List of usage examples for javax.servlet.http HttpServletResponse SC_FORBIDDEN
int SC_FORBIDDEN
To view the source code for javax.servlet.http HttpServletResponse SC_FORBIDDEN.
Click Source Link
From source file:biz.taoconsulting.dominodav.methods.LOCK.java
/** * (non-Javadoc)/*from w ww . j a va2 s . c o m*/ * * @see biz.taoconsulting.dominodav.methods.AbstractDAVMethod#action() */ protected void action() { // uri is the unique identifier on the host includes servlet and // repository but not server LockInfo li = null; int status = HttpServletResponse.SC_OK; // We presume success String curURI = (String) this.getHeaderValues().get("uri"); LockManager lm = this.getLockManager(); HttpServletRequest req = this.getReq(); HttpServletResponse res = this.getResp(); String lockrequestorName = this.getOwnerFromXMLLockRequest(req); IDAVResource resource = null; Long TimeOutValue = this.getTimeOutValue(req); String relockToken = this.getRelockToken(req); // Get the resource to lock // Populates the resource and set status resource = this.getResourceToLock(curURI); try { curURI = java.net.URLDecoder.decode(curURI, "UTF-8"); } catch (Exception e) { } // One can't lock a readonly resource if (resource == null || resource.isReadOnly()) { status = HttpServletResponse.SC_FORBIDDEN; // Client can't lock this } else if (relockToken != null) { li = lm.relock(resource, relockToken, TimeOutValue); if (li == null) { String eString = "Relock failed for " + relockToken + " for " + lockrequestorName; LOGGER.debug(eString); this.setErrorMessage(eString, 412); // Precondition failed status = 412; } else { LOGGER.debug("successful relock for " + relockToken + ", new Token:" + li.getToken()); status = HttpServletResponse.SC_OK; } } else { li = lm.lock(resource, lockrequestorName, TimeOutValue); if (li == null) { String eString = "Lock failed for " + lockrequestorName + " and " + curURI; LOGGER.debug(eString); // Locked by someone else this.setErrorMessage(eString, 423); // Locked by someone else status = 423; } else { LOGGER.debug("Lock successful:" + curURI + " for " + lockrequestorName); status = HttpServletResponse.SC_OK; } } // Status of the request this.setHTTPStatus(status); if (status < 400) { // 400 and 500 determine failure! res.addHeader("Lock-Token", "<" + li.getToken() + ">"); // Render the XML response this.writeLockResponseXML(res, li); } }
From source file:org.jboss.as.test.integration.web.security.servlet.methods.DenyUncoveredHttpMethodsTestCase.java
@Test public void testPutMethod() throws Exception { HttpPut httpPut = new HttpPut(getURL()); HttpResponse response = getHttpResponse(httpPut); assertThat(statusCodeOf(response), is(HttpServletResponse.SC_FORBIDDEN)); }
From source file:org.musicrecital.webapp.pages.Signup.java
@Log Object onSuccess() throws UserExistsException, IOException { try {/* w w w . j a va 2s . c o m*/ user = userManager.saveUser(user); } catch (AccessDeniedException ade) { // thrown by UserSecurityAdvice configured in aop:advisor logger.warn(ade.getMessage()); return new HttpError(HttpServletResponse.SC_FORBIDDEN, "Resource not available"); } catch (UserExistsException e) { // TODO #1: FIXME: only username should be highlighted.. move to onValidate()? alertManager.error(messages.format("errors.existing.user", user.getUsername(), user.getEmail())); // redisplay the unencrypted passwords user.setPassword(user.getConfirmPassword()); //TODO: somehow returning current page doesn't work //return this; response.sendRedirect("signup"); return null; } // log user in automatically securityContext.login(user); // Send user an e-mail logger.debug(String.format("Sending user '%s' an account information e-mail", user.getUsername())); try { String msg = messages.get("signup.email.message"); String subject = messages.get("signup.email.subject"); emailService.send(user, subject, msg, RequestUtil.getAppURL(request), false); } catch (MailException me) { request.getSession(true).setAttribute("error", me.getMostSpecificCause().getMessage()); } alertManager.alert(Duration.TRANSIENT, Severity.INFO, messages.get("user.registered")); return Home.class; }
From source file:com.oneops.cms.ws.rest.DpmtRestController.java
@ExceptionHandler(CmsSecurityException.class) public void handleCmsSecurityException(CmsSecurityException e, HttpServletResponse response) throws IOException { logger.error("handle CmsSecurityException", e); sendError(response, HttpServletResponse.SC_FORBIDDEN, e); }
From source file:eu.trentorise.smartcampus.permissionprovider.controller.BasicProfileController.java
@RequestMapping(method = RequestMethod.GET, value = "/basicprofile/me") public @ResponseBody BasicProfile findProfile(HttpServletResponse response) throws IOException { try {// www. ja v a 2s . c o m Long user = getUserId(); if (user == null) { response.setStatus(HttpServletResponse.SC_FORBIDDEN); return null; } return profileManager.getBasicProfileById(user.toString()); } catch (Exception e) { response.setStatus(HttpServletResponse.SC_INTERNAL_SERVER_ERROR); return null; } }
From source file:aiai.ai.launchpad.server.ServerController.java
@PostMapping("/rest-anon/srv") public ExchangeData processRequestAnon(HttpServletResponse response, @RequestBody ExchangeData data, HttpServletRequest request) throws IOException { log.debug("processRequestAnon(), globals.isSecureRestUrl: {}, data: {}", globals.isSecureRestUrl, data); if (globals.isSecureRestUrl) { response.sendError(HttpServletResponse.SC_FORBIDDEN); return null; }//from w ww . j a va 2s. c o m return serverService.processRequest(data, request.getRemoteAddr()); }
From source file:org.shredzone.cilla.view.MediaView.java
/** * Shows the full view of a medium for the given page. *//*w ww .j a v a2 s.c o m*/ @Framed @View(pattern = "/page/${page.id}/show/${#name}", name = "showPreview") public String mediumFullView(@PathPart("page.id") Page page, @PathPart("#name") String name, HttpServletRequest req, HttpServletResponse resp) throws ViewException { if (!pageService.isVisible(page)) { throw new ErrorResponseException(HttpServletResponse.SC_FORBIDDEN); } Medium media = mediaDao.fetchByName(page, name); if (media == null) { throw new PageNotFoundException(); } req.setAttribute("page", page); req.setAttribute("media", media); return "view/media.jsp"; }
From source file:edu.usu.sdl.openstorefront.web.action.LoginAction.java
@DefaultHandler public Resolution loginHandler() { gotoPage = (String) getContext().getRequest().getSession() .getAttribute(ShiroAdjustedFilter.REFERENCED_FILTER_URL_ATTRIBUTE); Subject currentUser = SecurityUtils.getSubject(); if (currentUser.isAuthenticated()) { if (StringUtils.isNotBlank(gotoPage)) { if (gotoPage.toLowerCase().startsWith("http")) { return new RedirectResolution(gotoPage, false); } else { return new RedirectResolution(gotoPage); }/*w w w . j a v a 2 s . c om*/ } return new RedirectResolution("/"); } if (HeaderRealm.isUsingHeaderRealm()) { Resolution resolution; if (HeaderRealm.handleHeaderLogin(getContext().getRequest())) { resolution = handleLoginRedirect(); } else { log.log(Level.SEVERE, "Check configuration; Unable to login user using header realm"); resolution = new ErrorResolution(HttpServletResponse.SC_FORBIDDEN, "Unable to access system."); } if (resolution != null) { return resolution; } } getContext().getRequest().getSession().setAttribute(ShiroAdjustedFilter.REFERENCED_URL_ATTRIBUTE, gotoPage); return new ForwardResolution("/login.jsp").addParameter("gotoPage", gotoPage); }
From source file:ejportal.webapp.action.SignupAction.java
/** * Save the user, encrypting their passwords if necessary. * // w w w . ja v a 2 s . com * @return success when good things happen * @throws Exception * when bad things happen */ public String save() throws Exception { this.user.setEnabled(true); // Set the default user role on this new user // user.addRole(roleManager.getRole(Constants.USER_ROLE)); // TODO hier geaendert -- evtl nicht so schoen this.user.addRole(this.roleManager.getRole("ROLE_EXTERN")); try { this.userManager.saveUser(this.user); } catch (final AccessDeniedException ade) { // thrown by UserSecurityAdvice configured in aop:advisor // userManagerSecurity this.log.warn(ade.getMessage()); this.getResponse().sendError(HttpServletResponse.SC_FORBIDDEN); return null; } catch (final UserExistsException e) { this.log.warn(e.getMessage()); final List<Object> args = new ArrayList<Object>(); args.add(this.user.getUsername()); args.add(this.user.getEmail()); this.addActionError(this.getText("errors.existing.user", args)); // redisplay the unencrypted passwords this.user.setPassword(this.user.getConfirmPassword()); return Action.INPUT; } this.saveMessage(this.getText("user.registered")); this.getSession().setAttribute(Constants.REGISTERED, Boolean.TRUE); // log user in automatically final UsernamePasswordAuthenticationToken auth = new UsernamePasswordAuthenticationToken( this.user.getUsername(), this.user.getConfirmPassword(), this.user.getAuthorities()); auth.setDetails(this.user); SecurityContextHolder.getContext().setAuthentication(auth); // Send an account information e-mail this.mailMessage.setSubject(this.getText("signup.email.subject")); try { this.sendUserMessage(this.user, this.getText("signup.email.message"), RequestUtil.getAppURL(this.getRequest())); } catch (final MailException me) { this.addActionError(me.getMostSpecificCause().getMessage()); } return Action.SUCCESS; }
From source file:ejportal.webapp.interceptor.UserRoleAuthorizationInterceptor.java
/** * Handle a request that is not authorized according to this interceptor. * Default implementation sends HTTP status code 403 ("forbidden"). * /*from w w w. j a v a2 s . c om*/ * <p> * This method can be overridden to write a custom message, forward or * redirect to some error page or login page, or throw a ServletException. * * @param request * current HTTP request * @param response * current HTTP response * @throws ServletException * the servlet exception * @throws IOException * Signals that an I/O exception has occurred. */ protected void handleNotAuthorized(final HttpServletRequest request, final HttpServletResponse response) throws ServletException, IOException { response.sendError(HttpServletResponse.SC_FORBIDDEN); }