本文整理了Java中org.acegisecurity.AccessDeniedException
类的一些代码示例,展示了AccessDeniedException
类的具体用法。这些代码示例主要来源于Github
/Stackoverflow
/Maven
等平台,是从一些精选项目中提取出来的代码,具有较强的参考意义,能在一定程度帮忙到你。AccessDeniedException
类的具体详情如下:
包路径:org.acegisecurity.AccessDeniedException
类名称:AccessDeniedException
[英]Thrown if an Authentication object does not hold a required authority.
[中]如果身份验证对象不具有所需的权限,则引发。
代码示例来源:origin: jenkinsci/jenkins
if (Secret.decrypt(matcher.group(1)) != null) {
throw new AccessDeniedException(Messages.ItemGroupMixIn_may_not_copy_as_it_contains_secrets_and_(src.getFullName(), Jenkins.getAuthentication().getName(), Item.PERMISSIONS.title, Item.EXTENDED_READ.name, Item.CONFIGURE.name));
Jenkins.getInstance().rebuildDependencyGraphAsync();
代码示例来源:origin: jenkinsci/jenkins
old = sc.getAuthentication();
CliAuthenticator authenticator = Jenkins.getActiveInstance().getSecurityRealm().createCliAuthenticator(this);
sc.setAuthentication(getTransportAuthentication());
new ClassParser().parse(authenticator,p);
Jenkins.getActiveInstance().checkPermission(Jenkins.READ);
p.parseArgument(args.toArray(new String[args.size()]));
auth = authenticator.authenticate();
getName(), args.size(), auth != null ? auth.getName() : "<unknown>"), e);
stderr.println("");
stderr.println("ERROR: " + e.getMessage());
return 6;
} catch (BadCredentialsException e) {
代码示例来源:origin: jenkinsci/jenkins
/**
* Runs the validation code.
*/
public final void process() throws IOException, ServletException {
if(permission!=null)
try {
if(subject==null)
throw new AccessDeniedException("No subject");
subject.checkPermission(permission);
} catch (AccessDeniedException e) {
// if the user has hudson-wide admin permission, all checks are allowed
// this is to protect Hudson administrator from broken ACL/SecurityRealm implementation/configuration.
if(!Jenkins.getInstance().hasPermission(Jenkins.ADMINISTER))
throw e;
}
check();
}
代码示例来源:origin: jenkinsci/jenkins
public static void checkPermission(Job<?,?> project, BuildAuthorizationToken token, StaplerRequest req, StaplerResponse rsp) throws IOException {
if (!Jenkins.getInstance().isUseSecurity())
return; // everyone is authorized
if(token!=null && token.token != null) {
//check the provided token
String providedToken = req.getParameter("token");
if (providedToken != null && providedToken.equals(token.token))
return;
if (providedToken != null)
throw new AccessDeniedException(Messages.BuildAuthorizationToken_InvalidTokenProvided());
}
project.checkPermission(Item.BUILD);
if (req.getMethod().equals("POST")) {
return;
}
if (req.getAttribute(ApiTokenProperty.class.getName()) instanceof User) {
return;
}
rsp.setStatus(HttpServletResponse.SC_METHOD_NOT_ALLOWED);
rsp.addHeader("Allow", "POST");
throw HttpResponses.forwardToView(project, "requirePOST.jelly");
}
代码示例来源:origin: org.jenkins-ci.plugins/metrics
public void checkAccessKey(@CheckForNull String accessKey) {
Set<String> accessKeySet = this.accessKeySet;
Jenkins jenkins = Jenkins.getInstance();
if (accessKeySet == null) {
accessKeySet = new HashSet<String>();
if (jenkins != null) {
for (Provider p : jenkins.getExtensionList(Provider.class)) {
for (MetricsAccessKey k : p.getAccessKeys()) {
accessKeySet.add(k.getKey());
for (Provider p : jenkins.getExtensionList(Provider.class)) {
if (((!(p instanceof AbstractProvider) || ((AbstractProvider) p).isMayHaveOnDemandKeys())
&& p.getAccessKey(accessKey) != null)) {
throw new AccessDeniedException(Messages.MetricsAccessKey_invalidAccessKey(accessKey));
代码示例来源:origin: org.jenkins-ci.main/jenkins-core
try {
CliAuthenticator authenticator = Jenkins.getInstance().getSecurityRealm().createCliAuthenticator(this);
new ClassParser().parse(authenticator, parser);
auth = loadStoredAuthentication();
hudson.checkPermission(Jenkins.READ);
} catch (AccessDeniedException e) {
stderr.println("");
stderr.println("ERROR: " + e.getMessage());
return 6;
} catch (BadCredentialsException e) {
代码示例来源:origin: org.jenkins-ci.main/jenkins-core
public static void checkPostBackAccess() throws AccessDeniedException {
if (!get().isUseBrowser()) {
throw new AccessDeniedException("browser-based download disabled");
}
Jenkins.getInstance().checkPermission(Jenkins.ADMINISTER);
}
代码示例来源:origin: jenkinsci/jenkins
@Override
protected int run() throws Exception {
if (!Jenkins.getActiveInstance().hasPermission(Jenkins.READ)) {
throw new AccessDeniedException("You must authenticate to access this Jenkins.\n"
+ CLI.usage());
}
if (command != null)
return showCommandDetails();
showAllCommands();
return 0;
}
代码示例来源:origin: jenkinsci/jenkins
/**
* Checks if the current security principal has the permission to create views within the specified view group.
* <p>
* This is just a convenience function.
*
* @param c the container of the item.
* @param d the descriptor of the view to be created.
* @throws AccessDeniedException if the user doesn't have the permission.
* @since 1.607
*/
public final void checkCreatePermission(@Nonnull ViewGroup c,
@Nonnull ViewDescriptor d) {
Authentication a = Jenkins.getAuthentication();
if (a == SYSTEM) {
return;
}
if (!hasCreatePermission(a, c, d)) {
throw new AccessDeniedException(Messages.AccessDeniedException2_MissingPermission(a.getName(),
View.CREATE.group.title + "/" + View.CREATE.name + View.CREATE + "/" + d.getDisplayName()));
}
}
代码示例来源:origin: jenkinsci/jenkins
public static void checkPostBackAccess() throws AccessDeniedException {
if (!get().isUseBrowser()) {
throw new AccessDeniedException("browser-based download disabled");
}
Jenkins.get().checkPermission(Jenkins.ADMINISTER);
}
代码示例来源:origin: jenkinsci/jenkins
try {
CliAuthenticator authenticator = Jenkins.get().getSecurityRealm().createCliAuthenticator(this);
new ClassParser().parse(authenticator, parser);
auth = loadStoredAuthentication();
jenkins.checkPermission(Jenkins.READ);
} catch (AccessDeniedException e) {
stderr.println("");
stderr.println("ERROR: " + e.getMessage());
return 6;
} catch (BadCredentialsException e) {
代码示例来源:origin: jenkinsci/jenkins
/**
* Exposes the current user to {@code /me} URL.
*/
public User getMe() {
User u = User.current();
if (u == null)
throw new AccessDeniedException("/me is not available when not logged in");
return u;
}
代码示例来源:origin: org.acegisecurity/acegi-security
public void handle(ServletRequest request, ServletResponse response, AccessDeniedException accessDeniedException)
throws IOException, ServletException {
if (errorPage != null) {
// Put exception into request scope (perhaps of use to a view)
((HttpServletRequest) request).setAttribute(ACEGI_SECURITY_ACCESS_DENIED_EXCEPTION_KEY,
accessDeniedException);
// Perform RequestDispatcher "forward"
RequestDispatcher rd = request.getRequestDispatcher(errorPage);
rd.forward(request, response);
}
if (!response.isCommitted()) {
// Send 403 (we do this after response has been written)
((HttpServletResponse) response).sendError(HttpServletResponse.SC_FORBIDDEN, accessDeniedException.getMessage());
}
}
代码示例来源:origin: org.jenkins-ci.main/jenkins-core
/**
* Runs the validation code.
*/
public final void process() throws IOException, ServletException {
if(permission!=null)
try {
if(subject==null)
throw new AccessDeniedException("No subject");
subject.checkPermission(permission);
} catch (AccessDeniedException e) {
// if the user has hudson-wide admin permission, all checks are allowed
// this is to protect Hudson administrator from broken ACL/SecurityRealm implementation/configuration.
if(!Jenkins.getInstance().hasPermission(Jenkins.ADMINISTER))
throw e;
}
check();
}
代码示例来源:origin: org.jenkins-ci.main/jenkins-core
public static void checkPermission(Job<?,?> project, BuildAuthorizationToken token, StaplerRequest req, StaplerResponse rsp) throws IOException {
if (!Jenkins.getInstance().isUseSecurity())
return; // everyone is authorized
if(token!=null && token.token != null) {
//check the provided token
String providedToken = req.getParameter("token");
if (providedToken != null && providedToken.equals(token.token))
return;
if (providedToken != null)
throw new AccessDeniedException(Messages.BuildAuthorizationToken_InvalidTokenProvided());
}
project.checkPermission(Item.BUILD);
if (req.getMethod().equals("POST")) {
return;
}
if (req.getAttribute(ApiTokenProperty.class.getName()) instanceof User) {
return;
}
rsp.setStatus(HttpServletResponse.SC_METHOD_NOT_ALLOWED);
rsp.addHeader("Allow", "POST");
throw HttpResponses.forwardToView(project, "requirePOST.jelly");
}
代码示例来源:origin: org.jenkins-ci.main/jenkins-core
@Override
protected int run() throws Exception {
if (!Jenkins.getActiveInstance().hasPermission(Jenkins.READ)) {
throw new AccessDeniedException("You must authenticate to access this Jenkins.\n"
+ hudson.cli.client.Messages.CLI_Usage());
}
if (command != null)
return showCommandDetails();
showAllCommands();
return 0;
}
代码示例来源:origin: jenkinsci/jenkins
/**
* Checks if the current security principal has the permission to create top level items within the specified
* item group.
* <p>
* This is just a convenience function.
* @param c the container of the item.
* @param d the descriptor of the item to be created.
* @throws AccessDeniedException
* if the user doesn't have the permission.
* @since 1.607
*/
public final void checkCreatePermission(@Nonnull ItemGroup c,
@Nonnull TopLevelItemDescriptor d) {
Authentication a = Jenkins.getAuthentication();
if (a == SYSTEM) {
return;
}
if (!hasCreatePermission(a, c, d)) {
throw new AccessDeniedException(Messages.AccessDeniedException2_MissingPermission(a.getName(),
Item.CREATE.group.title+"/"+Item.CREATE.name + Item.CREATE + "/" + d.getDisplayName()));
}
}
/**
代码示例来源:origin: jenkinsci/jenkins
/**
* {@inheritDoc}.
*
* Note that the look up is case-insensitive.
*/
@Override public TopLevelItem getItem(String name) throws AccessDeniedException {
if (name==null) return null;
TopLevelItem item = items.get(name);
if (item==null)
return null;
if (!item.hasPermission(Item.READ)) {
if (item.hasPermission(Item.DISCOVER)) {
throw new AccessDeniedException("Please login to access job " + name);
}
return null;
}
return item;
}
代码示例来源:origin: org.jenkins-ci.main/jenkins-core
if (Secret.decrypt(matcher.group(1)) != null) {
throw new AccessDeniedException(Messages.ItemGroupMixIn_may_not_copy_as_it_contains_secrets_and_(src.getFullName(), Jenkins.getAuthentication().getName(), Item.PERMISSIONS.title, Item.EXTENDED_READ.name, Item.CONFIGURE.name));
Jenkins.getInstance().rebuildDependencyGraphAsync();
代码示例来源:origin: org.jenkins-ci.main/jenkins-core
old = sc.getAuthentication();
CliAuthenticator authenticator = Jenkins.getActiveInstance().getSecurityRealm().createCliAuthenticator(this);
sc.setAuthentication(getTransportAuthentication());
new ClassParser().parse(authenticator,p);
Jenkins.getActiveInstance().checkPermission(Jenkins.READ);
return run();
} catch (CmdLineException e) {
} catch (AccessDeniedException e) {
stderr.println("");
stderr.println("ERROR: " + e.getMessage());
return 6;
} catch (BadCredentialsException e) {
内容来源于网络,如有侵权,请联系作者删除!