Example usage for java.lang SecurityException SecurityException

List of usage examples for java.lang SecurityException SecurityException

Introduction

In this page you can find the example usage for java.lang SecurityException SecurityException.

Prototype

public SecurityException(Throwable cause) 

Source Link

Document

Creates a SecurityException with the specified cause and a detail message of (cause==null ?

Usage

From source file:be.fedict.hsm.admin.webapp.security.SecurityInterceptor.java

@AroundInvoke
public Object securityVerification(InvocationContext invocationContext) throws Exception {
    Method method = invocationContext.getMethod();
    Class<?> clazz = invocationContext.getMethod().getDeclaringClass();
    LOG.trace("security verification: " + clazz.getSimpleName() + "." + method.getName());
    RolesAllowed rolesAllowedAnnotation = method.getAnnotation(RolesAllowed.class);
    if (null == rolesAllowedAnnotation) {
        rolesAllowedAnnotation = clazz.getAnnotation(RolesAllowed.class);
    }//ww  w  .j av  a 2 s  .c  o  m
    String[] allowedRoles = rolesAllowedAnnotation.value();

    FacesContext facesContext = FacesContext.getCurrentInstance();
    ExternalContext externalContext = facesContext.getExternalContext();
    HttpServletRequest httpServletRequest = (HttpServletRequest) externalContext.getRequest();
    Principal userPrincipal = httpServletRequest.getUserPrincipal();
    if (null == userPrincipal) {
        throw new SecurityException("user not logged in");
    }

    boolean userInRole = false;
    for (String allowedRole : allowedRoles) {
        if (httpServletRequest.isUserInRole(allowedRole)) {
            LOG.trace("user in role: " + allowedRole);
            userInRole = true;
            break;
        }
    }
    if (false == userInRole) {
        throw new SecurityException("user not in allowed roles");
    }

    return invocationContext.proceed();
}

From source file:it.greenvulcano.gvesb.iam.jaas.GVBackingEngine.java

private void throwException(GVSecurityException cause) {
    throw new SecurityException(cause);
}

From source file:net.sourceforge.subsonic.service.MusicFileService.java

/**
 * Returns a music file instance for the given file.  If possible, a cached value is returned.
 *
 * @param file A file on the local file system.
 * @return A music file instance.//from  w  w w . ja v a2 s . com
 * @throws SecurityException If access is denied to the given file.
 */
public MusicFile getMusicFile(File file) {

    // Look in fast memory cache first.
    MusicFile cachedMusicFile = musicFileMemoryCache.get(file);
    if (cachedMusicFile != null) {
        return cachedMusicFile;
    }

    if (!securityService.isReadAllowed(file)) {
        throw new SecurityException("Access denied to file " + file);
    }

    cachedMusicFile = musicFileDiskCache.getValue(file.getPath());
    if (cachedMusicFile != null && cachedMusicFile.lastModified() >= file.lastModified()) {
        musicFileMemoryCache.put(file, cachedMusicFile);
        return cachedMusicFile;
    }

    MusicFile musicFile = new MusicFile(file);

    // Read metadata before caching.
    musicFile.getMetaData();

    // Put in caches.
    musicFileMemoryCache.put(file, musicFile);
    musicFileDiskCache.put(file.getPath(), musicFile);

    return musicFile;
}

From source file:org.apache.synapse.securevault.commons.MBeanRegistrar.java

private static void handleException(String msg) {
    log.error(msg);
    throw new SecurityException(msg);
}

From source file:org.directwebremoting.jaxer.impl.WideOpenCreatorManager.java

@Override
public Creator getCreator(String scriptName, boolean includeHidden) throws SecurityException {
    Creator creator = creators.get(scriptName);

    if (creator == null) {
        creator = shortNames.get(scriptName);
    }/*www .  ja v a  2  s .  c  o  m*/

    if (creator == null) {
        // So there is no creator by the given name. Next we try the more
        // verbose version where the script name is something like:
        // creator/com/example/ClassName
        String[] parts = scriptName.split("/", 2);
        if (parts.length == 1) {
            log.warn("Malformed scriptName: " + scriptName);
            throw new SecurityException("Malformed scriptName");
        }

        String className = parts[1];
        String creatorName = parts[0];
        try {
            // This is roughly equivalent to:
            // addCreator(className, creatorName, { });

            Class<? extends Creator> clazz = creatorTypes.get(creatorName);
            if (clazz == null) {
                log.error("Missing creator: " + creatorName + " (while initializing creator for: " + className
                        + ".js)");
                throw new SecurityException("Missing creator");
            }

            creator = clazz.newInstance();

            // Nasty! Each creator has a different set of init params. The
            // 'new' creator needs a class param, but the spring creator
            // needs a 'bean' param. We only have enough for a single param
            // in the URL and we don't know what it should be called. So
            // this code is tied to the new creator. Yeulch
            Map<String, String> params = new HashMap<String, String>();
            params.put("class", className);
            params.put("scope", "script");

            LocalUtil.setParams(creator, params, ignore);
            creator.setProperties(params);
            addCreator(creator);
            shortNames.put(creator.getJavascript(), creator);

            creator = creators.get(scriptName);
        } catch (Exception ex) {
            log.warn("Error adding creator: " + scriptName, ex);
            throw new SecurityException("Error adding creator");
        }
    }

    if (creator.isHidden() && !includeHidden) {
        log.warn("Attempt made to get hidden class with name: " + scriptName + " while includeHidden=false");
        throw new SecurityException("Missing script name");
    }

    return creator;
}

From source file:com.auditbucket.helper.SecurityHelper.java

public SystemUser getSysUser(boolean exceptionOnNull) {
    Authentication a = SecurityContextHolder.getContext().getAuthentication();
    if (a == null)
        if (exceptionOnNull)
            throw new SecurityException("User is not authenticated");
        else//from w w w.j  av a 2s.  c  om
            return null;

    return sysUserService.findByName(a.getName());
}

From source file:io.romain.passport.logic.observables.LocationUpdatesObservable.java

@Override
public void call(Subscriber<? super Location> subscriber) {

    LastKnownLocationObservable.create(mClient).subscribe(subscriber::onNext, subscriber::onError);

    if (ContextCompat.checkSelfPermission(mClient.getContext(),
            Manifest.permission.ACCESS_FINE_LOCATION) == PackageManager.PERMISSION_GRANTED
            && ContextCompat.checkSelfPermission(mClient.getContext(),
                    Manifest.permission.ACCESS_COARSE_LOCATION) == PackageManager.PERMISSION_GRANTED) {

        final LocationListener listener = subscriber::onNext;

        LocationServices.FusedLocationApi.requestLocationUpdates(mClient, mRequest, listener);
        subscriber.add(Subscriptions.create(() -> {
            if (mClient.isConnected()) {
                LocationServices.FusedLocationApi.removeLocationUpdates(mClient, listener);
            }//from  ww  w . j av a 2 s.  c o m
        }));
    } else {
        subscriber.onError(new SecurityException("You don't have the permission..."));
    }
}

From source file:com.mothsoft.alexis.service.impl.SourceServiceImpl.java

public void remove(final Long id) {
    final Source source = this.sourceDao.get(id);

    if (!source.getUserId().equals(CurrentUserUtil.getCurrentUserId())) {
        throw new SecurityException("Access Denied");
    }//w w w  .  j  a v  a  2  s.  co  m

    RssFeed feed = null;
    if (source instanceof RssSource) {
        feed = ((RssSource) source).getFeed();
    }

    this.sourceDao.remove(source);

    if (feed != null) {
        removeRssFeedIfUnused(feed);
    }
}

From source file:com.apress.progwt.server.service.impl.SchoolServiceImpl.java

public void assertUserIsAuthenticated(User toCheck) throws SecurityException {
    User loggedIn = userService.getCurrentUser();
    if (loggedIn == null || !loggedIn.equals(toCheck)) {
        throw new SecurityException("Logged in: " + loggedIn + " Requested: " + toCheck);
    }//from   w  w w  .  j av  a 2  s .c om
}

From source file:com.glaf.core.security.SecurityUtils.java

/**
 * DES//from   w  ww .  j a v a  2 s  .c om
 * 
 * @param data
 *            
 * @param key
 *            ???8?
 * @return ?
 */
public static String decode(String key, String data) {
    if (data == null) {
        return null;
    }
    try {
        DESKeySpec dks = new DESKeySpec(key.getBytes());
        SecretKeyFactory keyFactory = SecretKeyFactory.getInstance("DES");
        // key??8?
        Key secretKey = keyFactory.generateSecret(dks);
        Cipher cipher = Cipher.getInstance(ALGORITHM_DES);
        IvParameterSpec iv = new IvParameterSpec("12345678".getBytes());
        AlgorithmParameterSpec paramSpec = iv;
        cipher.init(Cipher.DECRYPT_MODE, secretKey, paramSpec);
        return new String(cipher.doFinal(hex2byte(data.getBytes())));
    } catch (Exception ex) {
        ex.printStackTrace();
        throw new SecurityException(ex);
    }
}