Example 31 with AccessDeniedException
use of org.springframework.security.access.AccessDeniedException in project crnk-framework by crnk-project.
the class SpringSecurityExceptionMapperTest method testAccessDenied.
@Test
public void testAccessDenied() {
AccessDeniedExceptionMapper mapper = new AccessDeniedExceptionMapper();
AccessDeniedException exception = new AccessDeniedException("hi");
ErrorResponse response = mapper.toErrorResponse(exception);
Iterable<ErrorData> errors = response.getErrors();
Iterator<ErrorData> iterator = errors.iterator();
ErrorData data = iterator.next();
Assert.assertFalse(iterator.hasNext());
Assert.assertEquals("403", data.getStatus());
Assert.assertEquals("hi", data.getCode());
Assert.assertTrue(mapper.accepts(response));
AccessDeniedException fromErrorResponse = mapper.fromErrorResponse(response);
Assert.assertEquals("hi", fromErrorResponse.getMessage());
}
Also used :
AccessDeniedException(org.springframework.security.access.AccessDeniedException)
ErrorData(io.crnk.core.engine.document.ErrorData)
AccessDeniedExceptionMapper(io.crnk.spring.internal.AccessDeniedExceptionMapper)
ErrorResponse(io.crnk.core.engine.error.ErrorResponse)
Test(org.junit.Test)
Example 32 with AccessDeniedException
use of org.springframework.security.access.AccessDeniedException in project syncope by apache.
the class MustChangePasswordFilter method doFilter.
@Override
public void doFilter(final ServletRequest request, final ServletResponse response, final FilterChain chain) throws IOException, ServletException {
if (request instanceof SecurityContextHolderAwareRequestWrapper) {
boolean isMustChangePassword = SecurityContextHolder.getContext().getAuthentication().getAuthorities().stream().anyMatch(authority -> StandardEntitlement.MUST_CHANGE_PASSWORD.equals(authority.getAuthority()));
SecurityContextHolderAwareRequestWrapper wrapper = SecurityContextHolderAwareRequestWrapper.class.cast(request);
if (isMustChangePassword && "GET".equalsIgnoreCase(wrapper.getMethod()) && !ArrayUtils.contains(ALLOWED, wrapper.getPathInfo())) {
throw new AccessDeniedException("Please change your password first");
}
}
chain.doFilter(request, response);
}
Also used :
SecurityContextHolderAwareRequestWrapper(org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestWrapper)
AccessDeniedException(org.springframework.security.access.AccessDeniedException)
Example 33 with AccessDeniedException
use of org.springframework.security.access.AccessDeniedException in project syncope by apache.
the class RestServiceExceptionMapper method toResponse.
@Override
public Response toResponse(final Exception ex) {
LOG.error("Exception thrown", ex);
ResponseBuilder builder;
if (ex instanceof AccessDeniedException) {
// leaves the default exception processing to Spring Security
builder = null;
} else if (ex instanceof SyncopeClientException) {
SyncopeClientException sce = (SyncopeClientException) ex;
builder = sce.isComposite() ? getSyncopeClientCompositeExceptionResponse(sce.asComposite()) : getSyncopeClientExceptionResponse(sce);
} else if (ex instanceof DelegatedAdministrationException || ExceptionUtils.getRootCause(ex) instanceof DelegatedAdministrationException) {
builder = builder(ClientExceptionType.DelegatedAdministration, ExceptionUtils.getRootCauseMessage(ex));
} else if (ex instanceof EntityExistsException || ex instanceof DuplicateException || ex instanceof PersistenceException && ex.getCause() instanceof EntityExistsException) {
builder = builder(ClientExceptionType.EntityExists, getJPAMessage(ex instanceof PersistenceException ? ex.getCause() : ex));
} else if (ex instanceof DataIntegrityViolationException || ex instanceof JpaSystemException) {
builder = builder(ClientExceptionType.DataIntegrityViolation, getJPAMessage(ex));
} else if (ex instanceof ConnectorException) {
builder = builder(ClientExceptionType.ConnectorException, ExceptionUtils.getRootCauseMessage(ex));
} else if (ex instanceof NotFoundException) {
builder = builder(ClientExceptionType.NotFound, ExceptionUtils.getRootCauseMessage(ex));
} else {
builder = processInvalidEntityExceptions(ex);
if (builder == null) {
builder = processBadRequestExceptions(ex);
}
// process JAX-RS validation errors
if (builder == null && ex instanceof ValidationException) {
builder = builder(validationEM.toResponse((ValidationException) ex)).header(RESTHeaders.ERROR_CODE, ClientExceptionType.RESTValidation.name()).header(RESTHeaders.ERROR_INFO, ClientExceptionType.RESTValidation.getInfoHeaderValue(ExceptionUtils.getRootCauseMessage(ex)));
ErrorTO error = new ErrorTO();
error.setStatus(ClientExceptionType.RESTValidation.getResponseStatus().getStatusCode());
error.setType(ClientExceptionType.RESTValidation);
error.getElements().add(ExceptionUtils.getRootCauseMessage(ex));
builder.entity(error);
}
// ...or just report as InternalServerError
if (builder == null) {
builder = Response.status(Response.Status.INTERNAL_SERVER_ERROR).header(RESTHeaders.ERROR_INFO, ClientExceptionType.Unknown.getInfoHeaderValue(ExceptionUtils.getRootCauseMessage(ex)));
ErrorTO error = new ErrorTO();
error.setStatus(Response.Status.INTERNAL_SERVER_ERROR.getStatusCode());
error.setType(ClientExceptionType.Unknown);
error.getElements().add(ExceptionUtils.getRootCauseMessage(ex));
builder.entity(error);
}
}
return builder == null ? null : builder.build();
}
Also used :
AccessDeniedException(org.springframework.security.access.AccessDeniedException)
ValidationException(javax.validation.ValidationException)
ParsingValidationException(org.apache.syncope.core.persistence.api.attrvalue.validation.ParsingValidationException)
SyncopeClientException(org.apache.syncope.common.lib.SyncopeClientException)
NotFoundException(org.apache.syncope.core.persistence.api.dao.NotFoundException)
DelegatedAdministrationException(org.apache.syncope.core.spring.security.DelegatedAdministrationException)
EntityExistsException(javax.persistence.EntityExistsException)
DataIntegrityViolationException(org.springframework.dao.DataIntegrityViolationException)
JpaSystemException(org.springframework.orm.jpa.JpaSystemException)
ErrorTO(org.apache.syncope.common.lib.to.ErrorTO)
DuplicateException(org.apache.syncope.core.persistence.api.dao.DuplicateException)
ConnectorException(org.identityconnectors.framework.common.exceptions.ConnectorException)
PersistenceException(javax.persistence.PersistenceException)
ResponseBuilder(javax.ws.rs.core.Response.ResponseBuilder)
Example 34 with AccessDeniedException
use of org.springframework.security.access.AccessDeniedException in project syncope by apache.
the class SCIMExceptionMapper method toResponse.
@Override
public Response toResponse(final Exception ex) {
LOG.error("Exception thrown", ex);
ResponseBuilder builder;
if (ex instanceof AccessDeniedException || ex instanceof ForbiddenException || ex instanceof NotAuthorizedException) {
// leaves the default exception processing
builder = null;
} else if (ex instanceof NotFoundException) {
return Response.status(Response.Status.NOT_FOUND).entity(new SCIMError(null, Response.Status.NOT_FOUND.getStatusCode(), ExceptionUtils.getRootCauseMessage(ex))).build();
} else if (ex instanceof SyncopeClientException) {
SyncopeClientException sce = (SyncopeClientException) ex;
builder = builder(sce.getType(), ExceptionUtils.getRootCauseMessage(ex));
} else if (ex instanceof DelegatedAdministrationException || ExceptionUtils.getRootCause(ex) instanceof DelegatedAdministrationException) {
builder = builder(ClientExceptionType.DelegatedAdministration, ExceptionUtils.getRootCauseMessage(ex));
} else if (ENTITYEXISTS_EXCLASS.isAssignableFrom(ex.getClass()) || ex instanceof DuplicateException || PERSISTENCE_EXCLASS.isAssignableFrom(ex.getClass()) && ENTITYEXISTS_EXCLASS.isAssignableFrom(ex.getCause().getClass())) {
builder = builder(ClientExceptionType.EntityExists, ExceptionUtils.getRootCauseMessage(ex));
} else if (ex instanceof DataIntegrityViolationException || JPASYSTEM_EXCLASS.isAssignableFrom(ex.getClass())) {
builder = builder(ClientExceptionType.DataIntegrityViolation, ExceptionUtils.getRootCauseMessage(ex));
} else if (CONNECTOR_EXCLASS.isAssignableFrom(ex.getClass())) {
builder = builder(ClientExceptionType.ConnectorException, ExceptionUtils.getRootCauseMessage(ex));
} else {
builder = processInvalidEntityExceptions(ex);
if (builder == null) {
builder = processBadRequestExceptions(ex);
}
// process JAX-RS validation errors
if (builder == null && ex instanceof ValidationException) {
builder = builder(ClientExceptionType.RESTValidation, ExceptionUtils.getRootCauseMessage(ex));
}
// ...or just report as InternalServerError
if (builder == null) {
builder = Response.status(Response.Status.INTERNAL_SERVER_ERROR).entity(ExceptionUtils.getRootCauseMessage(ex));
}
}
return builder == null ? null : builder.build();
}
Also used :
AccessDeniedException(org.springframework.security.access.AccessDeniedException)
ForbiddenException(javax.ws.rs.ForbiddenException)
ValidationException(javax.validation.ValidationException)
ParsingValidationException(org.apache.syncope.core.persistence.api.attrvalue.validation.ParsingValidationException)
DuplicateException(org.apache.syncope.core.persistence.api.dao.DuplicateException)
SCIMError(org.apache.syncope.ext.scimv2.api.data.SCIMError)
SyncopeClientException(org.apache.syncope.common.lib.SyncopeClientException)
NotFoundException(org.apache.syncope.core.persistence.api.dao.NotFoundException)
DelegatedAdministrationException(org.apache.syncope.core.spring.security.DelegatedAdministrationException)
NotAuthorizedException(javax.ws.rs.NotAuthorizedException)
ResponseBuilder(javax.ws.rs.core.Response.ResponseBuilder)
DataIntegrityViolationException(org.springframework.dao.DataIntegrityViolationException)
Example 35 with AccessDeniedException
use of org.springframework.security.access.AccessDeniedException in project cia by Hack23.
the class UiInstanceErrorHandler method error.
@Override
public void error(final ErrorEvent event) {
if (event.getThrowable() instanceof AccessDeniedException) {
final AccessDeniedException accessDeniedException = (AccessDeniedException) event.getThrowable();
Notification.show(accessDeniedException.getMessage(), Notification.Type.ERROR_MESSAGE);
ui.getNavigator().navigateTo(CommonsViews.MAIN_VIEW_NAME);
return;
} else if (event.getThrowable().getCause() != null && event.getThrowable().getCause().getCause() != null && event.getThrowable().getCause().getCause().getCause() instanceof AccessDeniedException) {
final AccessDeniedException accessDeniedException = (AccessDeniedException) event.getThrowable().getCause().getCause().getCause();
Notification.show(accessDeniedException.getMessage(), Notification.Type.ERROR_MESSAGE);
ui.getNavigator().navigateTo(CommonsViews.MAIN_VIEW_NAME);
return;
} else {
LOGGER.warn(LOG_WARN_VAADIN_ERROR, event.getThrowable());
}
}
Also used :
AccessDeniedException(org.springframework.security.access.AccessDeniedException)
Aggregations
AccessDeniedException (org.springframework.security.access.AccessDeniedException)186
Test (org.junit.Test)33
Test (org.junit.jupiter.api.Test)20
Authentication (org.springframework.security.core.Authentication)18
TestingAuthenticationToken (org.springframework.security.authentication.TestingAuthenticationToken)17
ArrayList (java.util.ArrayList)15
ApplicationUser (org.finra.herd.model.dto.ApplicationUser)14
SecurityUserWrapper (org.finra.herd.model.dto.SecurityUserWrapper)14
RequestMapping (org.springframework.web.bind.annotation.RequestMapping)14
AbstractServiceTest (org.finra.herd.service.AbstractServiceTest)13
Method (java.lang.reflect.Method)12
JoinPoint (org.aspectj.lang.JoinPoint)11
MethodSignature (org.aspectj.lang.reflect.MethodSignature)11
SecurityContext (org.springframework.security.core.context.SecurityContext)11
NamespaceAuthorization (org.finra.herd.model.api.xml.NamespaceAuthorization)10
Credential (com.sequenceiq.cloudbreak.domain.Credential)8
HttpServletRequest (jakarta.servlet.http.HttpServletRequest)8
HttpServletResponse (jakarta.servlet.http.HttpServletResponse)8
WebMessageException (org.hisp.dhis.dxf2.webmessage.WebMessageException)7
Interpretation (org.hisp.dhis.interpretation.Interpretation)7
