Example usage for javax.servlet.http HttpServletResponse SC_FORBIDDEN

List of usage examples for javax.servlet.http HttpServletResponse SC_FORBIDDEN

  1. HOME
  2. Java
  3. javax
  4. javax.servlet.http.*
  5. HttpServletResponse
  6. SC_FORBIDDEN

Introduction

In this page you can find the example usage for javax.servlet.http HttpServletResponse SC_FORBIDDEN.

Prototype

int SC_FORBIDDEN

To view the source code for javax.servlet.http HttpServletResponse SC_FORBIDDEN.

Click Source Link

Document

Status code (403) indicating the server understood the request but refused to fulfill it.

Usage

From source file:edu.emory.cci.aiw.cvrg.eureka.servlet.filter.HaveUserRecordFilter.java

private void sendForbiddenError(HttpServletResponse servletResponse, HttpServletRequest servletRequest,
        boolean created) throws IOException {
    if (this.properties.isRegistrationEnabled()) {
        servletResponse.setStatus(HttpServletResponse.SC_FORBIDDEN);
        if (created) {
            servletResponse.sendRedirect(servletRequest.getContextPath() + "/logout?awaitingActivation=true");
        } else {/*from   w  w w. j a v a2  s .  co m*/
            servletResponse.sendRedirect(servletRequest.getContextPath() + "/logout?notRegistered=true");
        }
    } else {
        servletResponse.sendError(HttpServletResponse.SC_FORBIDDEN);
    }
}

From source file:com.ayu.filter.CheckFilter.java

/**
 * @see Filter#doFilter(ServletRequest, ServletResponse, FilterChain)
 *///from  www .j ava  2 s. c  o m
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
        throws IOException, ServletException {
    HttpServletRequest req = (HttpServletRequest) request;
    HttpServletResponse res = (HttpServletResponse) response;
    String str = req.getHeader("X-FORWARDED-FOR");
    if (str == null) {
        str = request.getRemoteAddr();
    }
    if (req.getServletContext().getAttribute("regService") == null) {
        req.getServletContext().setAttribute("regService", regService);
    }
    if (lruCache.map.isEmpty()) {
        //System.out.println("It is empty");
        lruCache.map.put(str, new Timer(db.time));
        chain.doFilter(request, response);
    }
    if (lruCache.map.containsKey(str)) {
        t = lruCache.map.get(str);
        t.count++;
        lruCache.map.put(str, t);
    } else {
        lruCache.map.put(str, new Timer(db.time));
    }
    /**
    for (Map.Entry<String,Timer> e : lruCache.getAll()){
    if(e.getKey().equals(str))
    {   
       t = e.getValue();
       e.getValue().count++;
       lruCache.map.put(str,t);
               
               
    }
    else
    {
       if(lruCache.map.containsKey(str))
       {
          t1 = lruCache.map.get(str);
          t1.count++;
          lruCache.map.put(str,t1);
       }
       else{
       //lruCache.map.remove(e.getKey());
       lruCache.map.put(str,new Timer());
       }
    }
            
    }**/
    if (t.count > timer) {
        time = System.currentTimeMillis();
        //System.out.println(t.check(time)+"1");   
        if (t.check(time) == true) { //System.out.println("OK");
            if (req.getServletContext().getAttribute(str) == null) {

                req.getServletContext().setAttribute(str, str);
                regService.registerUser(str, new Date().toString(), "DDOS  Attacks", "test");
                regService.camCall(str);
                regService.sendSSLMail("An Attack Has Occured.Please Check your System for DDOS attacks",
                        "clouddefenceids@gmail.com");
                lruCache.map.put(str, new Timer(db.time));
                //System.out.println((String) req.getServletContext().getAttribute("IP"));
                //System.out.println(t.check(time)+"2");   
                res.sendError(HttpServletResponse.SC_FORBIDDEN, "You Are Perceived as a Threat");
            } else {
                /*regService.registerUser(str,new Date().toString());
                lruCache.map.put(str,new Timer(db.time));//This will add to database even if it attacked even once.. So not reqd to save resources as attacker is in DB */
                chain.doFilter(request, response);
            }
        } else if (t.check(time) == false) {
            //System.out.println("Not Ok");
            //System.out.println(t.check(time)+"3");   
            lruCache.map.put(str, new Timer(db.time));
            //System.out.println(new Timer().count);
            chain.doFilter(request, response);
        }

    } else {
        //System.out.println(t.check(time)+"4");   
        // pass the request along the filter chain
        chain.doFilter(request, response);
    }

}

From source file:com.haulmont.cuba.restapi.DataServiceController.java

@RequestMapping(value = "/api/find.{type}", method = RequestMethod.GET)
public void find(@PathVariable String type, @RequestParam(value = "e") String entityRef,
        @RequestParam(value = "s") String sessionId,
        @RequestParam(value = "dynamicAttributes", required = false) Boolean dynamicAttributes,
        HttpServletRequest request, HttpServletResponse response)
        throws IOException, InvocationTargetException, NoSuchMethodException, IllegalAccessException {

    if (!connect(sessionId, response))
        return;//from   w  w  w . java  2s . co m

    try {
        EntityLoadInfo loadInfo = EntityLoadInfo.parse(entityRef);
        if (loadInfo == null) {
            response.sendError(HttpServletResponse.SC_BAD_REQUEST);
            return;
        }
        MetaClass metaClass = loadInfo.getMetaClass();
        if (!readPermitted(metaClass)) {
            response.sendError(HttpServletResponse.SC_FORBIDDEN);
            return;
        }

        Object objectId = loadInfo.getId();

        LoadContext loadCtx = new LoadContext(metaClass);
        loadCtx.setLoadDynamicAttributes(Boolean.TRUE.equals(dynamicAttributes));
        loadCtx.setId(objectId);
        if (loadInfo.getViewName() != null) {
            loadCtx.setView(loadInfo.getViewName());
        } else {
            View view = metadata.getViewRepository().getView(metaClass, View.LOCAL);
            loadCtx.setView(new View(view, "local-with-system-props", true));
        }

        Entity entity = dataService.load(loadCtx);
        if (entity == null) {
            response.setStatus(HttpServletResponse.SC_NOT_FOUND);
        } else {
            Converter converter = conversionFactory.getConverter(type);
            String result = converter.process(entity, metaClass, loadCtx.getView());
            writeResponse(response, result, converter.getMimeType());
        }
    } catch (Throwable e) {
        sendError(request, response, e);
    } finally {
        authentication.end();
    }
}

From source file:org.shredzone.cilla.view.HeaderView.java

/**
 * Streams the header image.//  www.j ava 2 s .  c o m
 */
@View(pattern = "/header/image/${header.id}-${#type}.${#suffix(header.headerImage.contentType)}")
@View(pattern = "/header/image/${header.id}.${#suffix(header.headerImage.contentType)}")
public void headerImageView(@PathPart("header.id") Header header, @Optional @PathPart("#type") String type,
        HttpServletRequest req, HttpServletResponse resp) throws ViewException, CillaServiceException {
    if (!headerService.isVisible(header)) {
        throw new ErrorResponseException(HttpServletResponse.SC_FORBIDDEN);
    }

    ImageProcessing ip = null;
    if (type != null) {
        ip = imageProcessingManager.createImageProcessing(type);
        if (ip == null) {
            throw new ErrorResponseException(HttpServletResponse.SC_NOT_FOUND);
        }
    }

    ResourceDataSource ds = headerService.getHeaderImage(header, ip);
    streamDataSource(ds, req, resp);
}

From source file:de.mpg.imeji.presentation.upload.UploadServlet.java

/**
 * {@inheritDoc}// w w  w .  j a  v  a 2 s .  co  m
 */
@Override
protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
    final UploadItem upload = doUpload(req);
    final SessionBean session = getSession(req);
    final String uploadId = req.getParameter("uploadId");
    final License license = getLicense(upload);
    try {
        final User user = getUser(req, session);
        final CollectionImeji col = retrieveCollection(req, user);
        if (!StringHelper.isNullOrEmptyTrim(uploadId)) {
            itemService.uploadToStaging(uploadId, upload.getFile(), upload.getFilename(), col, user);
        } else {
            Item item = ImejiFactory.newItem(col);
            item.setLicenses(Arrays.asList(license));
            itemService.createWithFile(item, upload.getFile(), upload.getFilename(), col, user);
        }
        writeResponse(resp, "");
    } catch (final AuthenticationError e) {
        writeResponse(resp, e.getMessage());
        resp.setStatus(HttpServletResponse.SC_FORBIDDEN);
    } catch (final ImejiException e) {
        LOGGER.error("Error uploading File", e);
        writeResponse(resp, e.getMessage());
        resp.setStatus(HttpServletResponse.SC_INTERNAL_SERVER_ERROR);
    }
}

From source file:com.acmeair.web.RESTCookieSessionFilter.java

@Override
public void doFilter(ServletRequest req, ServletResponse resp, FilterChain chain)
        throws IOException, ServletException {
    try {/*from w w w .  j  av a 2s.  c o  m*/
        HttpServletRequest request = (HttpServletRequest) req;
        HttpServletResponse response = (HttpServletResponse) resp;

        String path = request.getContextPath() + request.getServletPath() + request.getPathInfo();
        // The following code is to ensure that OG is always set on the thread
        try {
            TransactionService txService = getTxService();
            if (txService != null)
                txService.prepareForTransaction();
        } catch (Exception e) {
            e.printStackTrace();
        }
        // could do .startsWith for now, but plan to move LOGOUT to its own REST interface eventually
        if (path.endsWith(LOGIN_PATH) || path.endsWith(LOGOUT_PATH)) {
            // if logging in, let the request flow
            chain.doFilter(req, resp);
            return;
        }

        Cookie cookies[] = request.getCookies();
        Cookie sessionCookie = null;
        if (cookies != null) {
            for (Cookie c : cookies) {
                if (c.getName().equals(LoginREST.SESSIONID_COOKIE_NAME)) {
                    sessionCookie = c;
                }
                if (sessionCookie != null)
                    break;
            }
            String sessionId = "";
            if (sessionCookie != null) // We need both cookie to work
                sessionId = sessionCookie.getValue().trim();
            else {
                log.info("falling through with a sessionCookie break, but it was null");
            }
            // did this check as the logout currently sets the cookie value to "" instead of aging it out
            // see comment in LogingREST.java
            if (sessionId.equals("")) {
                log.info("sending SC_FORBIDDEN due to empty session cookie");
                response.sendError(HttpServletResponse.SC_FORBIDDEN);
                return;
            }
            // Need the URLDecoder so that I can get @ not %40
            ValidateTokenCommand validateCommand = new ValidateTokenCommand(sessionId);
            CustomerSession cs = validateCommand.execute();
            if (cs != null) {
                request.setAttribute(LOGIN_USER, cs.getCustomerid());
                chain.doFilter(req, resp);
                return;
            } else {
                log.info("sending SC_FORBIDDEN due  to validateCommand returning null");
                response.sendError(HttpServletResponse.SC_FORBIDDEN);
                return;
            }
        }

        // if we got here, we didn't detect the session cookie, so we need to return 403
        log.info("sending SC_FORBIDDEN due finding no sessionCookie");
        response.sendError(HttpServletResponse.SC_FORBIDDEN);
    } catch (Exception e) {
        e.printStackTrace(System.out);
    }
}

From source file:org.openmrs.module.openhmis.cashier.web.controller.ReceiptController.java

private boolean validateBill(Integer billId, Bill bill, HttpServletResponse response) throws IOException {
    if (bill == null) {
        response.sendError(HttpServletResponse.SC_NOT_FOUND,
                "Could not find bill with bill Id '" + billId + "'");

        return false;
    }/*from   ww w.j  av a2 s .  co m*/

    if (bill.isReceiptPrinted() && !Context.hasPrivilege(PrivilegeConstants.REPRINT_RECEIPT)) {
        if (StringUtils.isEmpty(bill.getReceiptNumber())) {
            response.sendError(HttpServletResponse.SC_FORBIDDEN,
                    "You do not have permission to reprint receipt '" + bill.getReceiptNumber() + "'");
        } else {
            response.sendError(HttpServletResponse.SC_FORBIDDEN,
                    "You do not have permission to reprint bill '" + billId + "'");
        }

        return false;
    }

    return true;
}

From source file:com.hp.autonomy.frontend.find.hod.view.HodViewController.java

@ExceptionHandler
public ModelAndView hodAuthenticationFailedException(final HodAuthenticationFailedException e,
        final HttpServletRequest request, final HttpServletResponse response) {
    response.reset();//  ww w  . j  a v  a  2 s  . co m
    response.setStatus(HttpServletResponse.SC_FORBIDDEN);

    log.error("HodAuthenticationFailedException thrown while viewing document", e);

    return controllerUtils.buildErrorModelAndView(new ErrorModelAndViewInfo.Builder().setRequest(request)
            .setMainMessageCode(HOD_ERROR_MESSAGE_CODE_MAIN)
            .setSubMessageCode(HOD_ERROR_MESSAGE_CODE_TOKEN_EXPIRED)
            .setStatusCode(HttpServletResponse.SC_FORBIDDEN).setAuthError(true).build());
}

From source file:contestWebsite.EditRegistration.java

@Override
public void doGet(HttpServletRequest req, HttpServletResponse resp) throws IOException {
    VelocityEngine ve = new VelocityEngine();
    ve.setProperty(RuntimeConstants.FILE_RESOURCE_LOADER_PATH, "html/pages, html/snippets");
    ve.init();/*www .  jav  a2s  .  c  o  m*/
    VelocityContext context = new VelocityContext();
    Pair<Entity, UserCookie> infoAndCookie = init(context, req);

    UserCookie userCookie = infoAndCookie.y;
    boolean loggedIn = (boolean) context.get("loggedIn");

    if (loggedIn && userCookie.isAdmin()) {
        DatastoreService datastore = DatastoreServiceFactory.getDatastoreService();
        Key key = KeyFactory.createKey("registration", Long.parseLong(req.getParameter("key")));
        try {
            Entity registration = datastore.get(key);
            Map<String, Object> props = registration.getProperties();

            String[] propNames = { "schoolName", "name", "email", "paid", "classification", "studentData",
                    "schoolLevel" };
            for (String propName : propNames) {
                context.put(propName, props.get(propName));
            }

            context.put("account", "yes".equals(props.get("account")));
            context.put("studentData", ((Text) props.get("studentData")).getValue());
            context.put("coach".equals(props.get("registrationType")) ? "coach" : "student", true);

            Entity contestInfo = infoAndCookie.x;
            context.put("price", contestInfo.getProperty("price"));
            context.put("key", key);
            context.put("levels", contestInfo.getProperty("levels"));
            context.put("Level", Level.class);

            close(context, ve.getTemplate("editRegistration.html"), resp);
        } catch (EntityNotFoundException e) {
            e.printStackTrace();
            resp.sendError(HttpServletResponse.SC_BAD_REQUEST,
                    "Invalid registration entity key " + key.toString());
        }
    } else {
        resp.sendError(HttpServletResponse.SC_FORBIDDEN,
                "Contest Administrator privileges required for that operation");
    }
}

From source file:eu.dasish.annotation.backend.rest.CachedRepresentationResource.java

/**
 * /*  ww w. j a  va 2s  .c om*/
 * @param externalId the external UUID of a cached representation.
 * @return a {@link CachedRepresentationInfo} object representing the metadata for the cached representation with the "externalId".
 * @throws IOException if sending an error fails.
 */
@GET
@Produces(MediaType.TEXT_XML)
@Path("{cachedid: " + BackendConstants.regExpIdentifier + "}/metadata")
@Transactional(readOnly = true)
public JAXBElement<CachedRepresentationInfo> getCachedRepresentationInfo(
        @PathParam("cachedid") String externalId) throws IOException {
    Map params = new HashMap();
    try {
        CachedRepresentationInfo result = (CachedRepresentationInfo) (new RequestWrappers(this))
                .wrapRequestResource(params, new GetCachedRepresentationInfo(), Resource.CACHED_REPRESENTATION,
                        Access.READ, externalId);
        if (result != null) {
            return (new ObjectFactory()).createCachedRepresentationInfo(result);
        } else {
            return (new ObjectFactory()).createCachedRepresentationInfo(new CachedRepresentationInfo());
        }
    } catch (NotInDataBaseException e1) {
        httpServletResponse.sendError(HttpServletResponse.SC_NOT_FOUND, e1.getMessage());
        return new ObjectFactory().createCachedRepresentationInfo(new CachedRepresentationInfo());
    } catch (ForbiddenException e2) {
        httpServletResponse.sendError(HttpServletResponse.SC_FORBIDDEN, e2.getMessage());
        return new ObjectFactory().createCachedRepresentationInfo(new CachedRepresentationInfo());
    }
}