本文整理汇总了Java中org.springframework.security.access.AccessDeniedException类的典型用法代码示例。如果您正苦于以下问题:Java AccessDeniedException类的具体用法?Java AccessDeniedException怎么用?Java AccessDeniedException使用的例子?那么, 这里精选的类代码示例或许可以为您提供帮助。
AccessDeniedException类属于org.springframework.security.access包,在下文中一共展示了AccessDeniedException类的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。
示例1: handle
import org.springframework.security.access.AccessDeniedException; //导入依赖的package包/类
@Override
public void handle(HttpServletRequest httpServletRequest,
HttpServletResponse httpServletResponse,
AccessDeniedException e) throws IOException {
Authentication auth = SecurityContextHolder.getContext().getAuthentication();
// Log access attempts
if (auth != null) {
logger.info("User '" + auth.getName() + "' attempted to access the protected URL: "
+ httpServletRequest.getRequestURI());
}
// Direct user to access denied page
httpServletResponse.sendRedirect(httpServletRequest.getContextPath() + "/403");
}
示例2: decide
import org.springframework.security.access.AccessDeniedException; //导入依赖的package包/类
@Override
public void decide(Authentication authentication, Object object, Collection<ConfigAttribute> configAttributes) throws AccessDeniedException, InsufficientAuthenticationException {
if(null== configAttributes || configAttributes.size() <=0) {
return;
}
ConfigAttribute c;
String needRole;
for(Iterator<ConfigAttribute> iter = configAttributes.iterator(); iter.hasNext(); ) {
c = iter.next();
needRole = c.getAttribute();
for(GrantedAuthority ga : authentication.getAuthorities()) {
if(needRole.trim().equals(ga.getAuthority())) {
return;
}
}
}
throw new AccessDeniedException("no right");
}
示例3: handle
import org.springframework.security.access.AccessDeniedException; //导入依赖的package包/类
public void handle(Exception exception, HttpServletResponse response) {
log.debug("Processing exception {}", exception.getMessage(), exception);
if (!response.isCommitted()) {
try {
response.setContentType(MediaType.APPLICATION_JSON_VALUE);
if (exception instanceof IoTPException) {
handleThingsboardException((IoTPException) exception, response);
} else if (exception instanceof AccessDeniedException) {
handleAccessDeniedException(response);
} else if (exception instanceof AuthenticationException) {
handleAuthenticationException((AuthenticationException) exception, response);
} else {
response.setStatus(HttpStatus.INTERNAL_SERVER_ERROR.value());
mapper.writeValue(response.getWriter(), IoTPErrorResponse.of(exception.getMessage(),
IoTPErrorCode.GENERAL, HttpStatus.INTERNAL_SERVER_ERROR));
}
} catch (IOException e) {
log.error("Can't handle exception", e);
}
}
}
示例4: handle
import org.springframework.security.access.AccessDeniedException; //导入依赖的package包/类
@Override
public void handle(HttpServletRequest request,
HttpServletResponse response,
AccessDeniedException accessDeniedException) throws IOException, ServletException {
logger.error(accessDeniedException, accessDeniedException);
if (!response.isCommitted()) {
String accept = request.getHeader("Accept");
if (accept != null && accept.contains("application/json")) {
logger.warn("The ajax request access is denied.");
response.setStatus(HttpServletResponse.SC_FORBIDDEN);
response.flushBuffer();
}
else {
super.handle(request, response, accessDeniedException);
}
}
}
示例5: configure
import org.springframework.security.access.AccessDeniedException; //导入依赖的package包/类
@Override
protected void configure(HttpSecurity http) throws Exception {
http.exceptionHandling().accessDeniedHandler(new AccessDeniedHandler() {
@Override
public void handle(HttpServletRequest request, HttpServletResponse response, AccessDeniedException accessDeniedException) throws IOException, ServletException {
accessDeniedException.printStackTrace();
}
})
.and()
.authorizeRequests()
.antMatchers("/registration").permitAll()
.anyRequest().authenticated()
.and()
.httpBasic()
.and()
.csrf().disable()
;
}
示例6: handle
import org.springframework.security.access.AccessDeniedException; //导入依赖的package包/类
@Override
public void handle(HttpServletRequest httpServletRequest,
HttpServletResponse httpServletResponse,
AccessDeniedException e) throws IOException, ServletException {
Authentication auth
= SecurityContextHolder.getContext().getAuthentication();
if (auth != null) {
logger.info("User '" + auth.getName()
+ "' attempted to access the protected URL: "
+ httpServletRequest.getRequestURI());
}
httpServletResponse.sendRedirect(httpServletRequest.getContextPath() + "/403");
}
示例7: decide
import org.springframework.security.access.AccessDeniedException; //导入依赖的package包/类
@Override
public void decide(Authentication authentication, Object o, Collection<ConfigAttribute> collection)
throws AccessDeniedException, InsufficientAuthenticationException {
if (collection == null) {
return;
}
String needRole;
//遍历需要的角色,如果一样,则通过
CustomerUserDetail userDetail = (CustomerUserDetail) authentication.getPrincipal();
List<Role> userRoleList = securityService.getUserRoleList(userDetail.getUsername(), userDetail.getAccountType());
for (ConfigAttribute configAttribute : collection) {
needRole = configAttribute.getAttribute();
for (Role role : userRoleList) {
if (needRole.equals(role.getRoleCode())) {
return;
}
}
}
throw new AccessDeniedException("Cannot Access!");
}
示例8: createCondition
import org.springframework.security.access.AccessDeniedException; //导入依赖的package包/类
/**
* Create condition with replaced subject variables.
*
* <p>SpEL condition translated to SQL condition with replacing #returnObject to returnObject
* and enriching #subject.* from Subject object (see {@link Subject}).
*
* <p>As an option, SpEL could be translated to SQL
* via {@link SpelExpression} method {@code getAST()}
* with traversing through {@link SpelNode} nodes and building SQL expression.
*
* @param authentication the authentication
* @param privilegeKey the privilege key
* @param translator the spel translator
* @return condition if permitted, or null
*/
public String createCondition(Authentication authentication, Object privilegeKey, SpelTranslator translator) {
if (!hasPermission(authentication, privilegeKey)) {
throw new AccessDeniedException("Access is denied");
}
String roleKey = getRoleKey(authentication);
Permission permission = getPermission(roleKey, privilegeKey);
Subject subject = getSubject(roleKey);
if (!RoleConstant.SUPER_ADMIN.equals(roleKey)
&& permission != null && permission.getResourceCondition() != null) {
return translator.translate(permission.getResourceCondition().getExpressionString(), subject);
}
return null;
}
示例9: checkRole
import org.springframework.security.access.AccessDeniedException; //导入依赖的package包/类
private boolean checkRole(Authentication authentication, Object privilege, boolean logPermission) {
String roleKey = getRoleKey(authentication);
if (RoleConstant.SUPER_ADMIN.equals(roleKey)) {
log(logPermission, Level.INFO,
"access granted: privilege={}, role=SUPER-ADMIN, userKey={}",
privilege, getUserKey());
return true;
}
if (!roleService.getRoles(TenantContextUtils.getRequiredTenantKeyValue(tenantContextHolder.getContext()))
.containsKey(roleKey)) {
log(logPermission, Level.ERROR,
"access denied: privilege={}, role={}, userKey={} due to role is missing",
privilege, roleKey, getUserKey());
throw new AccessDeniedException("Access is denied");
}
return false;
}
示例10: processAccessDeniedException
import org.springframework.security.access.AccessDeniedException; //导入依赖的package包/类
@ExceptionHandler(AccessDeniedException.class)
@ResponseStatus(HttpStatus.FORBIDDEN)
@ResponseBody
public ErrorVM processAccessDeniedException(AccessDeniedException e) {
log.debug("Access denied", e);
return new ErrorVM(ErrorConstants.ERR_ACCESS_DENIED, translate(ErrorConstants.ERR_ACCESS_DENIED));
}
示例11: handleAccessDeniedException
import org.springframework.security.access.AccessDeniedException; //导入依赖的package包/类
@ExceptionHandler({ AccessDeniedException.class })
public ResponseEntity<Object> handleAccessDeniedException(final Exception ex, final HttpHeaders headers, final WebRequest request) {
logger.info(ex.getClass().getName());
logger.error("error", ex);
//
final AitException AitException = new AitException(HttpStatus.UNAUTHORIZED, "Acceso no permitido", "Su perfil no cuenta con los permisos necesarios para acceder al servicio solicitado");
return handleExceptionInternal(ex, AitException, headers, AitException.getStatus(), request);
}
示例12: checkPermissionAnyAuthority
import org.springframework.security.access.AccessDeniedException; //导入依赖的package包/类
@Override
public void checkPermissionAnyAuthority(UserContext user, Object targetObject, Right right, Qualifiable... filter) throws AccessDeniedException {
if (user == null)
throw new AccessDeniedException(MSG.noAuthentication(right == null ? "NULL" : right.toString()));
AccessDeniedException ret = null;
authorities: for (UserAuthority authority: user.getAuthorities()) {
for (Qualifiable q: filter)
if (!authority.hasQualifier(q)) continue authorities;
try {
checkPermission(new UserContextWrapper(user, authority), targetObject, right);
return;
} catch (AccessDeniedException e) {
if (ret == null) ret = e;
}
}
throw (ret != null ? ret : new AccessDeniedException(MSG.noMatchingAuthority(right.toString())));
}
示例13: deleteBranch
import org.springframework.security.access.AccessDeniedException; //导入依赖的package包/类
@RequestMapping(value = "/apps/{appId}/envs/{env}/clusters/{clusterName}/namespaces/{namespaceName}/branches/{branchName}", method = RequestMethod.DELETE)
public void deleteBranch(@PathVariable String appId,
@PathVariable String env,
@PathVariable String clusterName,
@PathVariable String namespaceName,
@PathVariable String branchName) {
boolean canDelete = permissionValidator.hasReleaseNamespacePermission(appId, namespaceName) ||
(permissionValidator.hasModifyNamespacePermission(appId, namespaceName) &&
releaseService.loadLatestRelease(appId, Env.valueOf(env), branchName, namespaceName) == null);
if (!canDelete) {
throw new AccessDeniedException("Forbidden operation. "
+ "Caused by: 1.you don't have release permission "
+ "or 2. you don't have modification permission "
+ "or 3. you have modification permission but branch has been released");
}
namespaceBranchService.deleteBranch(appId, Env.valueOf(env), clusterName, namespaceName, branchName);
}
示例14: checkError
import org.springframework.security.access.AccessDeniedException; //导入依赖的package包/类
protected void checkError(HttpServletRequest request, HttpServletResponse response, Throwable t) throws IOException {
if (t instanceof NoSuchBeanDefinitionException) {
sLog.info("Service " + getReference(request) + " not known.");
sendError(request, response, HttpServletResponse.SC_BAD_REQUEST, t);
} else if (t instanceof IllegalArgumentException) {
sLog.info(t.getMessage());
sendError(request, response, HttpServletResponse.SC_BAD_REQUEST, t);
} else if (t instanceof PageAccessException || t instanceof AccessDeniedException) {
sLog.info(t.getMessage());
if (!getSessionContext().isAuthenticated() || getSessionContext().getUser() instanceof AnonymousUserContext) {
response.setHeader("WWW-Authenticate", "Basic");
sendError(request, response, HttpServletResponse.SC_UNAUTHORIZED, t);
} else {
sendError(request, response, HttpServletResponse.SC_FORBIDDEN, t);
}
} else {
sLog.warn(t.getMessage(), t);
sendError(request, response, HttpServletResponse.SC_INTERNAL_SERVER_ERROR, t);
}
}
示例15: decide
import org.springframework.security.access.AccessDeniedException; //导入依赖的package包/类
@Override
public void decide(Authentication authentication, Object object, Collection<ConfigAttribute> configAttributes) throws AccessDeniedException, InsufficientAuthenticationException {
if (configAttributes == null) {
return;
}
for (ConfigAttribute ca : configAttributes) {
String needRole = ca.getAttribute();
//ga 为用户所被赋予的权限。 needRole 为访问相应的资源应该具有的权限。
for (GrantedAuthority ga : authentication.getAuthorities()) {
if (needRole.trim().equals(ga.getAuthority().trim())) {
return;
}
}
}
throw new AccessDeniedException("没有权限进行操作!");
}