-projects/spring-security-oauth

@ExceptionHandler(HttpSessionRequiredException.class)
public ModelAndView handleHttpSessionRequiredException(HttpSessionRequiredException e, ServletWebRequest webRequest)
    throws Exception {
  logger.info("Handling Session required error: " + e.getMessage());
  return handleException(new AccessDeniedException("Could not obtain authorization request from session", e),
      webRequest);
}

代码示例来源:origin: devicehive/devicehive-java-server

@Override
public Response toResponse(AccessDeniedException exception) {
  return Response.status(Response.Status.FORBIDDEN)
      .type(MediaType.APPLICATION_JSON_TYPE)
      .entity(new ErrorResponse(Response.Status.FORBIDDEN.getStatusCode(), exception.getMessage()))
      .build();
}

代码示例来源:origin: 527515025/springBoot

@Override
public void decide(Authentication authentication, Object object, Collection<ConfigAttribute> configAttributes) throws AccessDeniedException, InsufficientAuthenticationException {
  if(null== configAttributes || configAttributes.size() <=0) {
    return;
  }
  ConfigAttribute c;
  String needRole;
  for(Iterator<ConfigAttribute> iter = configAttributes.iterator(); iter.hasNext(); ) {
    c = iter.next();
    needRole = c.getAttribute();
    for(GrantedAuthority ga : authentication.getAuthorities()) {
      if(needRole.trim().equals(ga.getAuthority())) {
        return;
      }
    }
  }
  throw new AccessDeniedException("no right");
}

代码示例来源:origin: com.stormpath.spring/stormpath-spring-security-webmvc

@ExceptionHandler(AccessDeniedException.class)
  @ResponseStatus(HttpStatus.UNAUTHORIZED)
  @ResponseBody
  public Error processAccessDeniedException(AccessDeniedException e) {
    return new Error(ErrorConstants.ERR_ACCESS_DENIED, e.getMessage());
  }
}

代码示例来源:origin: spring-projects/spring-security

public void changePassword(String oldPassword, String newPassword) {
  Authentication currentUser = SecurityContextHolder.getContext()
      .getAuthentication();
  if (currentUser == null) {
    // This would indicate bad coding somewhere
    throw new AccessDeniedException(
        "Can't change password as no Authentication object found in context "
            + "for current user.");
  }
  String username = currentUser.getName();
  logger.debug("Changing password for user '" + username + "'");
  // If an authentication manager has been set, re-authenticate the user with the
  // supplied password.
  if (authenticationManager != null) {
    logger.debug("Reauthenticating user '" + username
        + "' for password change request.");
    authenticationManager.authenticate(new UsernamePasswordAuthenticationToken(
        username, oldPassword));
  }
  else {
    logger.debug("No authentication manager set. Password won't be re-checked.");
  }
  MutableUserDetails user = users.get(username);
  if (user == null) {
    throw new IllegalStateException("Current user doesn't exist in database.");
  }
  user.setPassword(newPassword);
}

代码示例来源:origin: org.apache.syncope.core/syncope-core-spring

@Override
public void handle(final HttpServletRequest request, final HttpServletResponse response,
    final AccessDeniedException accessDeniedException) throws IOException, ServletException {
  response.addHeader(RESTHeaders.ERROR_INFO, accessDeniedException.getMessage());
  super.handle(request, response, accessDeniedException);
}

代码示例来源:origin: geoserver/geoserver

public static RuntimeException unauthorizedAccess() {
  // not hide, and not filtering out a list, this
  // is an unauthorized direct resource access, complain
  Authentication user = user();
  if (user == null || user.getAuthorities().size() == 0)
    return new InsufficientAuthenticationException(
        "Operation unallowed with the current privileges");
  else return new AccessDeniedException("Operation unallowed with the current privileges");
}

代码示例来源:origin: fuhaiwei/springboot_security_restful_api

@Override
  public void handle(HttpServletRequest request, HttpServletResponse response, AccessDeniedException accessDeniedException) throws IOException {
    responseText(response, errorMessage(accessDeniedException.getMessage()));
  }
}

代码示例来源:origin: geoserver/geoserver

public static RuntimeException unauthorizedAccess(String resourceName) {
  // not hide, and not filtering out a list, this
  // is an unauthorized direct resource access, complain
  Authentication user = user();
  if (user == null || user.getAuthorities().size() == 0)
    return new InsufficientAuthenticationException(
        "Cannot access " + resourceName + " as anonymous");
  else
    return new AccessDeniedException(
        "Cannot access " + resourceName + " with the current privileges");
}

代码示例来源:origin: synyx/urlaubsverwaltung

@ResponseStatus(HttpStatus.FORBIDDEN)
@ExceptionHandler(AccessDeniedException.class)
public ModelAndView handleException(AccessDeniedException exception) {
  LOG.debug("An exception was thrown: " + exception.getClass().getName());
  LOG.debug("An error occurred: " + exception.getMessage());
  return ExceptionHandlerControllerAdvice.getErrorPage(exception, HttpStatus.FORBIDDEN);
}

代码示例来源:origin: spring-projects/spring-security-oauth

/**
 * Get the verification key for the token signatures. The principal has to
 * be provided only if the key is secret
 * (shared not public).
 * 
 * @param principal the currently authenticated user if there is one
 * @return the key used to verify tokens
 */
@RequestMapping(value = "/oauth/token_key", method = RequestMethod.GET)
@ResponseBody
public Map<String, String> getKey(Principal principal) {
  if ((principal == null || principal instanceof AnonymousAuthenticationToken) && !converter.isPublic()) {
    throw new AccessDeniedException("You need to authenticate to see a shared key");
  }
  Map<String, String> result = converter.getKey();
  return result;
}

相关文章

最新文章

更多