Example 36 with AccessControlException
use of java.security.AccessControlException in project ORCID-Source by ORCID.
the class DefaultPermissionChecker method performClientChecks.
private void performClientChecks(OAuth2Authentication oAuth2Authentication, ScopePathType requiredScope, OrcidMessage orcidMessage, String orcid) {
OAuth2Request authorizationRequest = oAuth2Authentication.getOAuth2Request();
// as an update
if (orcidMessage != null && orcidMessage.getOrcidProfile() != null && StringUtils.isNotBlank(orcid)) {
OrcidIdentifier orcidOb = orcidMessage.getOrcidProfile().getOrcidIdentifier();
String messageOrcid = orcidOb != null ? orcidOb.getPath() : orcid;
if (StringUtils.isNotBlank(messageOrcid) && !orcid.equals(messageOrcid)) {
throw new IllegalArgumentException("The ORCID in the body and the URI do NOT match. Body ORCID: " + messageOrcid + " URI ORCID: " + orcid + " do NOT match.");
}
profileEntityCacheManager.retrieve(messageOrcid);
if (!profileEntityManager.existsAndNotClaimedAndBelongsTo(messageOrcid, authorizationRequest.getClientId())) {
throw new AccessControlException("You cannot update this profile as it has been claimed, or you are not the owner.");
}
}
}
Also used :
OAuth2Request(org.springframework.security.oauth2.provider.OAuth2Request)
OrcidIdentifier(org.orcid.jaxb.model.message.OrcidIdentifier)
AccessControlException(java.security.AccessControlException)
Example 37 with AccessControlException
use of java.security.AccessControlException in project tomee by apache.
the class AbstractSecurityService method isCallerAuthorized.
@Override
public boolean isCallerAuthorized(final Method method, final InterfaceType type) {
final ThreadContext threadContext = ThreadContext.getThreadContext();
final BeanContext beanContext = threadContext.getBeanContext();
try {
final String ejbName = beanContext.getEjbName();
String name = type == null ? null : type.getSpecName();
if ("LocalBean".equals(name) || "LocalBeanHome".equals(name)) {
name = null;
}
final Identity currentIdentity = clientIdentity.get();
final SecurityContext securityContext;
if (currentIdentity == null) {
securityContext = threadContext.get(SecurityContext.class);
} else {
securityContext = new SecurityContext(currentIdentity.getSubject());
}
securityContext.acc.checkPermission(new EJBMethodPermission(ejbName, name, method));
} catch (final AccessControlException e) {
return false;
}
return true;
}
Also used :
BeanContext(org.apache.openejb.BeanContext)
ThreadContext(org.apache.openejb.core.ThreadContext)
AccessControlException(java.security.AccessControlException)
EJBMethodPermission(javax.security.jacc.EJBMethodPermission)
Example 38 with AccessControlException
use of java.security.AccessControlException in project spock by spockframework.
the class ConfigurationScriptLoader method loadScriptFromFileSystemLocation.
@Nullable
private DelegatingScript loadScriptFromFileSystemLocation(String location) {
File file = new File(location);
try {
if (!file.exists())
return null;
} catch (AccessControlException e) {
// so let's just assume it's not there and continue
return null;
}
GroovyShell shell = createShell();
try {
return (DelegatingScript) shell.parse(file);
} catch (IOException e) {
throw new ConfigurationException("Error reading configuration script '%s'", location);
} catch (CompilationFailedException e) {
throw new ConfigurationException("Error compiling configuration script '%s'", location);
}
}
Also used :
ConfigurationException(spock.config.ConfigurationException)
DelegatingScript(org.spockframework.builder.DelegatingScript)
AccessControlException(java.security.AccessControlException)
Nullable(org.spockframework.util.Nullable)
Example 39 with AccessControlException
use of java.security.AccessControlException in project tomcat by apache.
the class WebappClassLoaderBase method refreshPolicy.
/**
* Refresh the system policy file, to pick up eventual changes.
*/
protected void refreshPolicy() {
try {
// The policy file may have been modified to adjust
// permissions, so we're reloading it when loading or
// reloading a Context
Policy policy = Policy.getPolicy();
policy.refresh();
} catch (AccessControlException e) {
// Some policy files may restrict this, even for the core,
// so this exception is ignored
}
}
Also used :
Policy(java.security.Policy)
AccessControlException(java.security.AccessControlException)
Example 40 with AccessControlException
use of java.security.AccessControlException in project hadoop by apache.
the class RMWebServices method moveApp.
protected Response moveApp(RMApp app, UserGroupInformation callerUGI, String targetQueue) throws IOException, InterruptedException {
if (app == null) {
throw new IllegalArgumentException("app cannot be null");
}
String userName = callerUGI.getUserName();
final ApplicationId appid = app.getApplicationId();
final String reqTargetQueue = targetQueue;
try {
callerUGI.doAs(new PrivilegedExceptionAction<Void>() {
@Override
public Void run() throws IOException, YarnException {
MoveApplicationAcrossQueuesRequest req = MoveApplicationAcrossQueuesRequest.newInstance(appid, reqTargetQueue);
rm.getClientRMService().moveApplicationAcrossQueues(req);
return null;
}
});
} catch (UndeclaredThrowableException ue) {
// bubble that up to the user
if (ue.getCause() instanceof YarnException) {
YarnException ye = (YarnException) ue.getCause();
if (ye.getCause() instanceof AccessControlException) {
String appId = app.getApplicationId().toString();
String msg = "Unauthorized attempt to move appid " + appId + " by remote user " + userName;
return Response.status(Status.FORBIDDEN).entity(msg).build();
} else if (ye.getMessage().startsWith("App in") && ye.getMessage().endsWith("state cannot be moved.")) {
return Response.status(Status.BAD_REQUEST).entity(ye.getMessage()).build();
} else {
throw ue;
}
} else {
throw ue;
}
}
AppQueue ret = new AppQueue();
ret.setQueue(app.getQueue());
return Response.status(Status.OK).entity(ret).build();
}
Also used :
AppQueue(org.apache.hadoop.yarn.server.resourcemanager.webapp.dao.AppQueue)
MoveApplicationAcrossQueuesRequest(org.apache.hadoop.yarn.api.protocolrecords.MoveApplicationAcrossQueuesRequest)
UndeclaredThrowableException(java.lang.reflect.UndeclaredThrowableException)
AccessControlException(java.security.AccessControlException)
IOException(java.io.IOException)
ApplicationId(org.apache.hadoop.yarn.api.records.ApplicationId)
YarnException(org.apache.hadoop.yarn.exceptions.YarnException)
Aggregations
AccessControlException (java.security.AccessControlException)69
IOException (java.io.IOException)24
Test (org.junit.Test)12
UserGroupInformation (org.apache.hadoop.security.UserGroupInformation)10
Permission (java.security.Permission)8
ApplicationId (org.apache.hadoop.yarn.api.records.ApplicationId)8
InputStream (java.io.InputStream)7
YarnException (org.apache.hadoop.yarn.exceptions.YarnException)7
File (java.io.File)5
PropertyPermission (java.util.PropertyPermission)5
ApplicationNotFoundException (org.apache.hadoop.yarn.exceptions.ApplicationNotFoundException)5
FileNotFoundException (java.io.FileNotFoundException)4
UndeclaredThrowableException (java.lang.reflect.UndeclaredThrowableException)4
HashSet (java.util.HashSet)4
RMApp (org.apache.hadoop.yarn.server.resourcemanager.rmapp.RMApp)4
ServerSocket (java.net.ServerSocket)3
Socket (java.net.Socket)3
URISyntaxException (java.net.URISyntaxException)3
UnsafeCharArrayWriter (jetbrick.template.utils.UnsafeCharArrayWriter)3
FileSystem (org.apache.hadoop.fs.FileSystem)3
