Java Code Examples for org.springframework.security.access.AccessDeniedException#getMessage()

The following examples show how to use org.springframework.security.access.AccessDeniedException#getMessage() . You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
Source File: DavAccessDeniedHandler.java    From cosmo with Apache License 2.0 6 votes vote down vote up 
public void handle(ServletRequest request, ServletResponse response, AccessDeniedException exception)
        throws IOException, ServletException {

    if (!(response instanceof HttpServletResponse)) {
        throw new IllegalStateException("Expected response of type: [" + HttpServletResponse.class.getName()
                + "], received :[" + response.getClass().getName() + "]");
    }

    StandardDavResponse sdr = new StandardDavResponse((HttpServletResponse) response);
    NeedsPrivilegesException toSend = null;
    if (exception instanceof DavAccessDeniedException) {
        DavAccessDeniedException e = (DavAccessDeniedException) exception;
        toSend = new NeedsPrivilegesException(e.getHref(), e.getPrivilege());
    } else {
        toSend = new NeedsPrivilegesException(exception.getMessage());
    }
    sdr.sendDavError(toSend);
}
Example 2
Source File: GlobalExceptionHandler.java    From Spring-Boot-Book with Apache License 2.0 5 votes vote down vote up 
/**
 * 403 - FORBIDDEN
 */
@ResponseStatus(HttpStatus.FORBIDDEN)
@ExceptionHandler(AccessDeniedException.class)
public String handleAccessException(AccessDeniedException e, Model model) {
    logger.error("禁止访问", e);
    String message = "【禁止访问】" + e.getMessage();
    model.addAttribute("message", message);
    model.addAttribute("code", 403);
    return viewName;
}
Example 3
Source File: AccessDeniedExceptionHandler.java    From secure-data-service with Apache License 2.0 5 votes vote down vote up 
@Override
public Response toResponse(AccessDeniedException e) {

    //There are a few jax-rs resources that generate HTML content, and we want the
    //default web-container error handler pages to get used in those cases.
    if (headers.getAcceptableMediaTypes().contains(MediaType.TEXT_HTML_TYPE)) {
        try {
            response.sendError(403, e.getMessage());
            return null;    //the error page handles the response, so no need to return a response
        } catch (IOException ex) {
            LOG.error("Error displaying error page", ex);
        }
    }

    Response.Status errorStatus = Response.Status.FORBIDDEN;
    SLIPrincipal principal = null ;
    String message = e.getMessage();
    if (SecurityContextHolder.getContext().getAuthentication() != null) {
        principal = (SLIPrincipal)SecurityContextHolder.getContext().getAuthentication().getPrincipal();
        LOG.warn("Access has been denied to user: {}",principal );
    } else {
        LOG.warn("Access has been denied to user for being incorrectly associated");
    }
    LOG.warn("Cause: {}", e.getMessage());

    MediaType errorType = MediaType.APPLICATION_JSON_TYPE;
    if(this.headers.getMediaType() == MediaType.APPLICATION_XML_TYPE) {
        errorType = MediaType.APPLICATION_XML_TYPE;
    }
    
    return Response.status(errorStatus).entity(new ErrorResponse(errorStatus.getStatusCode(), errorStatus.getReasonPhrase(), "Access DENIED: " + e.getMessage())).type(errorType).build();
}
Example 4
Source File: AjaxSupportedAccessDeniedHandler.java    From onetwo with Apache License 2.0 5 votes vote down vote up 
final protected String getErrorMessage(AccessDeniedException accessDeniedException){
	String errorMsg = accessDeniedException.getMessage();
	if(securityExceptionMessager!=null){
		errorMsg = securityExceptionMessager.findMessageByThrowable(accessDeniedException);
	}
	return errorMsg;
}
Example 5
Source File: ExceptionTranslator.java    From tutorials with MIT License 4 votes vote down vote up 
@ExceptionHandler(AccessDeniedException.class)
@ResponseStatus(HttpStatus.FORBIDDEN)
@ResponseBody
public ErrorVM processAccessDeniedException(AccessDeniedException e) {
    return new ErrorVM(ErrorConstants.ERR_ACCESS_DENIED, e.getMessage());
}
Example 6
Source File: ExceptionTranslator.java    From expper with GNU General Public License v3.0 4 votes vote down vote up 
@ExceptionHandler(AccessDeniedException.class)
@ResponseStatus(HttpStatus.FORBIDDEN)
@ResponseBody
public ErrorDTO processAccessDeniedExcpetion(AccessDeniedException e) {
    return new ErrorDTO(ErrorConstants.ERR_ACCESS_DENIED, e.getMessage());
}
Example 7
Source File: ExceptionTranslator.java    From ServiceCutter with Apache License 2.0 4 votes vote down vote up 
@ExceptionHandler(AccessDeniedException.class)
@ResponseStatus(HttpStatus.FORBIDDEN)
@ResponseBody
public ErrorDTO processAccessDeniedExcpetion(AccessDeniedException e) {
    return new ErrorDTO(ErrorConstants.ERR_ACCESS_DENIED, e.getMessage());
}
Example 8
Source File: CsvBulkImportServiceImpl.java    From yes-cart with Apache License 2.0 4 votes vote down vote up 
void doImportDelete(final JobStatusListener statusListener,
                    final CsvImportTuple tuple,
                    final String csvImportDescriptorName,
                    final CsvImportDescriptor descriptor) throws Exception {
    List<Object> objects = null;
    try {


        if (descriptor.getDeleteCmd() != null) {

            // No need to validate sub imports
            validateAccessBeforeUpdate(null, null); // only allowed by system admins

            executeNativeQuery(descriptor, null, tuple, descriptor.getDeleteCmd());

            statusListener.count(DELETE_COUNTER);

        } else {

            objects = getExistingEntities(descriptor, descriptor.getSelectCmd(), null, tuple);

            if (CollectionUtils.isNotEmpty(objects)) {

                for (final Object object : objects) {
                    /*
                        Note: for correct data federation processing we need ALL-OR-NOTHING update for all import.
                              Once validation fails we fail the whole import with a rollback. Necessary to facilitate
                              objects with complex relationships to shop (e.g. products, SKU)
                     */

                    // No need to validate sub imports
                    // Preliminary validation - not always applicable for transient object (e.g. products need category assignments)
                    validateAccessBeforeUpdate(object, descriptor.getEntityTypeClass());

                    genericDAO.delete(object);

                    genericDAO.flushClear();

                    statusListener.count(DELETE_COUNTER);
                }

            }

        }
        statusListener.notifyPing("Deleting tuple: " + tuple.getSourceId()); // make sure we do not time out

    } catch (AccessDeniedException ade) {

        statusListener.notifyError(
                "Access denied during import row : {} \ndescriptor {} \nobject is {}",
                ade,
                tuple,
                csvImportDescriptorName,
                objects);
        genericDAO.clear();

        throw new Exception(ade.getMessage(), ade);


    } catch (Exception e) {

        statusListener.notifyError(
                "during import row : {} \ndescriptor {} \nerror {}\nobject is {}",
                e,
                tuple,
                csvImportDescriptorName,
                e.getMessage(),
                objects
            );
        genericDAO.clear();

        throw e;
    }
}
Example 9
Source File: ExceptionTranslator.java    From tutorials with MIT License 4 votes vote down vote up 
@ExceptionHandler(AccessDeniedException.class)
@ResponseStatus(HttpStatus.FORBIDDEN)
@ResponseBody
public ErrorVM processAccessDeniedException(AccessDeniedException e) {
    return new ErrorVM(ErrorConstants.ERR_ACCESS_DENIED, e.getMessage());
}
Example 10
Source File: ExceptionTranslator.java    From gpmr with Apache License 2.0 4 votes vote down vote up 
@ExceptionHandler(AccessDeniedException.class)
@ResponseStatus(HttpStatus.FORBIDDEN)
@ResponseBody
public ErrorDTO processAccessDeniedExcpetion(AccessDeniedException e) {
    return new ErrorDTO(ErrorConstants.ERR_ACCESS_DENIED, e.getMessage());
}
Example 11
Source File: ExceptionTranslator.java    From jhipster-ribbon-hystrix with GNU General Public License v3.0 4 votes vote down vote up 
@ExceptionHandler(AccessDeniedException.class)
@ResponseStatus(HttpStatus.FORBIDDEN)
@ResponseBody
public ErrorDTO processAccessDeniedExcpetion(AccessDeniedException e) {
    return new ErrorDTO(ErrorConstants.ERR_ACCESS_DENIED, e.getMessage());
}
Example 12
Source File: ExceptionTranslator.java    From tutorials with MIT License 4 votes vote down vote up 
@ExceptionHandler(AccessDeniedException.class)
@ResponseStatus(HttpStatus.FORBIDDEN)
@ResponseBody
public ErrorVM processAccessDeniedException(AccessDeniedException e) {
    return new ErrorVM(ErrorConstants.ERR_ACCESS_DENIED, e.getMessage());
}
Example 13
Source File: ExceptionTranslator.java    From jhipster-ribbon-hystrix with GNU General Public License v3.0 4 votes vote down vote up 
@ExceptionHandler(AccessDeniedException.class)
@ResponseStatus(HttpStatus.FORBIDDEN)
@ResponseBody
public ErrorDTO processAccessDeniedExcpetion(AccessDeniedException e) {
    return new ErrorDTO(ErrorConstants.ERR_ACCESS_DENIED, e.getMessage());
}
Example 14
Source File: ExceptionTranslator.java    From jhipster-ribbon-hystrix with GNU General Public License v3.0 4 votes vote down vote up 
@ExceptionHandler(AccessDeniedException.class)
@ResponseStatus(HttpStatus.FORBIDDEN)
@ResponseBody
public ErrorDTO processAccessDeniedExcpetion(AccessDeniedException e) {
    return new ErrorDTO(ErrorConstants.ERR_ACCESS_DENIED, e.getMessage());
}
Example 15
Source File: ExceptionTranslator.java    From tutorials with MIT License 4 votes vote down vote up 
@ExceptionHandler(AccessDeniedException.class)
@ResponseStatus(HttpStatus.FORBIDDEN)
@ResponseBody
public ErrorVM processAccessDeniedException(AccessDeniedException e) {
    return new ErrorVM(ErrorConstants.ERR_ACCESS_DENIED, e.getMessage());
}
Example 16
Source File: ExceptionTranslator.java    From jhipster-microservices-example with Apache License 2.0 4 votes vote down vote up 
@ExceptionHandler(AccessDeniedException.class)
@ResponseStatus(HttpStatus.FORBIDDEN)
@ResponseBody
public ErrorVM processAccessDeniedException(AccessDeniedException e) {
    return new ErrorVM(ErrorConstants.ERR_ACCESS_DENIED, e.getMessage());
}
Example 17
Source File: ExceptionTranslator.java    From jhipster-microservices-example with Apache License 2.0 4 votes vote down vote up 
@ExceptionHandler(AccessDeniedException.class)
@ResponseStatus(HttpStatus.FORBIDDEN)
@ResponseBody
public ErrorVM processAccessDeniedException(AccessDeniedException e) {
    return new ErrorVM(ErrorConstants.ERR_ACCESS_DENIED, e.getMessage());
}
Example 18
Source File: ExceptionTranslator.java    From jhipster-microservices-example with Apache License 2.0 4 votes vote down vote up 
@ExceptionHandler(AccessDeniedException.class)
@ResponseStatus(HttpStatus.FORBIDDEN)
@ResponseBody
public ErrorVM processAccessDeniedException(AccessDeniedException e) {
    return new ErrorVM(ErrorConstants.ERR_ACCESS_DENIED, e.getMessage());
}
Example 19
Source File: ExceptionTranslator.java    From flair-engine with Apache License 2.0 4 votes vote down vote up 
@ExceptionHandler(AccessDeniedException.class)
@ResponseStatus(HttpStatus.FORBIDDEN)
@ResponseBody
public ErrorVM processAccessDeniedException(AccessDeniedException e) {
    return new ErrorVM(ErrorConstants.ERR_ACCESS_DENIED, e.getMessage());
}
Example 20
Source File: ExceptionTranslator.java    From flair-registry with Apache License 2.0 4 votes vote down vote up 
@ExceptionHandler(AccessDeniedException.class)
@ResponseStatus(HttpStatus.FORBIDDEN)
@ResponseBody
public ErrorVM processAccessDeniedException(AccessDeniedException e) {
    return new ErrorVM(ErrorConstants.ERR_ACCESS_DENIED, e.getMessage());
}