List of usage examples for javax.servlet.http HttpServletResponse SC_FORBIDDEN
int SC_FORBIDDEN
To view the source code for javax.servlet.http HttpServletResponse SC_FORBIDDEN.
Click Source Link
From source file:com.mirth.connect.server.servlets.EventServlet.java
public void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { // MIRTH-1745 response.setCharacterEncoding("UTF-8"); if (!isUserLoggedIn(request)) { response.sendError(HttpServletResponse.SC_FORBIDDEN); } else {/*from w w w. j ava 2 s. c o m*/ try { EventController eventController = ControllerFactory.getFactory().createEventController(); ObjectXMLSerializer serializer = new ObjectXMLSerializer(); PrintWriter out = response.getWriter(); Operation operation = Operations.getOperation(request.getParameter("op")); String uid = null; boolean useNewTempTable = false; Map<String, Object> parameterMap = new HashMap<String, Object>(); if (StringUtils.isNotBlank(request.getParameter("uid"))) { uid = request.getParameter("uid"); useNewTempTable = true; } else { uid = request.getSession().getId(); } if (operation.equals(Operations.EVENT_CREATE_TEMP_TABLE)) { EventFilter eventFilter = (EventFilter) serializer.fromXML(request.getParameter("filter")); parameterMap.put("filter", eventFilter); if (!isUserAuthorized(request, parameterMap)) { response.sendError(HttpServletResponse.SC_UNAUTHORIZED); } else { response.setContentType(TEXT_PLAIN); out.println(eventController.createTempTable(eventFilter, uid, useNewTempTable)); } } else if (operation.equals(Operations.EVENT_REMOVE_FILTER_TABLES)) { if (!isUserAuthorized(request, null)) { response.sendError(HttpServletResponse.SC_UNAUTHORIZED); } else { eventController.removeFilterTable(uid); } } else if (operation.equals(Operations.EVENT_GET_BY_PAGE)) { if (!isUserAuthorized(request, null)) { response.sendError(HttpServletResponse.SC_UNAUTHORIZED); } else { int page = Integer.parseInt(request.getParameter("page")); int pageSize = Integer.parseInt(request.getParameter("pageSize")); int max = Integer.parseInt(request.getParameter("maxEvents")); response.setContentType(APPLICATION_XML); serializer.toXML(eventController.getEventsByPage(page, pageSize, max, uid), out); } } else if (operation.equals(Operations.EVENT_GET_BY_PAGE_LIMIT)) { EventFilter eventFilter = (EventFilter) serializer.fromXML(request.getParameter("filter")); parameterMap.put("filter", eventFilter); if (!isUserAuthorized(request, parameterMap)) { response.sendError(HttpServletResponse.SC_UNAUTHORIZED); } else { int page = Integer.parseInt(request.getParameter("page")); int pageSize = Integer.parseInt(request.getParameter("pageSize")); int max = Integer.parseInt(request.getParameter("maxEvents")); response.setContentType(APPLICATION_XML); serializer.toXML( eventController.getEventsByPageLimit(page, pageSize, max, uid, eventFilter), out); } } else if (operation.equals(Operations.EVENT_REMOVE_ALL)) { if (!isUserAuthorized(request, null)) { response.sendError(HttpServletResponse.SC_UNAUTHORIZED); } else { eventController.removeAllEvents(); // Audit after removal isUserAuthorized(request, null); } } else if (operation.equals(Operations.EVENT_EXPORT_ALL)) { if (!isUserAuthorized(request, null)) { response.sendError(HttpServletResponse.SC_UNAUTHORIZED); } else { response.setContentType(TEXT_PLAIN); out.println(eventController.exportAllEvents()); } } else if (operation.equals(Operations.EVENT_EXPORT_AND_REMOVE_ALL)) { if (!isUserAuthorized(request, null)) { response.sendError(HttpServletResponse.SC_UNAUTHORIZED); } else { response.setContentType(TEXT_PLAIN); // Add file path of export and audit after removal String exportPath = eventController.exportAndRemoveAllEvents(); parameterMap.put("file", exportPath); isUserAuthorized(request, parameterMap); out.println(exportPath); } } } catch (RuntimeIOException rio) { logger.debug(rio); } catch (Throwable t) { logger.error(ExceptionUtils.getStackTrace(t)); throw new ServletException(t); } } }
From source file:net.anthonychaves.bookmarks.web.UserAuthorizationInterceptor.java
@Override public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception { String uri = request.getRequestURI(); User user = (User) request.getSession().getAttribute("user"); if (user != null || uri.indexOf("login") != -1) { return true; } else {/*from w w w . ja v a 2s . co m*/ response.sendError(HttpServletResponse.SC_FORBIDDEN, UNAUTHORIZED_MSG); return false; } }
From source file:fr.epsi.controllers.rest.LoginController.java
/** * Methode qui permet de connecter un utilisateur * @param username le username de l'utilisateur * @param password le password de l'utilisateur * @return Un message statut de la connexion *//*from ww w . j a v a 2 s . c o m*/ @RequestMapping(value = "/connect", method = RequestMethod.POST, produces = MediaType.APPLICATION_JSON_VALUE) public @ResponseBody User connect(@RequestParam("username") String username, @RequestParam("password") String password, HttpServletResponse resp) { try { Users userModel = Users.getInstance(); //On recuoere le user User user = userModel.findByUsername(username); // On retourne le guuid de l'utilisateur if (user.getPassword().equals(password)) { user.generateGUID(); return user; } resp.setStatus(HttpServletResponse.SC_FORBIDDEN); return null; } catch (Exception e) { resp.setStatus(HttpServletResponse.SC_INTERNAL_SERVER_ERROR); return null; } }
From source file:com.erudika.para.security.SimpleAccessDeniedHandler.java
@Override public void handle(HttpServletRequest request, HttpServletResponse response, AccessDeniedException accessDeniedException) throws IOException, ServletException { if (isRestRequest(request)) { RestUtils.returnStatusResponse(response, HttpServletResponse.SC_FORBIDDEN, accessDeniedException.getMessage()); } else {/* w ww. j ava 2 s .c o m*/ super.handle(request, response, accessDeniedException); } }
From source file:com.mirth.connect.server.servlets.ChannelServlet.java
public void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { // MIRTH-1745 response.setCharacterEncoding("UTF-8"); if (!isUserLoggedIn(request)) { response.sendError(HttpServletResponse.SC_FORBIDDEN); } else {// www .jav a2 s . c om try { ChannelController channelController = ControllerFactory.getFactory().createChannelController(); ObjectXMLSerializer serializer = new ObjectXMLSerializer(); PrintWriter out = response.getWriter(); Operation operation = Operations.getOperation(request.getParameter("op")); Map<String, Object> parameterMap = new HashMap<String, Object>(); ServerEventContext context = new ServerEventContext(); context.setUserId(getCurrentUserId(request)); if (operation.equals(Operations.CHANNEL_GET)) { response.setContentType(APPLICATION_XML); List<Channel> channels = null; Channel channel = (Channel) serializer.fromXML(request.getParameter("channel")); parameterMap.put("channel", channel); if (!isUserAuthorized(request, parameterMap)) { channels = new ArrayList<Channel>(); } else if (doesUserHaveChannelRestrictions(request)) { channels = redactChannels(request, channelController.getChannel(channel)); } else { channels = channelController.getChannel(channel); } serializer.toXML(channels, out); } else if (operation.equals(Operations.CHANNEL_UPDATE)) { Channel channel = (Channel) serializer.fromXML(request.getParameter("channel")); boolean override = Boolean.valueOf(request.getParameter("override")).booleanValue(); parameterMap.put("channel", channel); parameterMap.put("override", override); if (!isUserAuthorized(request, parameterMap)) { response.sendError(HttpServletResponse.SC_UNAUTHORIZED); } else { response.setContentType(TEXT_PLAIN); // NOTE: This needs to be print rather than println to // avoid the newline out.print(channelController.updateChannel(channel, context, override)); } } else if (operation.equals(Operations.CHANNEL_REMOVE)) { Channel channel = (Channel) serializer.fromXML(request.getParameter("channel")); parameterMap.put("channel", channel); if (!isUserAuthorized(request, parameterMap)) { response.sendError(HttpServletResponse.SC_UNAUTHORIZED); } else { channelController.removeChannel(channel, context); } } else if (operation.equals(Operations.CHANNEL_GET_SUMMARY)) { response.setContentType(APPLICATION_XML); List<ChannelSummary> channelSummaries = null; Map<String, Integer> cachedChannels = (Map<String, Integer>) serializer .fromXML(request.getParameter("cachedChannels")); parameterMap.put("cachedChannels", cachedChannels); if (!isUserAuthorized(request, parameterMap)) { channelSummaries = new ArrayList<ChannelSummary>(); } else if (doesUserHaveChannelRestrictions(request)) { channelSummaries = redactChannelSummaries(request, channelController.getChannelSummary(cachedChannels)); } else { channelSummaries = channelController.getChannelSummary(cachedChannels); } serializer.toXML(channelSummaries, out); } } catch (RuntimeIOException rio) { logger.debug(rio); } catch (Throwable t) { logger.error(ExceptionUtils.getStackTrace(t)); throw new ServletException(t); } } }
From source file:net.duckling.ddl.web.agent.csp.CspBaseController.java
@OnDeny("*") public void onDeny(String method, HttpServletRequest request, HttpServletResponse response) { response.setStatus(HttpServletResponse.SC_FORBIDDEN); JsonUtil.writeJSONP(request, response, ErrorMsg.NEED_PERMISSION, null, null); }
From source file:org.terasoluna.gfw.functionaltest.app.redirect.WhiteListRedirectStrategy.java
public void sendRedirect(HttpServletRequest request, HttpServletResponse response, String url) throws IOException { if (checkWhiteList(url)) { String redirectUrl = response.encodeRedirectURL(url); if (logger.isDebugEnabled()) { logger.debug("Redirecting to '" + redirectUrl + "'"); }//from w w w .j a v a2 s . c o m response.sendRedirect(redirectUrl); } else { response.sendError(HttpServletResponse.SC_FORBIDDEN, url); } }
From source file:mojo.view.login.RequireLoginInterceptor.java
@Override public boolean preHandle(HttpServletRequest req, HttpServletResponse res, Object con) throws Exception { logger.debug("Handler: {}", (con != null ? con.getClass().getName() : null)); if (context.getUser() == null && con.getClass().isAnnotationPresent(RequireLogin.class)) { logger.debug("Forbidden Controller: " + con.getClass().getName()); res.setStatus(HttpServletResponse.SC_FORBIDDEN); throw new RequireLoginException(); }//from w w w .ja va 2 s .c o m return true; }
From source file:com.xpn.xwiki.web.LoginSubmitAction.java
@Override public String render(XWikiContext context) throws XWikiException { String msg = (String) context.get("message"); if (StringUtils.isNotBlank(msg)) { context.getResponse().setStatus(HttpServletResponse.SC_FORBIDDEN); }/*ww w . j a va 2 s .c o m*/ return "login"; }
From source file:IPFilter.java
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException { String ip = request.getRemoteAddr(); HttpServletResponse httpResp = null; if (response instanceof HttpServletResponse) httpResp = (HttpServletResponse) response; StringTokenizer toke = new StringTokenizer(ip, "."); int dots = 0; String byte1 = ""; String byte2 = ""; String client = ""; while (toke.hasMoreTokens()) { ++dots;/* w w w . ja v a 2s . c o m*/ //if we've reached the second dot, break and check out the indx // value if (dots == 1) { byte1 = toke.nextToken(); } else { byte2 = toke.nextToken(); break; } } //while //Piece together half of the client IP address so it can be compared // with //the forbidden range represented by IPFilter.IP_RANGE client = byte1 + "." + byte2; if (IP_RANGE.equals(client)) { httpResp.sendError(HttpServletResponse.SC_FORBIDDEN, "That means goodbye forever!"); } else { chain.doFilter(request, response); } }