List of usage examples for java.lang SecurityException SecurityException
public SecurityException(Throwable cause)
From source file:co.edu.unal.arqdsoft.presentacion.servlet.ServletVentas.java
private Respuesta getCliente(JSONObject obj) { String error = "Problemas con la comunicacin"; try {//from w ww .j ava 2 s.com int idCliente = Integer.parseInt(obj.get("datos").toString()); Cliente cliente = ControlVentas.getcliente(idCliente); /*TEST*/ //Cliente p = new Cliente(0, "Telefono", "muy comunicativo", null, null); /*TEST FIN*/ if (cliente != null) { JSONObject t = new JSONObject(); t.put("nombre", cliente.getNombre()); t.put("id", cliente.getId()); t.put("informacion", cliente.getInformacion()); return new Respuesta("", new Contenido(t, "")); } else { error = "No existe el cliente";//ERROR de SEGURIDAD throw new SecurityException(obj.get("datos").toString()); } } catch (Exception ex) { Logger.getLogger(ServletProductos.class.getName()).log(Level.SEVERE, null, ex); return new Respuesta(error, new Contenido()); } }
From source file:SecurityManagerTest.java
public void checkWrite(FileDescriptor filedescriptor) { if (!accessOK()) throw new SecurityException("Not!"); }
From source file:be.e_contract.mycarenet.etee.Unsealer.java
private byte[] getVerifiedContent(byte[] cmsData) throws CertificateException, CMSException, IOException, OperatorCreationException { CMSSignedData cmsSignedData = new CMSSignedData(cmsData); SignerInformationStore signers = cmsSignedData.getSignerInfos(); SignerInformation signer = (SignerInformation) signers.getSigners().iterator().next(); SignerId signerId = signer.getSID(); Store certificateStore = cmsSignedData.getCertificates(); @SuppressWarnings("unchecked") Collection<X509CertificateHolder> certificateCollection = certificateStore.getMatches(signerId); if (null == this.senderCertificate) { if (certificateCollection.isEmpty()) { throw new SecurityException("no sender certificate present"); }/*from w w w. j a v a 2 s . c om*/ X509CertificateHolder certificateHolder = certificateCollection.iterator().next(); CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509"); X509Certificate certificate = (X509Certificate) certificateFactory .generateCertificate(new ByteArrayInputStream(certificateHolder.getEncoded())); this.senderCertificate = certificate; LOG.debug("signer certificate subject: " + certificate.getSubjectX500Principal()); } /* * By reusing the sender certificate we have the guarantee that the * outer signature and inner signature share the same origin. */ SignerInformationVerifier signerInformationVerifier = new JcaSimpleSignerInfoVerifierBuilder() .build(this.senderCertificate); boolean signatureResult = signer.verify(signerInformationVerifier); if (false == signatureResult) { throw new SecurityException("woops"); } CMSTypedData signedContent = cmsSignedData.getSignedContent(); byte[] data = (byte[]) signedContent.getContent(); return data; }
From source file:org.apache.cxf.security.spring.ServerPasswordCallbackHandler.java
private SecurityException translateException(AuthenticationException ex) { if (logExceptions) { LogUtils.log(LOG, Level.WARNING, "Authentication failed", ex); }//from w ww . j a va2s .c o m return nestExceptions ? new SecurityException(ex) : new SecurityException("Authentication failed"); }
From source file:eu.openanalytics.rsb.security.ApplicationPermissionEvaluator.java
@Override public boolean hasPermission(final Authentication authentication, final Object targetDomainObject, final Object permission) { if ("CATALOG_USER".equals(permission)) { return hasCatalogUserPermission(authentication, targetDomainObject); } else if ("CATALOG_ADMIN".equals(permission)) { return hasCatalogAdminPermission(authentication, targetDomainObject); }/*from w w w. j a va2s . co m*/ if (targetDomainObject == null) { return false; } if ("APPLICATION_JOB".equals(permission)) { final AbstractJob job = (AbstractJob) targetDomainObject; return hasApplicationJobPermission(authentication, job); } else if ("APPLICATION_USER".equals(permission)) { final String applicationName = (String) targetDomainObject; return hasApplicationUserOrAdminPermission(authentication, applicationName); } else if ("APPLICATION_ADMIN".equals(permission)) { final String applicationName = (String) targetDomainObject; return hasApplicationAdminPermission(authentication, applicationName); } else if ("RSB_RESOURCE".equals(permission)) { final String resourceName = targetDomainObject.toString(); return hasRsbResourcePermission(authentication, resourceName); } else { throw new SecurityException("Unknown permission: " + permission); } }
From source file:be.fedict.eid.pkira.portal.signing.AbstractDssSigningHandler.java
public String handleDssRequest() { String redirectStatus = null; T serviceClientResponse = null;//from ww w .j av a2 s . c om try { // Extract the signature response String signatureRequestId = "request-" + java.util.UUID.randomUUID().toString(); SignatureResponse signatureResponse = signatureResponseProcessor.process(getRequest(), getTarget(), getBase64encodedSignatureRequest(), signatureRequestId, null); // Get dssCertificate digest and allowed fingerprints String actualServiceFingerprint = null; String serviceCertificate = getRequest() .getParameter(SignatureResponseProcessor.SERVICE_CERTIFICATE_PARAMETER_PREFIX + "1"); if (serviceCertificate != null) { byte[] certificateData = Base64.decodeBase64(serviceCertificate); byte[] certificateFingerPrint = DigestUtils.sha(certificateData); actualServiceFingerprint = Hex.encodeHexString(certificateFingerPrint); } log.info("Actual service fingerprint: " + actualServiceFingerprint); String[] fingerprintConfig = configurationEntryContainer.getDssFingerprints(); if (fingerprintConfig == null || fingerprintConfig.length == 0) { log.warn("No DSS fingerprints configured"); } else { if (actualServiceFingerprint == null) { log.warn("No dssCertificate in DSS response"); throw new SecurityException("Missing dssCertificate in DSS response"); } boolean ok = false; for (String fingerprint : fingerprintConfig) { log.info("Allowed service fingerprint: " + fingerprint); ok |= fingerprint != null && fingerprint.equalsIgnoreCase(actualServiceFingerprint); } if (!ok) { log.error("Signatures not correct."); throw new SecurityException("Signatures not correct."); } } // Call the contract service byte[] contract = signatureResponse.getDecodedSignatureResponse(); String result = invokeServiceClient(new String(contract)); serviceClientResponse = unmarshall(result); getFacesMessages().addFromResourceBundle("contract.status." + serviceClientResponse.getResult().name(), serviceClientResponse.getResultMessage()); if (Events.exists()) { Events.instance().raiseEvent(EVENT_CERTIFICATE_LIST_CHANGED); } if (ResultType.SUCCESS.equals(serviceClientResponse.getResult())) { redirectStatus = SUCCESSFUL_REDIRECT; } } catch (Exception e) { getFacesMessages().addFromResourceBundle("validator.error.sign"); log.info("<<< handleRequest: exception", e); } return handleRedirect(redirectStatus, serviceClientResponse); }
From source file:nl.surfnet.coin.selfservice.util.SpringSecurity.java
public static InstitutionIdentityProvider getIdpFromId(Csa csa, String idp) { List<InstitutionIdentityProvider> idps = csa.getAllInstitutionIdentityProviders(); for (InstitutionIdentityProvider identityProvider : idps) { if (identityProvider.getId().equalsIgnoreCase(idp)) { return identityProvider; }//from w w w . j ava 2 s. c o m } throw new SecurityException(idp + " does not exist"); }
From source file:SecurityManagerTest.java
public void checkWrite(String filename) { if (!accessOK()) throw new SecurityException("Not Even!"); }
From source file:de.petendi.ethereum.secure.proxy.controller.SecureController.java
private String dispatch(byte[] bytes) { ObjectMapper objectMapper = new ObjectMapper(); objectMapper.configure(DeserializationFeature.FAIL_ON_UNKNOWN_PROPERTIES, false); WrappedResponse wrappedResponse = new WrappedResponse(); try {/*from w w w. j a v a 2s .c om*/ WrappedRequest wrappedRequest = objectMapper.readValue(bytes, WrappedRequest.class); AllowedCommand allowedCommand = AllowedCommand.valueOf(wrappedRequest.getCommand()); if (wrappedRequest.getCommand().startsWith("shh_") && !settings.isWhisperAllowed()) { throw new SecurityException("command not allowed: " + wrappedRequest.getCommand()); } Object response = rpcClient.invoke(allowedCommand.toString(), wrappedRequest.getParameters(), Object.class, settings.getHeaders()); wrappedResponse.setResponse(response); wrappedResponse.setSuccess(true); } catch (Throwable e) { wrappedResponse.setSuccess(false); wrappedResponse.setErrorMessage(e.getMessage()); } try { return objectMapper.writeValueAsString(wrappedResponse); } catch (IOException e) { throw new IllegalArgumentException(e); } }
From source file:be.fedict.eid.idp.model.applet.IdentityIntegrityServiceBean.java
public void checkNationalRegistrationCertificate(List<X509Certificate> certificateChain) throws SecurityException { LOG.debug("validate national registry certificate: " + certificateChain.get(0).getSubjectX500Principal()); String xkmsUrl = this.configuration.getValue(ConfigProperty.XKMS_URL, String.class); if (null == xkmsUrl || xkmsUrl.trim().isEmpty()) { LOG.warn("no XKMS URL configured!"); return;/*from w w w . j av a 2 s .co m*/ } RPEntity rp = AppletUtil.getSessionAttribute(Constants.RP_SESSION_ATTRIBUTE); String xkmsTrustDomain = null; if (null != rp) { xkmsTrustDomain = rp.getIdentityTrustDomain(); } if (null == xkmsTrustDomain || xkmsTrustDomain.trim().isEmpty()) { xkmsTrustDomain = this.configuration.getValue(ConfigProperty.XKMS_IDENT_TRUST_DOMAIN, String.class); } if (null != xkmsTrustDomain) { if (xkmsTrustDomain.trim().isEmpty()) { xkmsTrustDomain = null; } } LOG.debug("Trust domain=" + xkmsTrustDomain); XKMS2Client xkms2Client = new XKMS2Client(xkmsUrl); Boolean useHttpProxy = this.configuration.getValue(ConfigProperty.HTTP_PROXY_ENABLED, Boolean.class); if (null != useHttpProxy && useHttpProxy) { String httpProxyHost = this.configuration.getValue(ConfigProperty.HTTP_PROXY_HOST, String.class); int httpProxyPort = this.configuration.getValue(ConfigProperty.HTTP_PROXY_PORT, Integer.class); LOG.debug("use proxy: " + httpProxyHost + ":" + httpProxyPort); xkms2Client.setProxy(httpProxyHost, httpProxyPort); } else { // disable previously set proxy xkms2Client.setProxy(null, 0); } try { LOG.debug("validating certificate chain"); if (null != xkmsTrustDomain) { xkms2Client.validate(xkmsTrustDomain, certificateChain); } else { xkms2Client.validate(certificateChain); } } catch (ValidationFailedException e) { LOG.warn("invalid certificate"); throw new SecurityException("invalid certificate"); } catch (Exception e) { LOG.warn("eID Trust Service error: " + e.getMessage(), e); throw new SecurityException("eID Trust Service error"); } }