org.acegisecurity.AccessDeniedException类的使用及代码示例

x33g5p2x  于2022-01-17 转载在 其他  
字(10.4k)|赞(0)|评价(0)|浏览(121)

本文整理了Java中org.acegisecurity.AccessDeniedException类的一些代码示例,展示了AccessDeniedException类的具体用法。这些代码示例主要来源于Github/Stackoverflow/Maven等平台,是从一些精选项目中提取出来的代码,具有较强的参考意义,能在一定程度帮忙到你。AccessDeniedException类的具体详情如下:
包路径:org.acegisecurity.AccessDeniedException
类名称:AccessDeniedException

AccessDeniedException介绍

[英]Thrown if an Authentication object does not hold a required authority.
[中]如果身份验证对象不具有所需的权限,则引发。

代码示例

代码示例来源:origin: jenkinsci/jenkins

if (Secret.decrypt(matcher.group(1)) != null) {
      throw new AccessDeniedException(Messages.ItemGroupMixIn_may_not_copy_as_it_contains_secrets_and_(src.getFullName(), Jenkins.getAuthentication().getName(), Item.PERMISSIONS.title, Item.EXTENDED_READ.name, Item.CONFIGURE.name));
Jenkins.getInstance().rebuildDependencyGraphAsync();

代码示例来源:origin: jenkinsci/jenkins

old = sc.getAuthentication();
  CliAuthenticator authenticator = Jenkins.getActiveInstance().getSecurityRealm().createCliAuthenticator(this);
  sc.setAuthentication(getTransportAuthentication());
  new ClassParser().parse(authenticator,p);
    Jenkins.getActiveInstance().checkPermission(Jenkins.READ);
  p.parseArgument(args.toArray(new String[args.size()]));
  auth = authenticator.authenticate();
      getName(), args.size(), auth != null ? auth.getName() : "<unknown>"), e);
  stderr.println("");
  stderr.println("ERROR: " + e.getMessage());
  return 6;
} catch (BadCredentialsException e) {

代码示例来源:origin: jenkinsci/jenkins

/**
 * Runs the validation code.
 */
public final void process() throws IOException, ServletException {
  if(permission!=null)
    try {
      if(subject==null)
        throw new AccessDeniedException("No subject");
      subject.checkPermission(permission);
    } catch (AccessDeniedException e) {
      // if the user has hudson-wide admin permission, all checks are allowed
      // this is to protect Hudson administrator from broken ACL/SecurityRealm implementation/configuration.
      if(!Jenkins.getInstance().hasPermission(Jenkins.ADMINISTER))
        throw e;
    }
  check();
}

代码示例来源:origin: jenkinsci/jenkins

public static void checkPermission(Job<?,?> project, BuildAuthorizationToken token, StaplerRequest req, StaplerResponse rsp) throws IOException {
  if (!Jenkins.getInstance().isUseSecurity())
    return;    // everyone is authorized
  if(token!=null && token.token != null) {
    //check the provided token
    String providedToken = req.getParameter("token");
    if (providedToken != null && providedToken.equals(token.token))
      return;
    if (providedToken != null)
      throw new AccessDeniedException(Messages.BuildAuthorizationToken_InvalidTokenProvided());
  }
  project.checkPermission(Item.BUILD);
  if (req.getMethod().equals("POST")) {
    return;
  }
  if (req.getAttribute(ApiTokenProperty.class.getName()) instanceof User) {
    return;
  }
  rsp.setStatus(HttpServletResponse.SC_METHOD_NOT_ALLOWED);
  rsp.addHeader("Allow", "POST");
  throw HttpResponses.forwardToView(project, "requirePOST.jelly");
}

代码示例来源:origin: org.jenkins-ci.plugins/metrics

public void checkAccessKey(@CheckForNull String accessKey) {
  Set<String> accessKeySet = this.accessKeySet;
  Jenkins jenkins = Jenkins.getInstance();
  if (accessKeySet == null) {
    accessKeySet = new HashSet<String>();
    if (jenkins != null) {
      for (Provider p : jenkins.getExtensionList(Provider.class)) {
        for (MetricsAccessKey k : p.getAccessKeys()) {
          accessKeySet.add(k.getKey());
      for (Provider p : jenkins.getExtensionList(Provider.class)) {
        if (((!(p instanceof AbstractProvider) || ((AbstractProvider) p).isMayHaveOnDemandKeys())
            && p.getAccessKey(accessKey) != null)) {
    throw new AccessDeniedException(Messages.MetricsAccessKey_invalidAccessKey(accessKey));

代码示例来源:origin: org.jenkins-ci.main/jenkins-core

try {
    CliAuthenticator authenticator = Jenkins.getInstance().getSecurityRealm().createCliAuthenticator(this);
    new ClassParser().parse(authenticator, parser);
      auth = loadStoredAuthentication();
    hudson.checkPermission(Jenkins.READ);
} catch (AccessDeniedException e) {
  stderr.println("");
  stderr.println("ERROR: " + e.getMessage());
  return 6;
} catch (BadCredentialsException e) {

代码示例来源:origin: org.jenkins-ci.main/jenkins-core

public static void checkPostBackAccess() throws AccessDeniedException {
  if (!get().isUseBrowser()) {
    throw new AccessDeniedException("browser-based download disabled");
  }
  Jenkins.getInstance().checkPermission(Jenkins.ADMINISTER);
}

代码示例来源:origin: jenkinsci/jenkins

@Override
protected int run() throws Exception {
  if (!Jenkins.getActiveInstance().hasPermission(Jenkins.READ)) {
    throw new AccessDeniedException("You must authenticate to access this Jenkins.\n"
        + CLI.usage());
  }
  if (command != null)
    return showCommandDetails();
  showAllCommands();
  return 0;
}

代码示例来源:origin: jenkinsci/jenkins

/**
 * Checks if the current security principal has the permission to create views within the specified view group.
 * <p>
 * This is just a convenience function.
 *
 * @param c the container of the item.
 * @param d the descriptor of the view to be created.
 * @throws AccessDeniedException if the user doesn't have the permission.
 * @since 1.607
 */
public final void checkCreatePermission(@Nonnull ViewGroup c,
                    @Nonnull ViewDescriptor d) {
  Authentication a = Jenkins.getAuthentication();
  if (a == SYSTEM) {
    return;
  }
  if (!hasCreatePermission(a, c, d)) {
    throw new AccessDeniedException(Messages.AccessDeniedException2_MissingPermission(a.getName(),
        View.CREATE.group.title + "/" + View.CREATE.name + View.CREATE + "/" + d.getDisplayName()));
  }
}

代码示例来源:origin: jenkinsci/jenkins

public static void checkPostBackAccess() throws AccessDeniedException {
  if (!get().isUseBrowser()) {
    throw new AccessDeniedException("browser-based download disabled");
  }
  Jenkins.get().checkPermission(Jenkins.ADMINISTER);
}

代码示例来源:origin: jenkinsci/jenkins

try {
    CliAuthenticator authenticator = Jenkins.get().getSecurityRealm().createCliAuthenticator(this);
    new ClassParser().parse(authenticator, parser);
      auth = loadStoredAuthentication();
    jenkins.checkPermission(Jenkins.READ);
} catch (AccessDeniedException e) {
  stderr.println("");
  stderr.println("ERROR: " + e.getMessage());
  return 6;
} catch (BadCredentialsException e) {

代码示例来源:origin: jenkinsci/jenkins

/**
 * Exposes the current user to {@code /me} URL.
 */
public User getMe() {
  User u = User.current();
  if (u == null)
    throw new AccessDeniedException("/me is not available when not logged in");
  return u;
}

代码示例来源:origin: org.acegisecurity/acegi-security

public void handle(ServletRequest request, ServletResponse response, AccessDeniedException accessDeniedException)
  throws IOException, ServletException {
  if (errorPage != null) {
    // Put exception into request scope (perhaps of use to a view)
    ((HttpServletRequest) request).setAttribute(ACEGI_SECURITY_ACCESS_DENIED_EXCEPTION_KEY,
      accessDeniedException);
    // Perform RequestDispatcher "forward"
    RequestDispatcher rd = request.getRequestDispatcher(errorPage);
    rd.forward(request, response);
  }
  if (!response.isCommitted()) {
    // Send 403 (we do this after response has been written)
    ((HttpServletResponse) response).sendError(HttpServletResponse.SC_FORBIDDEN, accessDeniedException.getMessage());
  }
}

代码示例来源:origin: org.jenkins-ci.main/jenkins-core

/**
 * Runs the validation code.
 */
public final void process() throws IOException, ServletException {
  if(permission!=null)
    try {
      if(subject==null)
        throw new AccessDeniedException("No subject");
      subject.checkPermission(permission);
    } catch (AccessDeniedException e) {
      // if the user has hudson-wide admin permission, all checks are allowed
      // this is to protect Hudson administrator from broken ACL/SecurityRealm implementation/configuration.
      if(!Jenkins.getInstance().hasPermission(Jenkins.ADMINISTER))
        throw e;
    }
  check();
}

代码示例来源:origin: org.jenkins-ci.main/jenkins-core

public static void checkPermission(Job<?,?> project, BuildAuthorizationToken token, StaplerRequest req, StaplerResponse rsp) throws IOException {
  if (!Jenkins.getInstance().isUseSecurity())
    return;    // everyone is authorized
  if(token!=null && token.token != null) {
    //check the provided token
    String providedToken = req.getParameter("token");
    if (providedToken != null && providedToken.equals(token.token))
      return;
    if (providedToken != null)
      throw new AccessDeniedException(Messages.BuildAuthorizationToken_InvalidTokenProvided());
  }
  project.checkPermission(Item.BUILD);
  if (req.getMethod().equals("POST")) {
    return;
  }
  if (req.getAttribute(ApiTokenProperty.class.getName()) instanceof User) {
    return;
  }
  rsp.setStatus(HttpServletResponse.SC_METHOD_NOT_ALLOWED);
  rsp.addHeader("Allow", "POST");
  throw HttpResponses.forwardToView(project, "requirePOST.jelly");
}

代码示例来源:origin: org.jenkins-ci.main/jenkins-core

@Override
protected int run() throws Exception {
  if (!Jenkins.getActiveInstance().hasPermission(Jenkins.READ)) {
    throw new AccessDeniedException("You must authenticate to access this Jenkins.\n"
        + hudson.cli.client.Messages.CLI_Usage());
  }
  if (command != null)
    return showCommandDetails();
  showAllCommands();
  return 0;
}

代码示例来源:origin: jenkinsci/jenkins

/**
 * Checks if the current security principal has the permission to create top level items within the specified
 * item group.
 * <p>
 * This is just a convenience function.
 * @param c the container of the item.
 * @param d the descriptor of the item to be created.
 * @throws AccessDeniedException
 *      if the user doesn't have the permission.
 * @since 1.607
 */
public final void checkCreatePermission(@Nonnull ItemGroup c,
                    @Nonnull TopLevelItemDescriptor d) {
  Authentication a = Jenkins.getAuthentication();
  if (a == SYSTEM) {
    return;
  }
  if (!hasCreatePermission(a, c, d)) {
    throw new AccessDeniedException(Messages.AccessDeniedException2_MissingPermission(a.getName(),
        Item.CREATE.group.title+"/"+Item.CREATE.name + Item.CREATE + "/" + d.getDisplayName()));
  }
}
/**

代码示例来源:origin: jenkinsci/jenkins

/**
 * {@inheritDoc}.
 *
 * Note that the look up is case-insensitive.
 */
@Override public TopLevelItem getItem(String name) throws AccessDeniedException {
  if (name==null)    return null;
  TopLevelItem item = items.get(name);
  if (item==null)
    return null;
  if (!item.hasPermission(Item.READ)) {
    if (item.hasPermission(Item.DISCOVER)) {
      throw new AccessDeniedException("Please login to access job " + name);
    }
    return null;
  }
  return item;
}

代码示例来源:origin: org.jenkins-ci.main/jenkins-core

if (Secret.decrypt(matcher.group(1)) != null) {
      throw new AccessDeniedException(Messages.ItemGroupMixIn_may_not_copy_as_it_contains_secrets_and_(src.getFullName(), Jenkins.getAuthentication().getName(), Item.PERMISSIONS.title, Item.EXTENDED_READ.name, Item.CONFIGURE.name));
Jenkins.getInstance().rebuildDependencyGraphAsync();

代码示例来源:origin: org.jenkins-ci.main/jenkins-core

old = sc.getAuthentication();
  CliAuthenticator authenticator = Jenkins.getActiveInstance().getSecurityRealm().createCliAuthenticator(this);
  sc.setAuthentication(getTransportAuthentication());
  new ClassParser().parse(authenticator,p);
    Jenkins.getActiveInstance().checkPermission(Jenkins.READ);
  return run();
} catch (CmdLineException e) {
} catch (AccessDeniedException e) {
  stderr.println("");
  stderr.println("ERROR: " + e.getMessage());
  return 6;
} catch (BadCredentialsException e) {

内容来源于网络,如有侵权,请联系作者删除!

AccessDeniedException

相关文章

    查看更多
    微信公众号

    热门标签

    更多
    JavaquerypythonNode开发语言requestUtil数据库Table后端算法LoggerMessageElementParser

    最新文章

    更多
    • 蜀ICP备13028337号-1 大数据知识库 https://www.saoniuhuo.com © All rights reserved
    • 本站内容来源互联网,如果侵犯您的权益请联系我们删除, 联系方式:448109455@qq.com