List of usage examples for java.lang SecurityException SecurityException
public SecurityException(Throwable cause)
From source file:be.fedict.hsm.admin.webapp.security.SecurityInterceptor.java
@AroundInvoke public Object securityVerification(InvocationContext invocationContext) throws Exception { Method method = invocationContext.getMethod(); Class<?> clazz = invocationContext.getMethod().getDeclaringClass(); LOG.trace("security verification: " + clazz.getSimpleName() + "." + method.getName()); RolesAllowed rolesAllowedAnnotation = method.getAnnotation(RolesAllowed.class); if (null == rolesAllowedAnnotation) { rolesAllowedAnnotation = clazz.getAnnotation(RolesAllowed.class); }//ww w .j av a 2 s .c o m String[] allowedRoles = rolesAllowedAnnotation.value(); FacesContext facesContext = FacesContext.getCurrentInstance(); ExternalContext externalContext = facesContext.getExternalContext(); HttpServletRequest httpServletRequest = (HttpServletRequest) externalContext.getRequest(); Principal userPrincipal = httpServletRequest.getUserPrincipal(); if (null == userPrincipal) { throw new SecurityException("user not logged in"); } boolean userInRole = false; for (String allowedRole : allowedRoles) { if (httpServletRequest.isUserInRole(allowedRole)) { LOG.trace("user in role: " + allowedRole); userInRole = true; break; } } if (false == userInRole) { throw new SecurityException("user not in allowed roles"); } return invocationContext.proceed(); }
From source file:it.greenvulcano.gvesb.iam.jaas.GVBackingEngine.java
private void throwException(GVSecurityException cause) { throw new SecurityException(cause); }
From source file:net.sourceforge.subsonic.service.MusicFileService.java
/** * Returns a music file instance for the given file. If possible, a cached value is returned. * * @param file A file on the local file system. * @return A music file instance.//from w w w . ja v a2 s . com * @throws SecurityException If access is denied to the given file. */ public MusicFile getMusicFile(File file) { // Look in fast memory cache first. MusicFile cachedMusicFile = musicFileMemoryCache.get(file); if (cachedMusicFile != null) { return cachedMusicFile; } if (!securityService.isReadAllowed(file)) { throw new SecurityException("Access denied to file " + file); } cachedMusicFile = musicFileDiskCache.getValue(file.getPath()); if (cachedMusicFile != null && cachedMusicFile.lastModified() >= file.lastModified()) { musicFileMemoryCache.put(file, cachedMusicFile); return cachedMusicFile; } MusicFile musicFile = new MusicFile(file); // Read metadata before caching. musicFile.getMetaData(); // Put in caches. musicFileMemoryCache.put(file, musicFile); musicFileDiskCache.put(file.getPath(), musicFile); return musicFile; }
From source file:org.apache.synapse.securevault.commons.MBeanRegistrar.java
private static void handleException(String msg) { log.error(msg); throw new SecurityException(msg); }
From source file:org.directwebremoting.jaxer.impl.WideOpenCreatorManager.java
@Override public Creator getCreator(String scriptName, boolean includeHidden) throws SecurityException { Creator creator = creators.get(scriptName); if (creator == null) { creator = shortNames.get(scriptName); }/*www . ja v a 2 s . c o m*/ if (creator == null) { // So there is no creator by the given name. Next we try the more // verbose version where the script name is something like: // creator/com/example/ClassName String[] parts = scriptName.split("/", 2); if (parts.length == 1) { log.warn("Malformed scriptName: " + scriptName); throw new SecurityException("Malformed scriptName"); } String className = parts[1]; String creatorName = parts[0]; try { // This is roughly equivalent to: // addCreator(className, creatorName, { }); Class<? extends Creator> clazz = creatorTypes.get(creatorName); if (clazz == null) { log.error("Missing creator: " + creatorName + " (while initializing creator for: " + className + ".js)"); throw new SecurityException("Missing creator"); } creator = clazz.newInstance(); // Nasty! Each creator has a different set of init params. The // 'new' creator needs a class param, but the spring creator // needs a 'bean' param. We only have enough for a single param // in the URL and we don't know what it should be called. So // this code is tied to the new creator. Yeulch Map<String, String> params = new HashMap<String, String>(); params.put("class", className); params.put("scope", "script"); LocalUtil.setParams(creator, params, ignore); creator.setProperties(params); addCreator(creator); shortNames.put(creator.getJavascript(), creator); creator = creators.get(scriptName); } catch (Exception ex) { log.warn("Error adding creator: " + scriptName, ex); throw new SecurityException("Error adding creator"); } } if (creator.isHidden() && !includeHidden) { log.warn("Attempt made to get hidden class with name: " + scriptName + " while includeHidden=false"); throw new SecurityException("Missing script name"); } return creator; }
From source file:com.auditbucket.helper.SecurityHelper.java
public SystemUser getSysUser(boolean exceptionOnNull) { Authentication a = SecurityContextHolder.getContext().getAuthentication(); if (a == null) if (exceptionOnNull) throw new SecurityException("User is not authenticated"); else//from w w w.j av a 2s. c om return null; return sysUserService.findByName(a.getName()); }
From source file:io.romain.passport.logic.observables.LocationUpdatesObservable.java
@Override public void call(Subscriber<? super Location> subscriber) { LastKnownLocationObservable.create(mClient).subscribe(subscriber::onNext, subscriber::onError); if (ContextCompat.checkSelfPermission(mClient.getContext(), Manifest.permission.ACCESS_FINE_LOCATION) == PackageManager.PERMISSION_GRANTED && ContextCompat.checkSelfPermission(mClient.getContext(), Manifest.permission.ACCESS_COARSE_LOCATION) == PackageManager.PERMISSION_GRANTED) { final LocationListener listener = subscriber::onNext; LocationServices.FusedLocationApi.requestLocationUpdates(mClient, mRequest, listener); subscriber.add(Subscriptions.create(() -> { if (mClient.isConnected()) { LocationServices.FusedLocationApi.removeLocationUpdates(mClient, listener); }//from ww w . j av a 2 s. c o m })); } else { subscriber.onError(new SecurityException("You don't have the permission...")); } }
From source file:com.mothsoft.alexis.service.impl.SourceServiceImpl.java
public void remove(final Long id) { final Source source = this.sourceDao.get(id); if (!source.getUserId().equals(CurrentUserUtil.getCurrentUserId())) { throw new SecurityException("Access Denied"); }//w w w . j a v a 2 s. co m RssFeed feed = null; if (source instanceof RssSource) { feed = ((RssSource) source).getFeed(); } this.sourceDao.remove(source); if (feed != null) { removeRssFeedIfUnused(feed); } }
From source file:com.apress.progwt.server.service.impl.SchoolServiceImpl.java
public void assertUserIsAuthenticated(User toCheck) throws SecurityException { User loggedIn = userService.getCurrentUser(); if (loggedIn == null || !loggedIn.equals(toCheck)) { throw new SecurityException("Logged in: " + loggedIn + " Requested: " + toCheck); }//from w w w . j av a 2 s .c om }
From source file:com.glaf.core.security.SecurityUtils.java
/** * DES//from w ww . j a v a 2 s .c om * * @param data * * @param key * ???8? * @return ? */ public static String decode(String key, String data) { if (data == null) { return null; } try { DESKeySpec dks = new DESKeySpec(key.getBytes()); SecretKeyFactory keyFactory = SecretKeyFactory.getInstance("DES"); // key??8? Key secretKey = keyFactory.generateSecret(dks); Cipher cipher = Cipher.getInstance(ALGORITHM_DES); IvParameterSpec iv = new IvParameterSpec("12345678".getBytes()); AlgorithmParameterSpec paramSpec = iv; cipher.init(Cipher.DECRYPT_MODE, secretKey, paramSpec); return new String(cipher.doFinal(hex2byte(data.getBytes()))); } catch (Exception ex) { ex.printStackTrace(); throw new SecurityException(ex); } }