List of usage examples for javax.servlet.http HttpServletResponse SC_UNAUTHORIZED
int SC_UNAUTHORIZED
To view the source code for javax.servlet.http HttpServletResponse SC_UNAUTHORIZED.
Click Source Link
From source file:airport.web.controller.ServicesController.java
@RequestMapping(value = "/service/runaways", produces = "application/json") public List<Runaway> getRuaways(HttpServletRequest request, HttpServletResponse response) { User user = new User(); HttpSession httpSession = request.getSession(); user.setId(httpSession.getId());//w w w .j a va 2 s.c om if (!serviceUsers.checkUserOnline(user)) { response.setStatus(HttpServletResponse.SC_UNAUTHORIZED); if (LOG.isInfoEnabled()) { LOG.info("the user isn't authorized. Session id : " + httpSession.getId() + ". URL : /service/statistics/private"); } return null; } if (LOG.isInfoEnabled()) { LOG.info("user get private statistics. Session id : " + httpSession.getId() + ". User : " + user + ". URL : /service/statistics/private"); } return serviceDispatcher.getAllRunaways(); }
From source file:com.zimbra.cs.dav.service.DavServlet.java
@Override public void service(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException { ZimbraLog.clearContext();//from www. j a va 2 s . c o m addRemoteIpToLoggingContext(req); ZimbraLog.addUserAgentToContext(req.getHeader(DavProtocol.HEADER_USER_AGENT)); //bug fix - send 400 for Range requests String rangeHeader = req.getHeader(DavProtocol.HEADER_RANGE); if (null != rangeHeader) { sendError(resp, HttpServletResponse.SC_BAD_REQUEST, "Range header not supported", null, Level.debug); return; } RequestType rtype = getAllowedRequestType(req); ZimbraLog.dav.debug("Allowable request types %s", rtype); if (rtype == RequestType.none) { sendError(resp, HttpServletResponse.SC_NOT_ACCEPTABLE, "Not an allowed request type", null, Level.debug); return; } logRequestInfo(req); Account authUser = null; DavContext ctxt; try { AuthToken at = AuthProvider.getAuthToken(req, false); if (at != null && (at.isExpired() || !at.isRegistered())) { at = null; } if (at != null && (rtype == RequestType.both || rtype == RequestType.authtoken)) { authUser = Provisioning.getInstance().get(AccountBy.id, at.getAccountId()); } else if (at == null && (rtype == RequestType.both || rtype == RequestType.password)) { AuthUtil.AuthResult result = AuthUtil.basicAuthRequest(req, resp, true, this); if (result.sendErrorCalled) { logResponseInfo(resp); return; } authUser = result.authorizedAccount; } if (authUser == null) { try { sendError(resp, HttpServletResponse.SC_UNAUTHORIZED, "Authentication failed", null, Level.debug); } catch (Exception e) { } return; } ZimbraLog.addToContext(ZimbraLog.C_ANAME, authUser.getName()); ctxt = new DavContext(req, resp, authUser); } catch (AuthTokenException e) { sendError(resp, HttpServletResponse.SC_INTERNAL_SERVER_ERROR, "error getting authenticated user", e); return; } catch (ServiceException e) { sendError(resp, HttpServletResponse.SC_INTERNAL_SERVER_ERROR, "error getting authenticated user", e); return; } DavMethod method = sMethods.get(req.getMethod()); if (method == null) { setAllowHeader(resp); sendError(resp, HttpServletResponse.SC_METHOD_NOT_ALLOWED, "Not an allowed method", null, Level.debug); return; } long t0 = System.currentTimeMillis(); CacheStates cache = null; try { if (ZimbraLog.dav.isDebugEnabled()) { try { Upload upload = ctxt.getUpload(); if (upload.getSize() > 0 && upload.getContentType().startsWith("text")) { if (ZimbraLog.dav.isDebugEnabled()) { StringBuilder logMsg = new StringBuilder("REQUEST\n").append( new String(ByteUtil.readInput(upload.getInputStream(), -1, 20480), "UTF-8")); ZimbraLog.dav.debug(logMsg.toString()); } } } catch (DavException de) { throw de; } catch (Exception e) { ZimbraLog.dav.debug("ouch", e); } } cache = checkCachedResponse(ctxt, authUser); if (!ctxt.isResponseSent() && !isProxyRequest(ctxt, method)) { method.checkPrecondition(ctxt); method.handle(ctxt); method.checkPostcondition(ctxt); if (!ctxt.isResponseSent()) { resp.setStatus(ctxt.getStatus()); } } if (!ctxt.isResponseSent()) { logResponseInfo(resp); } } catch (DavException e) { if (e.getCause() instanceof MailServiceException.NoSuchItemException || e.getStatus() == HttpServletResponse.SC_NOT_FOUND) ZimbraLog.dav.info(ctxt.getUri() + " not found"); else if (e.getStatus() == HttpServletResponse.SC_MOVED_TEMPORARILY || e.getStatus() == HttpServletResponse.SC_MOVED_PERMANENTLY) ZimbraLog.dav.info("sending redirect"); try { if (e.isStatusSet()) { resp.setStatus(e.getStatus()); if (e.hasErrorMessage()) e.writeErrorMsg(resp.getOutputStream()); if (ZimbraLog.dav.isDebugEnabled()) { ZimbraLog.dav.info("sending http error %d because: %s", e.getStatus(), e.getMessage(), e); } else { ZimbraLog.dav.info("sending http error %d because: %s", e.getStatus(), e.getMessage()); } if (e.getCause() != null) ZimbraLog.dav.debug("exception: ", e.getCause()); } else { sendError(resp, HttpServletResponse.SC_INTERNAL_SERVER_ERROR, "error handling method " + method.getName(), e); } } catch (IllegalStateException ise) { ZimbraLog.dav.debug("can't write error msg", ise); } } catch (ServiceException e) { if (e instanceof MailServiceException.NoSuchItemException) { sendError(resp, HttpServletResponse.SC_NOT_FOUND, ctxt.getUri() + " not found", null, Level.info); return; } sendError(resp, HttpServletResponse.SC_INTERNAL_SERVER_ERROR, "error handling method " + method.getName(), e); } catch (Exception e) { try { sendError(resp, HttpServletResponse.SC_INTERNAL_SERVER_ERROR, "error handling method " + method.getName(), e); } catch (Exception ex) { } } finally { long t1 = System.currentTimeMillis(); ZimbraLog.dav.info("DavServlet operation " + method.getName() + " to " + req.getPathInfo() + " (depth: " + ctxt.getDepth().name() + ") finished in " + (t1 - t0) + "ms"); if (cache != null) cacheCleanUp(ctxt, cache); ctxt.cleanup(); } }
From source file:de.zib.gndms.kit.monitor.GroovyMoniServlet.java
private static ServletRuntimeException unauthorized(String s) { return new ServletRuntimeException(HttpServletResponse.SC_UNAUTHORIZED, s, true); }
From source file:com.adito.core.actions.AuthenticatedDispatchAction.java
/** * @param response/*from w w w . ja va 2 s .c om*/ * @throws IOException */ void sendAuthorizationError(HttpServletResponse response) throws IOException { response.setHeader("WWW-Authenticate", "Basic realm=\"" + Branding.PRODUCT_NAME + "\""); response.sendError(HttpServletResponse.SC_UNAUTHORIZED); }
From source file:eu.trentorise.smartcampus.mobility.controller.rest.JourneyPlannerController.java
@RequestMapping(method = RequestMethod.GET, value = "/itinerary/{itineraryId}/monitor/{monitor}") public @ResponseBody Boolean monitorItinerary(HttpServletResponse response, @PathVariable String itineraryId, @PathVariable boolean monitor) throws Exception { try {//from w ww. ja v a 2s .co m String userId = getUserId(); if (userId == null) { response.setStatus(HttpServletResponse.SC_UNAUTHORIZED); return false; } Map<String, Object> pars = new TreeMap<String, Object>(); pars.put("clientId", itineraryId); ItineraryObject res = domainStorage.searchDomainObject(pars, ItineraryObject.class); if (res == null) { response.setStatus(HttpServletResponse.SC_BAD_REQUEST); return false; } if (!userId.equals(res.getUserId())) { response.setStatus(HttpServletResponse.SC_UNAUTHORIZED); return null; } res.setMonitor(monitor); domainStorage.saveItinerary(res); return monitor; } catch (Exception e) { e.printStackTrace(); response.setStatus(HttpServletResponse.SC_INTERNAL_SERVER_ERROR); } return false; }
From source file:org.georchestra.security.Proxy.java
private void handleUrlParamRequest(HttpServletRequest request, HttpServletResponse response, RequestType type, String sURL) throws IOException { if (request.getRequestURI().startsWith("/sec/proxy/")) { testLegalContentType(request);//from ww w . j ava 2 s .co m URL url; try { url = new URL(sURL); } catch (MalformedURLException e) { // not an url response.sendError(HttpServletResponse.SC_BAD_REQUEST, e.getMessage()); return; } if (proxyPermissions.isDenied(url) || urlIsProtected(request, url)) { response.sendError(HttpServletResponse.SC_UNAUTHORIZED, "URL is not allowed."); return; } handleRequest(request, response, type, sURL, false); } else { handlePathEncodedRequests(request, response, type); } }
From source file:com.sun.syndication.propono.atom.server.AtomServlet.java
/** * Handles an Atom PUT by calling handler to identify URI, reading/parsing * data, calling handler and writing results to response. *//* w ww . j a v a 2 s.c om*/ protected void doPut(HttpServletRequest req, HttpServletResponse res) throws ServletException, IOException { log.debug("Entering"); AtomHandler handler = createAtomRequestHandler(req, res); String userName = handler.getAuthenticatedUsername(); if (userName != null) { AtomRequest areq = new AtomRequestImpl(req); try { if (handler.isEntryURI(areq)) { // parse incoming entry Entry unsavedEntry = Atom10Parser.parseEntry( new BufferedReader(new InputStreamReader(req.getInputStream(), "UTF-8")), null); // call handler to put entry handler.putEntry(areq, unsavedEntry); res.setStatus(HttpServletResponse.SC_OK); } else if (handler.isMediaEditURI(areq)) { // hand input stream to handler handler.putMedia(areq); res.setStatus(HttpServletResponse.SC_OK); } else { res.setStatus(HttpServletResponse.SC_NOT_FOUND); } } catch (AtomException ae) { res.sendError(ae.getStatus(), ae.getMessage()); log.debug("ERROR processing PUT", ae); } catch (Exception e) { res.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR, e.getMessage()); log.debug("ERROR processing PUT", e); } } else { res.setHeader("WWW-Authenticate", "BASIC realm=\"AtomPub\""); // Wanted to use sendError() here but Tomcat sends 403 forbidden // when I do that, so sticking with setStatus() for time being. res.setStatus(HttpServletResponse.SC_UNAUTHORIZED); } log.debug("Exiting"); }
From source file:com.almende.eve.transport.http.AgentServlet.java
/** * Create a new agent Usage: PUT /servlet/{agentId}?type={agentType} Where * agentType is the full class path of the agent. Returns a list with the * urls of the created agent./*from ww w .j av a 2s . c o m*/ * * @param req * the req * @param resp * the resp * @throws ServletException * the servlet exception * @throws IOException * Signals that an I/O exception has occurred. */ @Override protected void doPut(final HttpServletRequest req, final HttpServletResponse resp) throws ServletException, IOException { final String agentUrl = req.getRequestURI(); String agentId; try { agentId = httpTransport.getAgentId(new URI(agentUrl)); } catch (URISyntaxException e) { throw new ServletException(AGENTURLWARNING, e); } String agentType = req.getParameter("type"); if (!handleSession(req, resp)) { if (!resp.isCommitted()) { resp.sendError(HttpServletResponse.SC_UNAUTHORIZED); } return; } if (agentType == null) { // TODO: class is deprecated since 2013-02-19. Remove this some day agentType = req.getParameter("class"); LOG.warning("Query parameter 'class' is deprecated. Use 'type' instead."); } if (agentId == null) { resp.sendError(HttpServletResponse.SC_BAD_REQUEST, "No agentId found in url."); return; } if (agentType == null || agentType.equals("")) { resp.sendError(HttpServletResponse.SC_BAD_REQUEST, "Query parameter 'type' missing in url."); return; } try { final Agent agent = host.createAgent(agentType, agentId); for (final String url : agent.getUrls()) { resp.getWriter().println(url); } agent.signalAgent(new AgentSignal<Void>(AgentSignal.DESTROY, null)); } catch (final Exception e) { throw new ServletException(e); } }
From source file:com.att.ajsc.csilogging.common.CSILoggingUtils.java
public void finalizeRequest(HttpServletRequest request, HttpServletResponse response) { logger.debug("In...:finalizeRequest"); String servicename = UtilLib.getServiceName(request); PerformanceTrackingBean perfTrackerBean = (PerformanceTrackingBean) request .getAttribute(PERFORMANCE_TRACKER_BEAN); long startTime = (long) request.getAttribute(CommonNames.START_TIME); AuditRecord ar = new AuditRecord(); try {// w w w . j av a 2s . com logger.debug("Starting application specific handling...:finalizeRequest"); // request.setAttribute(CommonNames.AUDIT_RECORD, ar); // request.setAttribute(CommonNames.ATTR_START_TIME, // Long.valueOf(startTime).toString()); perfTrackerBean.setAuditRecord(ar); servicename = LoggerNameConverter.convertNormalizedName(request, servicename); perfTrackerBean.setServiceName(servicename); perfTrackerBean.setRequestContentLen(request.getContentLength()); perfTrackerBean.setResponseMsgSize(getResponseLength(request)); perfTrackerBean.setMethod(request.getMethod()); ar.setInstanceName(SystemParams.instance().getInstanceName()); ar.setInitiatedTimestamp(UtilLib.epochToXmlGC(startTime)); ar.setVtier(SystemParams.instance().getVtier()); ar.setCluster(SystemParams.instance().getCluster()); ar.setHostName(SystemParams.instance().getHostName()); ar.setHostIPAddress(SystemParams.instance().getIpAddress()); ar.setSubject("CW.pub.spm2." + servicename + ".response"); ar.setMode(""); ar.setServiceKeyData1(""); ar.setServiceKeyData2(""); ar.setSourceClass(CommonNames.SOURCE_CLASS); ar.setSourceMethod(CommonNames.AUDIT_LOGGER_NAME); ar.setTransactionName(servicename); /* * ar.setApplicationId(request.getAttribute(CommonNames. * CSI_USER_NAME)); * ar.setConversationId(request.getAttribute(CommonNames. * CSI_CONVERSATION_ID)); * ar.setUniqueTransactionId(request.getAttribute(CommonNames. * CSI_UNIQUE_TXN_ID)); * ar.setOriginalMessageId(request.getAttribute(CommonNames. * CSI_MESSAGE_ID)); * ar.setOriginatorId(request.getAttribute(CommonNames. * CSI_ORIGINATOR_ID)); * ar.setClientApp(UtilLib.ifNullThenEmpty(request.getAttribute( * CommonNames.CSI_CLIENT_APP))); ar.setOriginationSystemId("N/A"); * ar.setOriginationSystemName(request.getAttribute(CommonNames. * CSI_USER_NAME)); * ar.setOriginationSystemVersion(request.getAttribute(CommonNames. * CSI_VERSION)); */ ar.setApplicationId(perfTrackerBean.getUserName()); ar.setConversationId(perfTrackerBean.getConversationId()); ar.setUniqueTransactionId(perfTrackerBean.getUniqueTransactionId()); ar.setOriginalMessageId(perfTrackerBean.getOriginalMessageId()); ar.setOriginatorId(perfTrackerBean.getOriginatorId()); ar.setClientApp(UtilLib.ifNullThenEmpty(perfTrackerBean.getClientApp())); ar.setOriginationSystemId("N/A"); ar.setOriginationSystemName(perfTrackerBean.getUserName()); ar.setOriginationSystemVersion(perfTrackerBean.getOriginationSystemVersion()); // new fields added per new schema ar.setClientIP(request.getRemoteAddr()); ar.setHttpMethod(perfTrackerBean.getMethod()); ar.setRequestURL(request.getPathInfo()); // PerformanceTracking.initPerfTrack(request,servicename); PerformanceTracking.initPerfTrack(perfTrackerBean, servicename); // PerformanceTracking.addPerfTrack(request, "Main", "I", // startTime.toString(), servicename); int httpCode = response.getStatus(); if (httpCode == HttpServletResponse.SC_UNAUTHORIZED) { ar.setResponseCode(CommonNames.CSI_AUTH_ERROR); ar.setResponseDescription(CommonErrors.DEF_401_FAULT_DESC); ar.setFaultCode(CommonErrors.DEF_401_FAULT_CODE); ar.setFaultDescription(CommonErrors.DEF_401_FAULT_DESC); ar.setFaultLevel("ERROR"); ar.setTransactionStatus("E"); ar.setFaultEntity("CSI"); ar.setFaultTimestamp(UtilLib.epochToXmlGC(System.currentTimeMillis())); ar.setExternalFaultCode(String.valueOf(httpCode)); ar.setExternalFaultDescription(CommonErrors.GENERIC_XML_ERROR); } else if (httpCode == HttpServletResponse.SC_FORBIDDEN) { ar.setResponseCode(CommonNames.CSI_AUTH_ERROR); ar.setResponseDescription(CommonErrors.DEF_403_FAULT_DESC); ar.setFaultCode(CommonErrors.DEF_403_FAULT_CODE); ar.setFaultDescription(CommonErrors.DEF_403_FAULT_DESC); ar.setFaultLevel("ERROR"); ar.setTransactionStatus("E"); ar.setFaultEntity("CSI"); ar.setFaultTimestamp(UtilLib.epochToXmlGC(System.currentTimeMillis())); ar.setExternalFaultCode(String.valueOf(httpCode)); ar.setExternalFaultDescription(CommonErrors.GENERIC_XML_ERROR); } else if (httpCode == HttpServletResponse.SC_NOT_IMPLEMENTED) { ar.setResponseCode(CommonNames.CSI_SERVICE_UNAVAIL_ERROR); ar.setResponseDescription(CommonErrors.DEF_501_FAULT_DESC); ar.setFaultCode(CommonErrors.DEF_501_FAULT_CODE); ar.setFaultDescription(CommonErrors.DEF_501_FAULT_DESC); ar.setFaultLevel("ERROR"); ar.setTransactionStatus("E"); ar.setFaultEntity("CSI"); ar.setFaultTimestamp(UtilLib.epochToXmlGC(System.currentTimeMillis())); ar.setExternalFaultCode(String.valueOf(httpCode)); ar.setExternalFaultDescription(CommonErrors.GENERIC_XML_ERROR); } else if (httpCode == HttpServletResponse.SC_SERVICE_UNAVAILABLE) { ar.setResponseCode(CommonNames.CSI_SERVICE_UNAVAIL_ERROR); ar.setResponseDescription(CommonErrors.DEF_503_FAULT_DESC); ar.setFaultCode(CommonErrors.DEF_503_FAULT_CODE); ar.setFaultDescription(CommonErrors.DEF_503_FAULT_DESC); ar.setFaultLevel("ERROR"); ar.setTransactionStatus("E"); ar.setFaultEntity("CSI"); ar.setFaultTimestamp(UtilLib.epochToXmlGC(System.currentTimeMillis())); ar.setExternalFaultCode(String.valueOf(httpCode)); ar.setExternalFaultDescription(CommonErrors.GENERIC_XML_ERROR); } else if (400 <= httpCode && httpCode <= 499) { ar.setResponseCode(CommonNames.CSI_SERVICE_UNAVAIL_ERROR); ar.setResponseDescription(CommonErrors.DEF_4NN_FAULT_DESC); ar.setFaultCode(CommonErrors.DEF_4NN_FAULT_CODE); ar.setFaultDescription(CommonErrors.DEF_4NN_FAULT_DESC); ar.setFaultLevel("ERROR"); ar.setFaultEntity("CSI"); ar.setTransactionStatus("E"); ar.setFaultTimestamp(UtilLib.epochToXmlGC(System.currentTimeMillis())); ar.setExternalFaultCode(String.valueOf(httpCode)); ar.setExternalFaultDescription(CommonErrors.GENERIC_XML_ERROR); } else if (httpCode == 500) { ar.setResponseCode(CommonNames.CSI_SERVICE_UNAVAIL_ERROR); ar.setResponseDescription(CommonErrors.DEF_500_FAULT_DESC); ar.setFaultCode(CommonErrors.DEF_500_FAULT_CODE); ar.setFaultDescription(CommonErrors.DEF_500_FAULT_DESC); ar.setFaultLevel("ERROR"); ar.setFaultEntity("CSI"); ar.setTransactionStatus("E"); // ar.setFaultTimestamp(UtilLib.epochToXmlGC((new // Double(System.nanoTime()/1000000)).longValue())); ar.setFaultTimestamp(UtilLib.epochToXmlGC(System.currentTimeMillis())); ar.setExternalFaultCode(String.valueOf(httpCode)); ar.setExternalFaultDescription(CommonErrors.GENERIC_XML_ERROR); } else { ar.setResponseDescription(CommonNames.CSI_SUCCESS); ar.setResponseCode(CommonNames.CSI_SUCCESS_RESPONSE_CODE); ar.setTransactionStatus("C"); } // Enhance CSI logging to use the CAET error code if (response.getHeader(CommonNames.CAET_RestErrorCode) != null || response.getHeader(CommonNames.CAET_CingularErrorCode) != null) { // if(request.getHeader("X-CAET-CingularErrorCode") != null){ if ("Y".equals(request.getAttribute(CommonNames.AJSC_CAET_IS_REST_SERVICE))) { ar.setResponseCode(response.getHeader(CommonNames.CAET_CingularErrorCategory)); ar.setResponseDescription(response.getHeader(CommonNames.CAET_RestErrorDescription)); } else { ar.setResponseCode(response.getHeader(CommonNames.CAET_CingularErrorCode)); ar.setResponseDescription(response.getHeader(CommonNames.CAET_CingularErrorDescription)); } ar.setFaultCode(response.getHeader(CommonNames.CAET_FaultCode)); ar.setFaultDescription(response.getHeader(CommonNames.CAET_FaultDesc)); ar.setFaultLevel(CommonNames.ERROR); ar.setFaultEntity(response.getHeader(CommonNames.CAET_FaultEntity)); ar.setTransactionStatus("E"); ar.setFaultTimestamp(UtilLib.epochToXmlGC(System.currentTimeMillis())); // ar.setFaultTimestamp(UtilLib.epochToXmlGC((new // Double(System.nanoTime()/1000000)).longValue())); ar.setExternalFaultCode(String.valueOf(httpCode)); ar.setExternalFaultDescription(CommonErrors.GENERIC_XML_ERROR); } } catch (Exception e) { // AuditRecord ar = // (AuditRecord)request.getAttribute(CommonNames.AUDIT_RECORD); ar.setResponseCode(CommonNames.CSI_GENERIC_UNKNOWN_ERROR); ar.setResponseDescription(CommonErrors.DEF_5NN_FAULT_DESC); ar.setFaultEntity("CSI"); ar.setFaultCode(CommonErrors.DEF_5NN_FAULT_CODE); ar.setFaultDescription(e.getMessage()); ar.setFaultLevel("ERROR"); ar.setFaultSequenceNumber("1"); ar.setTransactionStatus("E"); ar.setFaultTimestamp(UtilLib.epochToXmlGC(System.currentTimeMillis())); // ar.setFaultTimestamp(UtilLib.epochToXmlGC(((Long)System.nanoTime()/1000000).longValue())); logger.error("EXCEPTION - " + e.getMessage()); } finally { // AuditRecord ar = // (AuditRecord)request.getAttribute(CommonNames.AUDIT_RECORD); if (ar != null) { if (perfTrackerBean != null && !perfTrackerBean.isAsync()) { perfTrackerBean.setAuditRecord(ar); logger.debug("Before calling completeLogging"); completeLogging(request, servicename); } } else { logger.debug("Audit Record is null,abort logging"); } } }