List of usage examples for org.springframework.http HttpStatus FORBIDDEN
HttpStatus FORBIDDEN
To view the source code for org.springframework.http HttpStatus FORBIDDEN.
Click Source Link
From source file:com.sms.server.controller.UserController.java
@RequestMapping(value = "/{username}", method = RequestMethod.PUT, headers = { "Content-type=application/json" }) @ResponseBody/* w w w .jav a2 s. co m*/ public ResponseEntity<String> updateUser(@RequestBody User update, @PathVariable("username") String username) { User user = userDao.getUserByUsername(username); if (user == null) { return new ResponseEntity<String>("Username does not exist.", HttpStatus.BAD_REQUEST); } if (username.equals("admin")) { return new ResponseEntity<String>("You are not authenticated to perform this operation.", HttpStatus.FORBIDDEN); } // Update user details if (update.getUsername() != null) { // Check username is available if (userDao.getUserByUsername(user.getUsername()) != null) { return new ResponseEntity<String>("Username already exists.", HttpStatus.NOT_ACCEPTABLE); } else { user.setUsername(update.getUsername()); } } if (update.getPassword() != null) { user.setPassword(update.getPassword()); } if (update.getEnabled() != null) { user.setEnabled(update.getEnabled()); } // Update database if (!userDao.updateUser(user, username)) { LogService.getInstance().addLogEntry(LogService.Level.ERROR, CLASS_NAME, "Error updating user '" + user.getUsername() + "'.", null); return new ResponseEntity<String>("Error updating user details.", HttpStatus.INTERNAL_SERVER_ERROR); } LogService.getInstance().addLogEntry(LogService.Level.INFO, CLASS_NAME, "User '" + user.getUsername() + "' updated successfully.", null); return new ResponseEntity<String>("User details updated successfully.", HttpStatus.ACCEPTED); }
From source file:org.ng200.openolympus.controller.errors.AccessDeniedExceptionHandler.java
@ResponseStatus(value = HttpStatus.FORBIDDEN) @ExceptionHandler({ AccessDeniedException.class }) @RequestMapping(produces = "application/json;charset=UTF-8") @ResponseBody//w w w . j a v a 2s . c om public String handleAccessDeniedException(AccessDeniedException exception) { return "{\"error\":\"auth.accessdenied\"}"; }
From source file:com.redblackit.web.controller.SecurityController.java
/** * Access denied handling.//from w ww. ja v a 2 s . c om * * For now we log, then fire up the login page with an appropriate message parameter * * @param principal * @param model */ @RequestMapping("/accessDenied") @ResponseStatus(value = HttpStatus.FORBIDDEN) public String accessDenied(Principal principal, Model model) { logger.error("access denied to " + principal.getName()); model.addAttribute("login_error", "login.access.denied"); return "login"; }
From source file:reconf.server.services.product.UpsertProductService.java
@RequestMapping(value = "/product/{prod}", method = RequestMethod.PUT) @Transactional/*w w w. jav a 2 s . com*/ public ResponseEntity<ProductResult> doIt(@PathVariable("prod") String product, @RequestParam(value = "user", required = false) List<String> users, @RequestParam(value = "desc", required = false) String description, HttpServletRequest request, Authentication auth) { if (!ApplicationSecurity.isRoot(auth)) { return new ResponseEntity<ProductResult>(HttpStatus.FORBIDDEN); } Product reqProduct = new Product(product, description); ResponseEntity<ProductResult> errorResponse = checkForErrors(auth, reqProduct, users); if (errorResponse != null) { return errorResponse; } HttpStatus status = null; Product dbProduct = products.findOne(reqProduct.getName()); if (dbProduct != null) { userProducts.deleteByKeyProduct(reqProduct.getName()); dbProduct.setDescription(description); status = HttpStatus.OK; } else { dbProduct = new Product(reqProduct.getName(), reqProduct.getDescription()); dbProduct.setDescription(description); products.save(dbProduct); status = HttpStatus.CREATED; } dbProduct.setUsers(users); users = CollectionUtils.isEmpty(users) ? Collections.EMPTY_LIST : users; for (String user : users) { if (ApplicationSecurity.isRoot(user)) { continue; } userProducts.save(new UserProduct(new UserProductKey(user, reqProduct.getName()))); } return new ResponseEntity<ProductResult>(new ProductResult(dbProduct, CrudServiceUtils.getBaseUrl(request)), status); }
From source file:org.energyos.espi.datacustodian.web.customer.ScopeSelectionController.java
@ExceptionHandler(Exception.class) @ResponseStatus(value = HttpStatus.FORBIDDEN, reason = "Access Not Authorized") public void handleGenericException() { }
From source file:com.oneops.security.handler.AccessDeniedHandler.java
@Override public void handle(HttpServletRequest request, HttpServletResponse response, AccessDeniedException accessDeniedException) throws IOException, ServletException { logger.error("Exception serving request" + accessDeniedException.getMessage()); CmsBaseException ce = new CmsBaseException(CmsError.RUNTIME_EXCEPTION, accessDeniedException.getMessage()); ErrorResponse error = new ErrorResponse(HttpStatus.FORBIDDEN.value(), HttpStatus.FORBIDDEN.value(), accessDeniedException.getMessage()); response.setStatus(error.getCode()); response.getWriter().write(gson.toJson(error)); }
From source file:org.trustedanalytics.examples.hbase.api.ExceptionHandlerAdvice.java
@ExceptionHandler @ResponseStatus(HttpStatus.FORBIDDEN) @ResponseBody// w w w . j av a 2s . com public String handleLoginException(LoginException ex) { LOG.error("Error logging in", ex); return ex.getMessage(); }
From source file:org.smigo.user.authentication.RestAuthenticationFailureHandler.java
@Override public void onAuthenticationFailure(HttpServletRequest request, HttpServletResponse response, AuthenticationException exception) throws IOException, ServletException { response.setStatus(HttpStatus.FORBIDDEN.value()); List<ObjectError> errors = new ArrayList<ObjectError>(); if (exception instanceof BadCredentialsException) { errors.add(new ObjectError("bad-credentials", "msg.badcredentials")); } else {/* w w w.j a v a2 s.c om*/ errors.add(new ObjectError("username", "msg.unknownerror")); } String responseBody = objectMapper.writeValueAsString(errors); response.getWriter().append(responseBody); final String username = Arrays.toString(request.getParameterMap().get("username")); final String note = "Authentication Failure:" + username + System.lineSeparator() + exception; log.info(note); mailHandler.sendAdminNotification("authentication failure", note); }
From source file:edu.eci.arsw.msgbroker.STOMPMessagesHandler.java
@RequestMapping(value = "/puntos", method = RequestMethod.POST) public ResponseEntity<?> manejadorPostRecursoXX(@RequestBody Point pt) { try {//from w w w .j a va 2 s .co m //registrar dato agregarPunto(pt); msgt.convertAndSend("/topic/newpoint", pt); return new ResponseEntity<>(HttpStatus.CREATED); } catch (Exception ex) { Logger.getLogger(STOMPMessagesHandler.class.getName()).log(Level.SEVERE, null, ex); return new ResponseEntity<>("Error bla bla bla", HttpStatus.FORBIDDEN); } }
From source file:cn.edu.zjnu.acm.judge.controller.MailController.java
@GetMapping("/deletemail") public String delete(@RequestParam("mail_id") long mailId, Authentication authentication) { Mail mail = mailMapper.findOne(mailId); if (mail == null) { throw new MessageException("No such mail", HttpStatus.NOT_FOUND); }/*ww w . jav a2s . c o m*/ if (!UserDetailService.isUser(authentication, mail.getTo())) { throw new MessageException("Sorry, invalid access", HttpStatus.FORBIDDEN); } mailMapper.delete(mailId); return "redirect:/mail"; }