List of usage examples for java.lang SecurityException SecurityException
public SecurityException(Throwable cause)
From source file:SecurityManagerTest.java
public void checkRead(String filename) { if (!accessOK()) throw new SecurityException("No Way!"); }
From source file:de.qaware.campus.secpro.web.passwords.SecurePasswords.java
/** * Decrypt the given ciphertext string into the plaintext original. * * @param ciphertext the ciphertext//ww w . j ava 2 s . c om * @return the decrypted string */ public String decrypt(String ciphertext) { try { Key key = getKey(); Plaintext decoded = CryptoUtil.decrypt(key, Ciphertext.fromBase64(ciphertext)); return decoded.asUtf8String(); } catch (CryptoException e) { throw new SecurityException(e); } }
From source file:org.apache.qpid.server.management.plugin.HttpManagementUtil.java
public static void checkRequestAuthenticatedAndAccessAuthorized(HttpServletRequest request, Broker broker, HttpManagementConfiguration managementConfig) { HttpSession session = request.getSession(); Subject subject = getAuthorisedSubject(session); if (subject == null) { subject = tryToAuthenticate(request, managementConfig); if (subject == null) { throw new SecurityException("Only authenticated users can access the management interface"); }/*from w w w. j a v a 2 s . c o m*/ Subject original = subject; subject = new Subject(false, original.getPrincipals(), original.getPublicCredentials(), original.getPrivateCredentials()); subject.getPrincipals().add(new ServletConnectionPrincipal(request)); subject.setReadOnly(); assertManagementAccess(broker.getSecurityManager(), subject); saveAuthorisedSubject(session, subject); } }
From source file:org.mobicents.client.slee.resource.http.HttpClientWrapper.java
@Override public ClientConnectionManager getConnectionManager() { throw new SecurityException("a SLEE application may not access the client's connection manager."); }
From source file:org.sakaiproject.evaluation.tool.producers.AdminTestEGProviderProducer.java
public void fillComponents(UIContainer tofill, ViewParameters viewparams, ComponentChecker checker) { String warningMessage = ""; String currentUserId = commonLogic.getCurrentUserId(); boolean userAdmin = commonLogic.isUserAdmin(currentUserId); if (!userAdmin) { // Security check and denial throw new SecurityException("Non-admin users may not access this page"); }// w ww .j a va 2 s.com // get provider EvalGroupsProvider evalGroupsProvider; String providerBeanName = EvalGroupsProvider.class.getName(); if (applicationContext.containsBean(providerBeanName)) { evalGroupsProvider = (EvalGroupsProvider) applicationContext.getBean(providerBeanName); } else { // no provider, die horribly UIOutput.make(tofill, "warning-message", "No EvalGroupsProvider found... cannot test..."); return; } AdminTestEGViewParameters testViewParameters = (AdminTestEGViewParameters) viewparams; String username = testViewParameters.username; String evalGroupId = testViewParameters.evalGroupId; if (evalGroupId == null || evalGroupId.equals("")) { warningMessage += " No evalGroupId set"; UIOutput.make(tofill, "warning-message", warningMessage); } else { String title = commonLogic.getDisplayTitle(evalGroupId); if ("--------".equals(title)) { warningMessage += " Invalid evalGroupId (" + evalGroupId + "): cannot find title, reset to null"; UIOutput.make(tofill, "warning-message", warningMessage); evalGroupId = null; } } String userId = currentUserId; if (username == null || username.equals("")) { username = commonLogic.getUserUsername(userId); warningMessage += " No username set: using current user"; UIOutput.make(tofill, "warning-message", warningMessage); } else { userId = commonLogic.getUserId(username); if (userId == null) { warningMessage += " Invalid username (" + username + "): cannot find id, setting to current user id"; UIOutput.make(tofill, "warning-message", warningMessage); userId = currentUserId; } } UIMessage.make(tofill, "page-title", "admintesteg.page.title"); UIInternalLink.make(tofill, "summary-link", UIMessage.make("summary.page.title"), new SimpleViewParameters(SummaryProducer.VIEW_ID)); UIInternalLink.make(tofill, "administrate-link", UIMessage.make("administrate.page.title"), new SimpleViewParameters(AdministrateProducer.VIEW_ID)); UIMessage.make(tofill, "current_test_header", "admintesteg.current.test.header"); UIMessage.make(tofill, "current_test_user_header", "admintesteg.current.test.user.header"); UIOutput.make(tofill, "current_test_user", username); UIMessage.make(tofill, "current_test_group_header", "admintesteg.current.test.group.header"); UIOutput.make(tofill, "current_test_group", evalGroupId); // create a copy of the VP (to avoid corrupting the original) AdminTestEGViewParameters ategvp = (AdminTestEGViewParameters) testViewParameters.copyBase(); ategvp.username = username; ategvp.evalGroupId = evalGroupId; UIForm searchForm = UIForm.make(tofill, "current_test_form", ategvp); UIInput.make(searchForm, "current_test_user_input", "#{username}"); UIInput.make(searchForm, "current_test_group_input", "#{evalGroupId}"); UIMessage.make(searchForm, "current_test_form_command", "admintesteg.test.command"); UIMessage.make(tofill, "major_test_header", "admintesteg.major.test.header"); UIMessage.make(tofill, "test_method_header", "admintesteg.test.method.header"); UIMessage.make(tofill, "test_result_header", "admintesteg.test.result.header"); UIMessage.make(tofill, "test_runtime_header", "admintesteg.test.runtime.header"); long startTime = 0; long total = 0; Set<String> s = null; List<EvalGroup> l = null; // now run the tests UIBranchContainer tests1 = UIBranchContainer.make(tofill, "tests_list:", "getUserIdsForEvalGroups.PERM_BE_EVALUATED"); UIOutput.make(tests1, "test_method", tests1.localID); if (evalGroupId == null) { UIMessage.make(tests1, "test_result", "admintesteg.test.result.skipped.nogroup"); UIMessage.make(tests1, "test_runtime", "admintesteg.test.runtime.message", new Object[] { 0 + "" }); } else { startTime = new Date().getTime(); s = evalGroupsProvider.getUserIdsForEvalGroups(new String[] { evalGroupId }, EvalGroupsProvider.PERM_BE_EVALUATED); UIOutput.make(tests1, "test_result", collectionToString(s)); total = new Date().getTime() - startTime; UIMessage.make(tests1, "test_runtime", "admintesteg.test.runtime.message", new Object[] { new Long(total) }); } UIBranchContainer tests1b = UIBranchContainer.make(tofill, "tests_list:", "getUserIdsForEvalGroups.PERM_TAKE_EVALUATION"); UIOutput.make(tests1b, "test_method", tests1b.localID); if (evalGroupId == null) { UIMessage.make(tests1b, "test_result", "admintesteg.test.result.skipped.nogroup"); UIMessage.make(tests1b, "test_runtime", "admintesteg.test.runtime.message", new Object[] { 0 + "" }); } else { startTime = new Date().getTime(); s = evalGroupsProvider.getUserIdsForEvalGroups(new String[] { evalGroupId }, EvalGroupsProvider.PERM_TAKE_EVALUATION); UIOutput.make(tests1b, "test_result", collectionToString(s)); total = new Date().getTime() - startTime; UIMessage.make(tests1b, "test_runtime", "admintesteg.test.runtime.message", new Object[] { new Long(total) }); } UIBranchContainer tests2 = UIBranchContainer.make(tofill, "tests_list:", "countUserIdsForEvalGroups.PERM_BE_EVALUATED"); UIOutput.make(tests2, "test_method", tests2.localID); if (evalGroupId == null) { UIMessage.make(tests2, "test_result", "admintesteg.test.result.skipped.nogroup"); UIMessage.make(tests2, "test_runtime", "admintesteg.test.runtime.message", new Object[] { 0 + "" }); } else { startTime = new Date().getTime(); int count = evalGroupsProvider.countUserIdsForEvalGroups(new String[] { evalGroupId }, EvalGroupsProvider.PERM_BE_EVALUATED); UIOutput.make(tests2, "test_result", count + ""); total = new Date().getTime() - startTime; UIMessage.make(tests2, "test_runtime", "admintesteg.test.runtime.message", new Object[] { new Long(total) }); } UIBranchContainer tests2b = UIBranchContainer.make(tofill, "tests_list:", "countUserIdsForEvalGroups.PERM_TAKE_EVALUATION"); UIOutput.make(tests2b, "test_method", tests2b.localID); if (evalGroupId == null) { UIMessage.make(tests2b, "test_result", "admintesteg.test.result.skipped.nogroup"); UIMessage.make(tests2b, "test_runtime", "admintesteg.test.runtime.message", new Object[] { 0 + "" }); } else { startTime = new Date().getTime(); int count = evalGroupsProvider.countUserIdsForEvalGroups(new String[] { evalGroupId }, EvalGroupsProvider.PERM_TAKE_EVALUATION); UIOutput.make(tests2b, "test_result", count + ""); total = new Date().getTime() - startTime; UIMessage.make(tests2b, "test_runtime", "admintesteg.test.runtime.message", new Object[] { new Long(total) }); } UIBranchContainer tests3 = UIBranchContainer.make(tofill, "tests_list:", "getEvalGroupsForUser.PERM_BE_EVALUATED"); UIOutput.make(tests3, "test_method", tests3.localID); startTime = new Date().getTime(); l = evalGroupsProvider.getEvalGroupsForUser(userId, EvalGroupsProvider.PERM_BE_EVALUATED); UIOutput.make(tests3, "test_result", collectionToString(l)); total = new Date().getTime() - startTime; UIMessage.make(tests3, "test_runtime", "admintesteg.test.runtime.message", new Object[] { new Long(total) }); UIBranchContainer tests3b = UIBranchContainer.make(tofill, "tests_list:", "getEvalGroupsForUser.PERM_TAKE_EVALUATION"); UIOutput.make(tests3b, "test_method", tests3b.localID); startTime = new Date().getTime(); l = evalGroupsProvider.getEvalGroupsForUser(userId, EvalGroupsProvider.PERM_TAKE_EVALUATION); UIOutput.make(tests3b, "test_result", collectionToString(l)); total = new Date().getTime() - startTime; UIMessage.make(tests3b, "test_runtime", "admintesteg.test.runtime.message", new Object[] { new Long(total) }); UIBranchContainer tests4 = UIBranchContainer.make(tofill, "tests_list:", "countEvalGroupsForUser.PERM_BE_EVALUATED"); UIOutput.make(tests4, "test_method", tests4.localID); startTime = new Date().getTime(); int count4 = evalGroupsProvider.countEvalGroupsForUser(userId, EvalGroupsProvider.PERM_BE_EVALUATED); UIOutput.make(tests4, "test_result", count4 + ""); total = new Date().getTime() - startTime; UIMessage.make(tests4, "test_runtime", "admintesteg.test.runtime.message", new Object[] { new Long(total) }); UIBranchContainer tests4b = UIBranchContainer.make(tofill, "tests_list:", "countEvalGroupsForUser.PERM_TAKE_EVALUATION"); UIOutput.make(tests4b, "test_method", tests4b.localID); startTime = new Date().getTime(); int count4b = evalGroupsProvider.countEvalGroupsForUser(userId, EvalGroupsProvider.PERM_TAKE_EVALUATION); UIOutput.make(tests4b, "test_result", count4b + ""); total = new Date().getTime() - startTime; UIMessage.make(tests4b, "test_runtime", "admintesteg.test.runtime.message", new Object[] { new Long(total) }); UIBranchContainer tests5 = UIBranchContainer.make(tofill, "tests_list:", "getGroupByGroupId"); UIOutput.make(tests5, "test_method", tests5.localID); if (evalGroupId == null) { UIMessage.make(tests5, "test_result", "admintesteg.test.result.skipped.nogroup"); UIMessage.make(tests5, "test_runtime", "admintesteg.test.runtime.message", new Object[] { 0 + "" }); } else { startTime = new Date().getTime(); EvalGroup result5 = evalGroupsProvider.getGroupByGroupId(evalGroupId); UIOutput.make(tests5, "test_result", result5.toString()); total = new Date().getTime() - startTime; UIMessage.make(tests5, "test_runtime", "admintesteg.test.runtime.message", new Object[] { new Long(total) }); } UIBranchContainer tests6 = UIBranchContainer.make(tofill, "tests_list:", "isUserAllowedInGroup.PERM_BE_EVALUATED"); UIOutput.make(tests6, "test_method", tests6.localID); if (evalGroupId == null) { UIMessage.make(tests6, "test_result", "admintesteg.test.result.skipped.nogroup"); UIMessage.make(tests6, "test_runtime", "admintesteg.test.runtime.message", new Object[] { 0 + "" }); } else { startTime = new Date().getTime(); boolean result = evalGroupsProvider.isUserAllowedInGroup(userId, EvalGroupsProvider.PERM_BE_EVALUATED, evalGroupId); UIOutput.make(tests6, "test_result", result + ""); total = new Date().getTime() - startTime; UIMessage.make(tests6, "test_runtime", "admintesteg.test.runtime.message", new Object[] { new Long(total) }); } UIBranchContainer tests6b = UIBranchContainer.make(tofill, "tests_list:", "isUserAllowedInGroup.PERM_TAKE_EVALUATION"); UIOutput.make(tests6b, "test_method", tests6b.localID); if (evalGroupId == null) { UIMessage.make(tests6b, "test_result", "admintesteg.test.result.skipped.nogroup"); UIMessage.make(tests6b, "test_runtime", "admintesteg.test.runtime.message", new Object[] { 0 + "" }); } else { startTime = new Date().getTime(); boolean result = evalGroupsProvider.isUserAllowedInGroup(userId, EvalGroupsProvider.PERM_TAKE_EVALUATION, evalGroupId); UIOutput.make(tests6b, "test_result", result + ""); total = new Date().getTime() - startTime; UIMessage.make(tests6b, "test_runtime", "admintesteg.test.runtime.message", new Object[] { new Long(total) }); } }
From source file:at.tfr.securefs.xnio.MessageHandlerImpl.java
@Override public void handleMessage(String json, MessageSender messageSender) throws IOException { log.debug("handleMessage: " + json); final Message message = objectMapper.readValue(json, Message.class); Path path = configuration.getBasePath().resolve(message.getPath()); if (!path.relativize(configuration.getBasePath()).toString().equals("..")) { throw new SecurityException("invalid path spec: " + message.getPath()); }/*w ww . j av a2 s .co m*/ try { final String uniqueKey = message.getUniqueKey(); // find the Channel for this data stream: StreamInfo<ChannelPipe<StreamSourceChannel, StreamSinkChannel>> info = activeStreams.getStreams() .get(uniqueKey); if (message.getType() == MessageType.OPEN && info != null) { log.warn("illegal state on Open stream: " + message); IoUtils.safeClose(info.getStream().getRightSide()); messageSender.send(new Message(MessageType.ERROR, message.getPath()).key(uniqueKey)); } switch (message.getType()) { case ERROR: log.info("error from Client: " + json); case CLOSE: { if (info != null) { IoUtils.safeClose(info.getStream().getRightSide()); } } break; case OPEN: { switch (message.getSubType()) { case READ: { final InputStream is = Files.newInputStream(path, StandardOpenOption.READ); final InputStream cis = new CipherInputStream(is, getCipher(message, Cipher.DECRYPT_MODE)); final ChannelPipe<StreamSourceChannel, StreamSinkChannel> pipe = xnioWorker .createHalfDuplexPipe(); pipe.getLeftSide().getReadSetter().set(new SecureChannelWriterBase(message) { @Override protected void write(Message message) { try { messageSender.send(message); } catch (Exception e) { log.warn("cannot write message=" + message + " : " + e, e); } } }); pipe.getLeftSide().getCloseSetter().set(new ChannelListener<StreamSourceChannel>() { @Override public void handleEvent(StreamSourceChannel channel) { activeStreams.getStreams().remove(uniqueKey); messageSender.send(new Message(MessageType.CLOSE, message.getPath()).key(uniqueKey)); } }); pipe.getRightSide().getWriteSetter().set(new ChannelListener<StreamSinkChannel>() { private byte[] bytes = new byte[Constants.BUFFER_SIZE]; @Override public void handleEvent(StreamSinkChannel channel) { try { int count = 0; while ((count = cis.read(bytes, 0, bytes.length)) > 0) { if (count > 0) { Channels.writeBlocking(pipe.getRightSide(), ByteBuffer.wrap(bytes, 0, count)); } if (count < 0) { pipe.getRightSide().close(); } else { channel.resumeWrites(); } } } catch (Exception e) { log.warn("cannot read from cypher: " + e, e); IoUtils.safeClose(channel); } } }); activeStreams.getStreams().put(uniqueKey, new StreamInfo<ChannelPipe<StreamSourceChannel, StreamSinkChannel>>(pipe, message.getPath())); // start sending data: pipe.getLeftSide().resumeReads(); pipe.getRightSide().resumeWrites(); } break; case WRITE: { Files.createDirectories(path.getParent()); OutputStream os = Files.newOutputStream(path, StandardOpenOption.CREATE, StandardOpenOption.TRUNCATE_EXISTING, StandardOpenOption.WRITE); OutputStream cos = new CipherOutputStream(os, getCipher(message, Cipher.ENCRYPT_MODE)); ChannelPipe<StreamSourceChannel, StreamSinkChannel> pipe = xnioWorker.createHalfDuplexPipe(); pipe.getLeftSide().getReadSetter().set(new SecureChannelReaderBase() { @Override public void handleEvent(StreamSourceChannel channel) { readChannel(message, cos, pipe, channel); } }); pipe.getLeftSide().getCloseSetter().set(new SecureChannelReaderBase() { @Override public void handleEvent(StreamSourceChannel channel) { try { cos.close(); activeStreams.getStreams().remove(pipe.toString()); messageSender .send(new Message(MessageType.CLOSE, message.getPath()).key(uniqueKey)); log.info("closed channel: " + pipe.toString()); } catch (IOException e) { log.warn("cannot close stream: message=" + message + " : " + e, e); } } }); activeStreams.getStreams().put(uniqueKey, new StreamInfo<ChannelPipe<StreamSourceChannel, StreamSinkChannel>>(pipe, message.getPath())); // start receiving data: pipe.getLeftSide().resumeReads(); } break; default: messageSender.send(new Message(MessageType.ERROR, message.getPath()).key(uniqueKey)); break; } } break; case DATA: { if (info != null) { Channels.writeBlocking(info.getStream().getRightSide(), ByteBuffer.wrap(message.getBytes())); } else { messageSender.send(new Message(MessageType.ERROR, message.getPath()).key(uniqueKey)); } } break; } } catch (IOException e) { log.warn("cannot handle message: " + message + " : " + e, e); throw e; } catch (Exception e) { log.warn("cannot handle message: " + message + " : " + e, e); throw new IOException("cannot handle message: " + message + " : " + e, e); } }
From source file:SecurityManagerTest.java
public void checkRead(String filename, Object executionContext) { if (!accessOK()) throw new SecurityException("Forget It!"); }
From source file:com.glaf.core.security.SecurityUtils.java
/** * DES/*from w w w .j a v a2 s. com*/ * * @param data * * @param key * ???8? * @return ? */ public static String encode(String key, String data) { if (data == null) { return null; } try { DESKeySpec dks = new DESKeySpec(key.getBytes()); SecretKeyFactory keyFactory = SecretKeyFactory.getInstance("DES"); // key??8? Key secretKey = keyFactory.generateSecret(dks); Cipher cipher = Cipher.getInstance(ALGORITHM_DES); IvParameterSpec iv = new IvParameterSpec("12345678".getBytes()); AlgorithmParameterSpec paramSpec = iv; cipher.init(Cipher.ENCRYPT_MODE, secretKey, paramSpec); byte[] bytes = cipher.doFinal(data.getBytes()); return byte2hex(bytes); } catch (Exception ex) { throw new SecurityException(ex); } }
From source file:no.digipost.api.EbmsReferenceExtractor.java
private List<String> getHrefsToInclude(final SoapMessage message) { Iterator<SoapHeaderElement> soapHeaderElementIterator = message.getSoapHeader() .examineHeaderElements(Constants.MESSAGING_QNAME); if (!soapHeaderElementIterator.hasNext()) { throw new SecurityException("Missing ebMS Messaging header"); }/*from w w w . j a v a 2s. c o m*/ SoapHeaderElement incomingSoapHeaderElement = soapHeaderElementIterator.next(); Messaging messaging = (Messaging) jaxb2Marshaller.unmarshal(incomingSoapHeaderElement.getSource()); if (messaging.getUserMessages().size() == 0) { return new ArrayList<String>(); } UserMessage userMessage = messaging.getUserMessages().get(0); List<String> hrefs = new ArrayList<String>(); for (PartInfo part : userMessage.getPayloadInfo().getPartInfos()) { String href = part.getHref(); if (href == null) { String attributeValue = message.getSoapBody().getAttributeValue(Constants.ID_ATTRIBUTE_QNAME); if (StringUtils.isBlank(attributeValue)) { throw new SecurityException("Missing reference for partInfo soapBody"); } href = "#" + attributeValue; } hrefs.add(href); } return hrefs; }
From source file:cn.newgxu.lab.info.controller.NoticeController.java
@RequestMapping(value = "/notices/{notice_id}", method = RequestMethod.GET) public String get(Model model, HttpSession session, @PathVariable("notice_id") long id, @RequestParam(value = "modifying", required = false) boolean modifying) { Notice notice = noticeService.view(id); model.addAttribute("notice", notice); if (modifying) { AuthorizedUser user = checkLogin(session); if (!notice.getUser().equals(user)) { throw new SecurityException("???"); }/*from w w w . j a va 2s . c o m*/ return Config.APP + "/notice_modifying"; } return Config.APP + "/notice"; }