List of usage examples for javax.servlet.http HttpServletResponse SC_FORBIDDEN
int SC_FORBIDDEN
To view the source code for javax.servlet.http HttpServletResponse SC_FORBIDDEN.
Click Source Link
From source file:com.thinkberg.webdav.DeleteHandler.java
public void service(HttpServletRequest request, HttpServletResponse response) throws IOException { FileObject object = VFSBackend.resolveFile(request.getPathInfo()); try {//from w w w .j a va 2s . c om String fragment = new URI(request.getRequestURI()).getFragment(); if (fragment != null) { response.sendError(HttpServletResponse.SC_FORBIDDEN); return; } } catch (URISyntaxException e) { throw new IOException(e.getMessage()); } try { if (!LockManager.getInstance().evaluateCondition(object, getIf(request)).result) { response.sendError(HttpServletResponse.SC_PRECONDITION_FAILED); return; } } catch (LockException e) { response.sendError(SC_LOCKED); return; } catch (ParseException e) { response.sendError(HttpServletResponse.SC_PRECONDITION_FAILED); return; } if (object.exists()) { int deletedObjects = object.delete(ALL_FILES_SELECTOR); LOG.debug("deleted " + deletedObjects + " objects"); if (deletedObjects > 0) { response.setStatus(HttpServletResponse.SC_OK); } else { response.sendError(HttpServletResponse.SC_FORBIDDEN); } } else { response.sendError(HttpServletResponse.SC_NOT_FOUND); } }
From source file:ca.travelagency.webservice.SampleWebservice.java
@Override protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { String username = request.getParameter(USERNAME); String password = request.getParameter(PASSWORD); if (StringUtils.isBlank(username) || StringUtils.isBlank(password)) { response.setStatus(HttpServletResponse.SC_FORBIDDEN); return;//from w w w .j a v a 2 s .c om } try { SystemUser systemUser = systemUserService.authorize(username, password); new JsonUtils().serialize(systemUser.getId(), response.getWriter()); } catch (AuthenticationException e) { response.setStatus(HttpServletResponse.SC_NOT_FOUND); } }
From source file:com.thinkberg.webdav.PutHandler.java
public void service(HttpServletRequest request, HttpServletResponse response) throws IOException { FileObject object = VFSBackend.resolveFile(request.getPathInfo()); try {/*from ww w .j a va 2s . c om*/ if (!LockManager.getInstance().evaluateCondition(object, getIf(request)).result) { response.sendError(HttpServletResponse.SC_PRECONDITION_FAILED); return; } } catch (LockException e) { response.sendError(SC_LOCKED); return; } catch (ParseException e) { response.sendError(HttpServletResponse.SC_PRECONDITION_FAILED); return; } // it is forbidden to write data on a folder if (object.exists() && FileType.FOLDER.equals(object.getType())) { response.sendError(HttpServletResponse.SC_FORBIDDEN); return; } FileObject parent = object.getParent(); if (!parent.exists()) { response.sendError(HttpServletResponse.SC_FORBIDDEN); return; } if (!FileType.FOLDER.equals(parent.getType())) { response.sendError(HttpServletResponse.SC_CONFLICT); return; } InputStream is = request.getInputStream(); OutputStream os = object.getContent().getOutputStream(); long bytesCopied = Util.copyStream(is, os); String contentLengthHeader = request.getHeader("Content-length"); LOG.debug(String.format("sent %d/%s bytes", bytesCopied, contentLengthHeader == null ? "unknown" : contentLengthHeader)); os.flush(); object.close(); response.setStatus(HttpServletResponse.SC_CREATED); }
From source file:org.cloudfoundry.identity.uaa.error.JsonAwareAccessDeniedHandlerTests.java
@Test public void testCommenceWithHtmlAccept() throws Exception { request.addHeader("Accept", MediaType.TEXT_HTML_VALUE); entryPoint.handle(request, response, new AccessDeniedException("Bad")); assertEquals(HttpServletResponse.SC_FORBIDDEN, response.getStatus()); assertEquals("Bad", response.getErrorMessage()); }
From source file:net.shopxx.interceptor.MerchantInterceptor.java
@Override public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception { HttpSession session = request.getSession(); Principal principal = (Principal) session.getAttribute(Merchant.PRINCIPAL_ATTRIBUTE_NAME); if (principal != null) { return true; } else {// ww w. j a v a2s . co m String requestType = request.getHeader("X-Requested-With"); if (requestType != null && requestType.equalsIgnoreCase("XMLHttpRequest")) { response.addHeader("loginStatus", "accessDenied"); response.sendError(HttpServletResponse.SC_FORBIDDEN); return false; } else { if (request.getMethod().equalsIgnoreCase("GET")) { String redirectUrl = request.getQueryString() != null ? request.getRequestURI() + "?" + request.getQueryString() : request.getRequestURI(); response.sendRedirect(request.getContextPath() + loginUrl + "?" + REDIRECT_URL_PARAMETER_NAME + "=" + URLEncoder.encode(redirectUrl, urlEscapingCharset)); } else { response.sendRedirect(request.getContextPath() + loginUrl); } return false; } } }
From source file:com.iterzp.momo.interceptor.MemberInterceptor.java
@Override public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception { HttpSession session = request.getSession(); Principal principal = (Principal) session.getAttribute(Member.PRINCIPAL_ATTRIBUTE_NAME); if (principal != null) { return true; } else {//from w w w. ja v a 2 s. c om String requestType = request.getHeader("X-Requested-With"); if (requestType != null && requestType.equalsIgnoreCase("XMLHttpRequest")) { response.addHeader("loginStatus", "accessDenied"); response.sendError(HttpServletResponse.SC_FORBIDDEN); return false; } else { if (request.getMethod().equalsIgnoreCase("GET")) { String redirectUrl = request.getQueryString() != null ? request.getRequestURI() + "?" + request.getQueryString() : request.getRequestURI(); response.sendRedirect(request.getContextPath() + loginUrl + "?" + REDIRECT_URL_PARAMETER_NAME + "=" + URLEncoder.encode(redirectUrl, urlEscapingCharset)); } else { response.sendRedirect(request.getContextPath() + loginUrl); } return false; } } }
From source file:org.craftercms.security.authorization.impl.RestAccessDeniedHandlerTest.java
@Test public void testHandle() throws Exception { MockHttpServletRequest request = new MockHttpServletRequest("GET", "/admin.json"); MockHttpServletResponse response = new MockHttpServletResponse(); RequestContext context = new RequestContext(request, response); handler.handle(context, new AccessDeniedException(ERROR_MESSAGE)); assertEquals(HttpServletResponse.SC_FORBIDDEN, response.getStatus()); assertEquals(EXPECTED_RESPONSE_CONTENT, response.getContentAsString()); }
From source file:fr.aliasource.webmail.server.calendar.CalendarProxyImpl.java
@SuppressWarnings("unchecked") @Override//from w w w .j a va2 s . com protected void service(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException { IAccount ac = (IAccount) req.getSession().getAttribute("account"); if (ac == null) { GWT.log("Account not found in session", null); resp.setStatus(HttpServletResponse.SC_FORBIDDEN); return; } PostMethod pm = new PostMethod(backendUrl); if (req.getQueryString() != null) { pm.setQueryString(req.getQueryString()); } Map<String, String[]> params = req.getParameterMap(); for (String p : params.keySet()) { String[] val = params.get(p); pm.setParameter(p, val[0]); } synchronized (hc) { try { int ret = hc.executeMethod(pm); if (ret != HttpStatus.SC_OK) { log("method failed:\n" + pm.getStatusLine() + "\n" + pm.getResponseBodyAsString()); resp.setStatus(ret); } else { InputStream is = pm.getResponseBodyAsStream(); transfer(is, resp.getOutputStream(), false); } } catch (Exception e) { log("error occured on call proxyfication", e); } finally { pm.releaseConnection(); } } }
From source file:com.mirth.connect.server.servlets.ConfigurationServlet.java
public void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { // MIRTH-1745 response.setCharacterEncoding("UTF-8"); try {/*from w w w . jav a2 s . c o m*/ PrintWriter out = response.getWriter(); Operation operation = Operations.getOperation(request.getParameter("op")); if (operation.equals(Operations.CONFIGURATION_STATUS_GET)) { response.setContentType(TEXT_PLAIN); out.println(ControllerFactory.getFactory().createConfigurationController().getStatus()); } else if (!isUserLoggedIn(request)) { response.sendError(HttpServletResponse.SC_FORBIDDEN); } else { ConfigurationController configurationController = ControllerFactory.getFactory() .createConfigurationController(); ScriptController scriptController = ControllerFactory.getFactory().createScriptController(); ObjectXMLSerializer serializer = new ObjectXMLSerializer(); Map<String, Object> parameterMap = new HashMap<String, Object>(); if (operation.equals(Operations.CONFIGURATION_CHARSET_ENCODINGS_GET)) { if (isUserAuthorized(request, null)) { response.setContentType(APPLICATION_XML); serializer.toXML(configurationController.getAvaiableCharsetEncodings(), out); } else { response.sendError(HttpServletResponse.SC_UNAUTHORIZED); } } else if (operation.equals(Operations.CONFIGURATION_SERVER_SETTINGS_GET)) { response.setContentType(APPLICATION_XML); if (isUserAuthorized(request, null)) { serializer.toXML(configurationController.getServerSettings(), out); } else { response.sendError(HttpServletResponse.SC_UNAUTHORIZED); } } else if (operation.equals(Operations.CONFIGURATION_SERVER_SETTINGS_SET)) { String settings = request.getParameter("data"); parameterMap.put("settings", settings); if (isUserAuthorized(request, parameterMap)) { configurationController.setServerSettings((ServerSettings) serializer.fromXML(settings)); } else { response.sendError(HttpServletResponse.SC_UNAUTHORIZED); } } else if (operation.equals(Operations.CONFIGURATION_UPDATE_SETTINGS_GET)) { response.setContentType(APPLICATION_XML); if (isUserAuthorized(request, null)) { serializer.toXML(configurationController.getUpdateSettings(), out); } else { response.sendError(HttpServletResponse.SC_UNAUTHORIZED); } } else if (operation.equals(Operations.CONFIGURATION_UPDATE_SETTINGS_SET)) { String settings = request.getParameter("data"); parameterMap.put("settings", settings); if (isUserAuthorized(request, parameterMap)) { configurationController.setUpdateSettings((UpdateSettings) serializer.fromXML(settings)); } else { response.sendError(HttpServletResponse.SC_UNAUTHORIZED); } } else if (operation.equals(Operations.CONFIGURATION_ENCRYPTION_SETTINGS_GET)) { response.setContentType(APPLICATION_XML); if (isUserAuthorized(request, null)) { serializer.toXML(configurationController.getEncryptionSettings(), out); } else { response.sendError(HttpServletResponse.SC_UNAUTHORIZED); } } else if (operation.equals(Operations.CONFIGURATION_GUID_GET)) { if (isUserAuthorized(request, null)) { response.setContentType(TEXT_PLAIN); out.print(configurationController.generateGuid()); } else { response.sendError(HttpServletResponse.SC_UNAUTHORIZED); } } else if (operation.equals(Operations.CONFIGURATION_DATABASE_DRIVERS_GET)) { if (isUserAuthorized(request, null)) { response.setContentType(APPLICATION_XML); serializer.toXML(configurationController.getDatabaseDrivers(), out); } else { response.sendError(HttpServletResponse.SC_UNAUTHORIZED); } } else if (operation.equals(Operations.CONFIGURATION_VERSION_GET)) { if (isUserAuthorized(request, null)) { response.setContentType(TEXT_PLAIN); out.print(configurationController.getServerVersion()); } else { response.sendError(HttpServletResponse.SC_UNAUTHORIZED); } } else if (operation.equals(Operations.CONFIGURATION_BUILD_DATE_GET)) { if (isUserAuthorized(request, null)) { response.setContentType(TEXT_PLAIN); out.print(configurationController.getBuildDate()); } else { response.sendError(HttpServletResponse.SC_UNAUTHORIZED); } } else if (operation.equals(Operations.SERVER_CONFIGURATION_GET)) { if (isUserAuthorized(request, null)) { response.setContentType(APPLICATION_XML); serializer.toXML(configurationController.getServerConfiguration(), out); } else { response.sendError(HttpServletResponse.SC_UNAUTHORIZED); } } else if (operation.equals(Operations.SERVER_CONFIGURATION_SET)) { String serverConfiguration = request.getParameter("data"); parameterMap.put("data", serverConfiguration); if (isUserAuthorized(request, parameterMap)) { configurationController.setServerConfiguration( (ServerConfiguration) serializer.fromXML(serverConfiguration)); } else { response.sendError(HttpServletResponse.SC_UNAUTHORIZED); } } else if (operation.equals(Operations.CONFIGURATION_SERVER_ID_GET)) { if (isUserAuthorized(request, null)) { response.setContentType(APPLICATION_XML); out.println(configurationController.getServerId()); } else { response.sendError(HttpServletResponse.SC_UNAUTHORIZED); } } else if (operation.equals(Operations.CONFIGURATION_SERVER_TIMEZONE_GET)) { if (isUserAuthorized(request, null)) { response.setContentType(APPLICATION_XML); out.println(configurationController.getServerTimezone(request.getLocale())); } else { response.sendError(HttpServletResponse.SC_UNAUTHORIZED); } } else if (operation.equals(Operations.GLOBAL_SCRIPT_GET)) { if (isUserAuthorized(request, null)) { response.setContentType(APPLICATION_XML); serializer.toXML(scriptController.getGlobalScripts(), out); } else { response.sendError(HttpServletResponse.SC_UNAUTHORIZED); } } else if (operation.equals(Operations.GLOBAL_SCRIPT_SET)) { String scripts = request.getParameter("scripts"); parameterMap.put("scripts", scripts); if (isUserAuthorized(request, parameterMap)) { scriptController.setGlobalScripts((Map<String, String>) serializer.fromXML(scripts)); } else { response.sendError(HttpServletResponse.SC_UNAUTHORIZED); } } else if (operation.equals(Operations.CONFIGURATION_PASSWORD_REQUIREMENTS_GET)) { if (isUserAuthorized(request, null)) { response.setContentType(APPLICATION_XML); serializer.toXML(configurationController.getPasswordRequirements(), out); } else { response.sendError(HttpServletResponse.SC_UNAUTHORIZED); } } } } catch (RuntimeIOException rio) { logger.debug(rio); } catch (Throwable t) { logger.error(ExceptionUtils.getStackTrace(t)); throw new ServletException(t); } }
From source file:org.fenixedu.bennu.spring.portal.PortalHandlerInterceptor.java
@Override public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception { PortalHandlerMethod handlerMethod = (PortalHandlerMethod) handler; if (handlerMethod.getFunctionality() == null) { // The requested controller does not map to a functionality return true; }/*from w w w.j a v a 2 s.c om*/ // If no functionality is selected, look it up from the current request if (BennuPortalDispatcher.getSelectedFunctionality(request) == null) { MenuFunctionality functionality = MenuFunctionality.findFunctionality(SpringPortalBackend.BACKEND_KEY, handlerMethod.getFunctionality().getKey()); if (functionality == null) { response.sendError(HttpServletResponse.SC_NOT_FOUND, "The selected functionality is not configured"); return false; } if (!functionality.isAvailableForCurrentUser()) { response.sendError(HttpServletResponse.SC_FORBIDDEN); return false; } BennuPortalDispatcher.selectFunctionality(request, functionality); } return true; }