List of usage examples for java.lang SecurityException getMessage
public String getMessage()
From source file:jtabwb.launcher.Launcher.java
private File getLogDir() { File logDir = new File(currentConfiguration.logDirAbsolutePath); if (!logDir.exists()) { try {//from w w w . j a v a 2 s . com logDir.mkdir(); return logDir; } catch (SecurityException e) { LOG.error(MSG.LAUNCHER.ERROR_MSG.LOG_DIR_CANNOT_BE_CREATED, logDir.getAbsolutePath(), e.getMessage()); return null; } } else { if (!logDir.isDirectory()) { LOG.error(MSG.LAUNCHER.ERROR_MSG.LOG_DIR_IS_NOT_A_DIR, logDir.getAbsolutePath()); return null; } } return logDir; }
From source file:org.sakaiproject.bbb.tool.entity.BBBMeetingEntityProvider.java
public void updateEntity(EntityReference ref, Object entity, Map<String, Object> params) { if (logger.isDebugEnabled()) logger.debug("updateMeeting"); BBBMeeting newMeeting = (BBBMeeting) entity; try {//from www .jav a 2 s . c o m BBBMeeting meeting = meetingManager.getMeeting(ref.getId()); if (meeting == null) { throw new IllegalArgumentException("Could not locate meeting to update"); } // update name String nameStr = (String) params.get("name"); nameStr = StringEscapeUtils.escapeHtml(nameStr); if (nameStr != null) meeting.setName(nameStr); // update description String welcomeMessageStr = (String) params.get("props.welcomeMessage"); if (welcomeMessageStr != null) meeting.setWelcomeMessage(welcomeMessageStr); // update recording flag String recordingStr = (String) params.get("recording"); boolean recording = (recordingStr != null && (recordingStr.toLowerCase().equals("on") || recordingStr.toLowerCase().equals("true"))); meeting.setRecording(Boolean.valueOf(recording)); // update recordingDuration String recordingDurationStr = (String) params.get("recordingDuration"); if (recordingDurationStr != null) meeting.setRecordingDuration(Long.valueOf(recordingDurationStr)); else meeting.setRecordingDuration(0L); // update voiceBridge only if the voiceBridge parameter is sent from // the view to the controller String voiceBridgeStr = (String) params.get("voiceBridge"); if (voiceBridgeStr != null) { if (voiceBridgeStr.equals("") || Integer.parseInt(voiceBridgeStr) == 0) { Integer voiceBridge = 70000 + new Random().nextInt(10000); meeting.setVoiceBridge(voiceBridge); } else { meeting.setVoiceBridge(Integer.valueOf(voiceBridgeStr)); } } // update waitForModerator flag String waitForModeratorStr = (String) params.get("waitForModerator"); boolean waitForModerator = (waitForModeratorStr != null && (waitForModeratorStr.toLowerCase().equals("on") || waitForModeratorStr.toLowerCase().equals("true"))); meeting.setWaitForModerator(Boolean.valueOf(waitForModerator)); // update multipleSessionsAllowed flag String multipleSessionsAllowedStr = (String) params.get("multipleSessionsAllowed"); boolean multipleSessionsAllowed = (multipleSessionsAllowedStr != null && (multipleSessionsAllowedStr.toLowerCase().equals("on") || multipleSessionsAllowedStr.toLowerCase().equals("true"))); meeting.setMultipleSessionsAllowed(Boolean.valueOf(multipleSessionsAllowed)); // update default presentation if preuploadPresentation flag is true String presentationUrl = (String) params.get("presentation"); if (presentationUrl != null && presentationUrl != "") { meeting.setPresentation(presentationUrl); } else { meeting.setPresentation(""); } // update groupSessions flag String groupSessionsStr = (String) params.get("groupSessions"); boolean groupSessions = (groupSessionsStr != null && (groupSessionsStr.toLowerCase().equals("on") || groupSessionsStr.toLowerCase().equals("true"))); meeting.setGroupSessions(Boolean.valueOf(groupSessions)); // update dates if (params.get("startDate") != null) meeting.setStartDate(newMeeting.getStartDate()); else meeting.setStartDate(null); if (params.get("endDate") != null) meeting.setEndDate(newMeeting.getEndDate()); else meeting.setEndDate(null); // update participants String meetingOwnerId = meeting.getOwnerId(); List<Participant> participants = extractParticipants(params, meetingOwnerId); meeting.setParticipants(participants); // store meeting String addToCalendarStr = (String) params.get("addToCalendar"); String notifyParticipantsStr = (String) params.get("notifyParticipants"); String iCalAttachedStr = (String) params.get("iCalAttached"); String iCalAlarmMinutesStr = (String) params.get("iCalAlarmMinutes"); boolean addToCalendar = addToCalendarStr != null && (addToCalendarStr.toLowerCase().equals("on") || addToCalendarStr.toLowerCase().equals("true")); boolean notifyParticipants = notifyParticipantsStr != null && (notifyParticipantsStr.toLowerCase().equals("on") || notifyParticipantsStr.toLowerCase().equals("true")); boolean iCalAttached = iCalAttachedStr != null && (iCalAttachedStr.toLowerCase().equals("on") || iCalAttachedStr.toLowerCase().equals("true")); Long iCalAlarmMinutes = iCalAlarmMinutesStr != null ? Long.valueOf(iCalAlarmMinutesStr) : 0L; try { if (!meetingManager.updateMeeting(meeting, notifyParticipants, addToCalendar, iCalAttached, iCalAlarmMinutes, false)) throw new EntityException("Unable to update meeting in DB", meeting.getReference(), 400); } catch (BBBException e) { throw new EntityException(e.getPrettyMessage(), meeting.getReference(), 400); } } catch (SecurityException se) { throw new EntityException(se.getMessage(), ref.getReference(), 400); } catch (Exception e) { throw new EntityException(e.getMessage(), ref.getReference(), 400); } }
From source file:com.becapps.easydownloader.ShareActivity.java
private void tempDownloadToSdcard(Request request) { videoUri = Uri.parse(dir_Downloads.toURI() + composedVideoFilename); Utils.logger("d", "** NEW ** videoUri: " + videoUri, DEBUG_TAG); request.setDestinationUri(videoUri); try {// w w w . j a v a2 s . c o m enqueue = dm.enqueue(request); } catch (IllegalArgumentException e) { Log.e(DEBUG_TAG, "tempDownloadToSdcard: " + e.getMessage()); BugSenseHandler.sendExceptionMessage(DEBUG_TAG + "-> tempDownloadToSdcard", e.getMessage(), e); } catch (NullPointerException ne) { Log.e(DEBUG_TAG, "callDownloadApk: " + ne.getMessage()); BugSenseHandler.sendExceptionMessage(DEBUG_TAG + "-> tempDownloadToSdcard: ", ne.getMessage(), ne); Toast.makeText(this, getString(R.string.error), Toast.LENGTH_LONG).show(); } catch (SecurityException se) { Log.e(DEBUG_TAG, "callDownloadApk: " + se.getMessage()); BugSenseHandler.sendExceptionMessage(DEBUG_TAG + "-> tempDownloadToSdcard: ", se.getMessage(), se); Toast.makeText(this, getString(R.string.error), Toast.LENGTH_LONG).show(); } }
From source file:com.cws.esolutions.security.processors.impl.AccountControlProcessorImpl.java
/** * @see com.cws.esolutions.security.processors.interfaces.IAccountControlProcessor#modifyUserPassword(com.cws.esolutions.security.processors.dto.AccountControlRequest) *//*ww w.jav a 2s . c o m*/ public AccountControlResponse modifyUserPassword(final AccountControlRequest request) throws AccountControlException { final String methodName = IAccountControlProcessor.CNAME + "#modifyUserPassword(final AccountControlRequest request) throws AccountControlException"; if (DEBUG) { DEBUGGER.debug(methodName); DEBUGGER.debug("AccountControlRequest: {}", request); } AccountControlResponse response = new AccountControlResponse(); final Calendar calendar = Calendar.getInstance(); final RequestHostInfo reqInfo = request.getHostInfo(); final UserAccount reqAccount = request.getRequestor(); final UserAccount userAccount = request.getUserAccount(); calendar.add(Calendar.DATE, secConfig.getPasswordExpiration()); if (DEBUG) { DEBUGGER.debug("Calendar: {}", calendar); DEBUGGER.debug("RequestHostInfo: {}", reqInfo); DEBUGGER.debug("UserAccount: {}", reqAccount); DEBUGGER.debug("UserAccount: {}", userAccount); } try { // this will require admin and service authorization AccessControlServiceRequest accessRequest = new AccessControlServiceRequest(); accessRequest.setUserAccount(userAccount); accessRequest.setServiceGuid(request.getServiceId()); if (DEBUG) { DEBUGGER.debug("AccessControlServiceRequest: {}", accessRequest); } AccessControlServiceResponse accessResponse = accessControl.isUserAuthorized(accessRequest); if (DEBUG) { DEBUGGER.debug("AccessControlServiceResponse accessResponse: {}", accessResponse); } if (!(accessResponse.getIsUserAuthorized())) { // unauthorized response.setRequestStatus(SecurityRequestStatus.UNAUTHORIZED); // audit try { AuditEntry auditEntry = new AuditEntry(); auditEntry.setHostInfo(reqInfo); auditEntry.setAuditType(AuditType.CHANGEPASS); auditEntry.setUserAccount(userAccount); auditEntry.setAuthorized(Boolean.FALSE); auditEntry.setApplicationId(request.getApplicationId()); auditEntry.setApplicationName(request.getApplicationName()); if (DEBUG) { DEBUGGER.debug("AuditEntry: {}", auditEntry); } AuditRequest auditRequest = new AuditRequest(); auditRequest.setAuditEntry(auditEntry); if (DEBUG) { DEBUGGER.debug("AuditRequest: {}", auditRequest); } auditor.auditRequest(auditRequest); } catch (AuditServiceException asx) { ERROR_RECORDER.error(asx.getMessage(), asx); } return response; } // this is a reset request, so we need to do a few things // 1, we need to generate a unique id that we can email off // to the user, that we can then look up to confirm // then once we have that we can actually do the reset // first, change the existing password // 128 character values - its possible that the reset is // coming as a result of a possible compromise String tmpPassword = PasswordUtils.encryptText( RandomStringUtils.randomAlphanumeric(secConfig.getPasswordMaxLength()), RandomStringUtils.randomAlphanumeric(secConfig.getSaltLength()), secConfig.getAuthAlgorithm(), secConfig.getIterations(), secBean.getConfigData().getSystemConfig().getEncoding()); String tmpSalt = RandomStringUtils.randomAlphanumeric(secConfig.getSaltLength()); if ((StringUtils.isNotEmpty(tmpPassword)) && (StringUtils.isNotEmpty(tmpSalt))) { // update the authentication datastore with the new password // we never show the user the password, we're only doing this // to prevent unauthorized access (or further unauthorized access) // we get a return code back but we aren't going to use it really boolean isComplete = userManager.modifyUserPassword(userAccount.getGuid(), tmpPassword); if (DEBUG) { DEBUGGER.debug("isComplete: {}", isComplete); } // now generate a temporary id to stuff into the database // this will effectively replace the current salt value String resetId = RandomStringUtils.randomAlphanumeric(secConfig.getResetIdLength()); String resetSms = RandomStringUtils.randomAlphanumeric(secConfig.getSmsCodeLength()); if ((StringUtils.isNotEmpty(resetId)) && (StringUtils.isNotEmpty(resetSms))) { isComplete = userSec.insertResetData(userAccount.getGuid(), resetId, ((secConfig.getSmsResetEnabled()) ? resetSms : null)); if (DEBUG) { DEBUGGER.debug("isComplete: {}", isComplete); } if (isComplete) { response.setResetId(resetId); response.setRequestStatus(SecurityRequestStatus.SUCCESS); } else { ERROR_RECORDER .error("Unable to insert password identifier into database. Cannot continue."); response.setRequestStatus(SecurityRequestStatus.SUCCESS); } } else { ERROR_RECORDER.error("Unable to generate a unique identifier. Cannot continue."); response.setRequestStatus(SecurityRequestStatus.SUCCESS); } } else { ERROR_RECORDER.error("Failed to generate a temporary password. Cannot continue."); response.setRequestStatus(SecurityRequestStatus.SUCCESS); } } catch (SQLException sqx) { ERROR_RECORDER.error(sqx.getMessage(), sqx); throw new AccountControlException(sqx.getMessage(), sqx); } catch (AccessControlServiceException acsx) { ERROR_RECORDER.error(acsx.getMessage(), acsx); throw new AccountControlException(acsx.getMessage(), acsx); } catch (UserManagementException umx) { ERROR_RECORDER.error(umx.getMessage(), umx); throw new AccountControlException(umx.getMessage(), umx); } catch (SecurityException sx) { ERROR_RECORDER.error(sx.getMessage(), sx); throw new AccountControlException(sx.getMessage(), sx); } finally { // audit try { AuditEntry auditEntry = new AuditEntry(); auditEntry.setHostInfo(reqInfo); auditEntry.setAuditType(AuditType.RESETPASS); auditEntry.setUserAccount(reqAccount); auditEntry.setAuthorized(Boolean.TRUE); auditEntry.setApplicationId(request.getApplicationId()); auditEntry.setApplicationName(request.getApplicationName()); if (DEBUG) { DEBUGGER.debug("AuditEntry: {}", auditEntry); } AuditRequest auditRequest = new AuditRequest(); auditRequest.setAuditEntry(auditEntry); if (DEBUG) { DEBUGGER.debug("AuditRequest: {}", auditRequest); } auditor.auditRequest(auditRequest); } catch (AuditServiceException asx) { ERROR_RECORDER.error(asx.getMessage(), asx); } } return response; }
From source file:com.cws.esolutions.security.processors.impl.AccountControlProcessorImpl.java
/** * @see com.cws.esolutions.security.processors.interfaces.IAccountControlProcessor#createNewUser(com.cws.esolutions.security.processors.dto.AccountControlRequest) */// ww w. j a va 2s. c o m public AccountControlResponse createNewUser(final AccountControlRequest request) throws AccountControlException { final String methodName = IAccountControlProcessor.CNAME + "#createNewUser(final CreateUserRequest createReq) throws AccountControlException"; if (DEBUG) { DEBUGGER.debug(methodName); DEBUGGER.debug("AccountControlRequest: {}", request); } AccountControlResponse response = new AccountControlResponse(); final RequestHostInfo reqInfo = request.getHostInfo(); final UserAccount reqAccount = request.getRequestor(); final UserAccount userAccount = request.getUserAccount(); final AuthenticationData userSecurity = request.getUserSecurity(); final String newUserSalt = RandomStringUtils.randomAlphanumeric(secConfig.getSaltLength()); if (DEBUG) { DEBUGGER.debug("Requestor: {}", reqAccount); DEBUGGER.debug("RequestHostInfo: {}", reqInfo); DEBUGGER.debug("UserAccount: {}", userAccount); DEBUGGER.debug("AuthenticationData: {}", userSecurity); } try { // this will require admin and service authorization AccessControlServiceRequest accessRequest = new AccessControlServiceRequest(); accessRequest.setUserAccount(userAccount); accessRequest.setServiceGuid(request.getServiceId()); if (DEBUG) { DEBUGGER.debug("AccessControlServiceRequest: {}", accessRequest); } AccessControlServiceResponse accessResponse = accessControl.isUserAuthorized(accessRequest); if (DEBUG) { DEBUGGER.debug("AccessControlServiceResponse accessResponse: {}", accessResponse); } if (!(accessResponse.getIsUserAuthorized())) { // unauthorized response.setRequestStatus(SecurityRequestStatus.UNAUTHORIZED); // audit try { AuditEntry auditEntry = new AuditEntry(); auditEntry.setHostInfo(reqInfo); auditEntry.setAuditType(AuditType.CREATEUSER); auditEntry.setUserAccount(userAccount); auditEntry.setAuthorized(Boolean.FALSE); auditEntry.setApplicationId(request.getApplicationId()); auditEntry.setApplicationName(request.getApplicationName()); if (DEBUG) { DEBUGGER.debug("AuditEntry: {}", auditEntry); } AuditRequest auditRequest = new AuditRequest(); auditRequest.setAuditEntry(auditEntry); if (DEBUG) { DEBUGGER.debug("AuditRequest: {}", auditRequest); } auditor.auditRequest(auditRequest); } catch (AuditServiceException asx) { ERROR_RECORDER.error(asx.getMessage(), asx); } return response; } String userGuid = UUID.randomUUID().toString(); if (DEBUG) { DEBUGGER.debug("Value: {}", userGuid); } int x = 0; while (true) { if (x == 10) { throw new AccountControlException("Failed to generate a unique user GUID"); } try { userManager.validateUserAccount(userAccount.getUsername(), userGuid); break; } catch (UserManagementException umx) { ERROR_RECORDER.error(umx.getMessage(), umx); if (!(StringUtils.contains(umx.getMessage(), "UUID"))) { response.setRequestStatus(SecurityRequestStatus.FAILURE); return response; } userGuid = UUID.randomUUID().toString(); if (DEBUG) { DEBUGGER.debug("Value: {}", userGuid); } x++; continue; } } // insert the user salt boolean isSaltInserted = userSec.addOrUpdateSalt(userGuid, newUserSalt, SaltType.LOGON.name()); if (DEBUG) { DEBUGGER.debug("isSaltInserted: {}", isSaltInserted); } if (isSaltInserted) { String newPassword = PasswordUtils.encryptText( RandomStringUtils.randomAlphanumeric(secConfig.getPasswordMaxLength()), newUserSalt, secConfig.getAuthAlgorithm(), secConfig.getIterations(), secBean.getConfigData().getSystemConfig().getEncoding()); List<String> accountData = new ArrayList<String>(Arrays.asList(userGuid, userAccount.getUsername(), newPassword, String.valueOf(userAccount.isSuspended()), userAccount.getSurname(), userAccount.getGivenName(), userAccount.getGivenName() + " " + userAccount.getSurname(), userAccount.getEmailAddr())); if (DEBUG) { DEBUGGER.debug("accountData: {}", accountData); } boolean isUserCreated = userManager.addUserAccount(accountData, new ArrayList<String>(Arrays.asList(Arrays.toString(userAccount.getGroups())))); if (DEBUG) { DEBUGGER.debug("isUserCreated: {}", isUserCreated); } if (isUserCreated) { response.setRequestStatus(SecurityRequestStatus.SUCCESS); } else { // failed to add the user to the repository ERROR_RECORDER.error("Failed to add user to the userAccount repository"); response.setRequestStatus(SecurityRequestStatus.FAILURE); } } else { // failed to insert salt ERROR_RECORDER.error("Failed to provision new user: failed to insert the generated salt value"); response.setRequestStatus(SecurityRequestStatus.FAILURE); } } catch (AccountControlException acx) { ERROR_RECORDER.error(acx.getMessage(), acx); throw new AccountControlException(acx.getMessage(), acx); } catch (AccessControlServiceException acx) { ERROR_RECORDER.error(acx.getMessage(), acx); throw new AccountControlException(acx.getMessage(), acx); } catch (UserManagementException umx) { ERROR_RECORDER.error(umx.getMessage(), umx); throw new AccountControlException(umx.getMessage(), umx); } catch (SQLException sqx) { ERROR_RECORDER.error(sqx.getMessage(), sqx); throw new AccountControlException(sqx.getMessage(), sqx); } catch (SecurityException sx) { ERROR_RECORDER.error(sx.getMessage(), sx); throw new AccountControlException(sx.getMessage(), sx); } finally { // audit try { AuditEntry auditEntry = new AuditEntry(); auditEntry.setHostInfo(reqInfo); auditEntry.setAuditType(AuditType.CREATEUSER); auditEntry.setUserAccount(reqAccount); auditEntry.setAuthorized(Boolean.TRUE); auditEntry.setApplicationId(request.getApplicationId()); auditEntry.setApplicationName(request.getApplicationName()); if (DEBUG) { DEBUGGER.debug("AuditEntry: {}", auditEntry); } AuditRequest auditRequest = new AuditRequest(); auditRequest.setAuditEntry(auditEntry); if (DEBUG) { DEBUGGER.debug("AuditRequest: {}", auditRequest); } auditor.auditRequest(auditRequest); } catch (AuditServiceException asx) { ERROR_RECORDER.error(asx.getMessage(), asx); } } return response; }
From source file:org.csploit.android.core.UpdateService.java
@Override protected void onHandleIntent(Intent intent) { action what_to_do = (action) intent.getSerializableExtra(ACTION); boolean exitForError = true; if (what_to_do == null) { Logger.error("received null action"); return;/*from w w w .ja va 2 s . c om*/ } mRunning = true; switch (what_to_do) { case apk_update: mCurrentTask = mApkInfo; break; case core_update: mCurrentTask = mCoreInfo; break; case ruby_update: mCurrentTask = mRubyInfo; break; case msf_update: mCurrentTask = mMsfInfo; break; case gems_update: mCurrentTask = new ArchiveMetadata(); break; } try { setupNotification(); synchronized (mCurrentTask) { mCurrentTask.errorOccurred = true; if (!haveLocalFile()) downloadFile(); if (what_to_do == action.core_update) System.shutdownCoreDaemon(); extract(); if (what_to_do == action.msf_update) installGems(); else if (what_to_do == action.gems_update) updateGems(); else if (what_to_do == action.core_update) System.initCore(); deleteTemporaryFiles(); createVersionFile(); mCurrentTask.errorOccurred = exitForError = false; } sendDone(what_to_do); } catch (SecurityException e) { sendError(what_to_do, R.string.bad_permissions); Logger.warning(e.getClass().getName() + ": " + e.getMessage()); } catch (KeyException e) { sendError(what_to_do, R.string.checksum_failed); Logger.warning(e.getClass().getName() + ": " + e.getMessage()); } catch (NoSuchAlgorithmException e) { sendError(what_to_do, R.string.error_occured); System.errorLogging(e); } catch (CancellationException e) { sendError(what_to_do, R.string.update_cancelled); Logger.warning(e.getClass().getName() + ": " + e.getMessage()); } catch (IOException e) { sendError(what_to_do, R.string.error_occured); System.errorLogging(e); } catch (RuntimeException e) { sendError(what_to_do, R.string.error_occured); StackTraceElement[] stack = e.getStackTrace(); StackTraceElement frame = e.getStackTrace()[0]; for (StackTraceElement f : stack) { if (f.getClassName().startsWith("org.csploit.android")) { frame = f; break; } } Logger.error(String.format("%s: %s [%s:%d]", e.getClass().getName(), e.getMessage(), frame.getFileName(), frame.getLineNumber())); } catch (InterruptedException e) { sendError(what_to_do, R.string.error_occured); System.errorLogging(e); } catch (ChildManager.ChildNotStartedException e) { sendError(what_to_do, R.string.error_occured); System.errorLogging(e); } catch (ChildManager.ChildDiedException e) { sendError(what_to_do, R.string.error_occured); System.errorLogging(e); } catch (System.SuException e) { sendError(what_to_do, R.string.only_4_root); } catch (System.DaemonException e) { sendError(what_to_do, R.string.heart_attack); Logger.error(e.getMessage()); } finally { if (exitForError) { if (what_to_do == action.msf_update || what_to_do == action.gems_update) clearGemsCache(); if (what_to_do != action.core_update) wipe(); } stopSelf(); mRunning = false; } }
From source file:com.google.appinventor.components.runtime.Form.java
public void callInitialize(Object component) throws Throwable { Method method;/*from www . j a v a2 s . c om*/ try { method = component.getClass().getMethod("Initialize", (Class<?>[]) null); } catch (SecurityException e) { Log.i(LOG_TAG, "Security exception " + e.getMessage()); return; } catch (NoSuchMethodException e) { //This is OK. return; } try { Log.i(LOG_TAG, "calling Initialize method for Object " + component.toString()); method.invoke(component, (Object[]) null); } catch (InvocationTargetException e) { Log.i(LOG_TAG, "invoke exception: " + e.getMessage()); throw e.getTargetException(); } }
From source file:eu.semlibproject.annotationserver.restapis.AnnotationsAPI.java
/** * Search for all annotation's items basing on specific searching parameters * //from ww w . j ava2 s .co m * @param callback callback function for JSONP * @param annotationID a valid annotation ID * @param queryParams parameters (JSON format), encoded * @param accept the accepted format (n3, application/rdf+xml or application/json) * @return HTTP Response Status Code: * <ul> * <li>"200 OK" annotation metadata</li> * <li>"204 No Content" if there are no annotation metadata for the specified parameters</li> * <li>"400 Bad Request" if the specified parameters or the request are incorrect</li> * <li>"500 Internal Server Error" in case of error</li> * </ul> */ @GET @Path("{annotation-id}/items/search") @Produces({ MediaType.APPLICATION_JSON, MediaType.APPLICATION_RDFXML, MediaType.TEXT_RDFN3, MediaType.APPLICATION_JAVASCRIPT, MediaType.TEXT_HTML }) public Response searchAnnotationItems(@QueryParam(SemlibConstants.JSONP_PARAM) String callback, @PathParam("annotation-id") String annotationID, @QueryParam(SemlibConstants.QUERY_PARAM) String queryParams, @HeaderParam(SemlibConstants.HTTP_HEADER_ACCEPT) String accept) { if (StringUtils.isBlank(queryParams)) { return Response.status(Status.BAD_REQUEST).build(); } User currentLoggedUser = super.getCurrentLoggedUserOrAnonUser(); try { PermissionsManager permManager = eu.semlibproject.annotationserver.managers.SecurityManager .getInstance().getPermissionManager(); boolean rightsOk = permManager.canReadAnnotation(currentLoggedUser.getUserID(), annotationID); if (!rightsOk) { return Response.status(Status.FORBIDDEN).build(); } } catch (eu.semlibproject.annotationserver.security.SecurityException ex) { logger.log(Level.SEVERE, null, ex); return Response.status(ex.getStatusCode()).build(); } // Check if the annotationID is valid Status annotationIDStatus = super.checkAnnotationID(annotationID, false); if (annotationIDStatus != Status.OK) { return Response.status(annotationIDStatus).build(); } // This is necessary to handle the GET request from normal browser String cAccepts = UtilsManager.getInstance().getCorrectAcceptValue(callback, accept); String annotationItems = null; try { String triplesFormat = cAccepts; if (cAccepts.equalsIgnoreCase(MediaType.APPLICATION_JAVASCRIPT)) { triplesFormat = MediaType.APPLICATION_JSON; } annotationItems = RepositoryManager.getInstance().getCurrentRDFRepository() .searchAnnotationItems(annotationID, queryParams, triplesFormat); } catch (Exception ex) { logger.log(Level.SEVERE, ex.getMessage().toString(), ex); return Response.status(Status.INTERNAL_SERVER_ERROR).build(); } return super.createFinalResponseForAnnotationsAPI(callback, cAccepts, annotationItems); }
From source file:org.openremote.controller.service.Deployer.java
/** * Returns the system user login name, or an empty string if access to system user information * has been denied.//from w w w . j a va 2 s . c o m * * @return system user login name or empty string */ private String getSystemUser() { try { // ----- BEGIN PRIVILEGED CODE BLOCK ------------------------------------------------------ return AccessController.doPrivilegedWithCombiner(new PrivilegedAction<String>() { @Override public String run() { return System.getProperty("user.name"); } }); // ----- END PRIVILEGED CODE BLOCK -------------------------------------------------------- } catch (SecurityException e) { log.info("Security manager has denied access to user login name: {0}", e, e.getMessage()); return ""; } }
From source file:com.novartis.opensource.yada.YADARequest.java
/** * Returns the value of the constant {@code key}. This is useful when processing {@link YADAUtils#PARAM_FRAGS}. * @param key the name of a constant/*from ww w . jav a 2 s .c o m*/ * @return the value of the constant {@code key} * @throws YADAQueryConfigurationException when {@code key} is not accessible for any reason. */ public static String getParamKeyVal(String key) throws YADAQueryConfigurationException { String val = null; try { val = (String) YADARequest.class.getField(key).get(null); } catch (SecurityException e) { throw new YADAQueryConfigurationException(e.getMessage(), e); } catch (NoSuchFieldException e) { throw new YADAQueryConfigurationException(e.getMessage(), e); } catch (IllegalArgumentException e) { throw new YADAQueryConfigurationException(e.getMessage(), e); } catch (IllegalAccessException e) { throw new YADAQueryConfigurationException(e.getMessage(), e); } return val; }