Examples with NotAuthorizedException - javax.ws.rs.NotAuthorizedException

Example 21 with NotAuthorizedException

use of javax.ws.rs.NotAuthorizedException in project candlepin by candlepin.

the class NotAuthorizedExceptionMapperTest method handleException.

@Test
public void handleException() {
    NotAuthorizedException nae = new NotAuthorizedException("Not Authorized", "Negotiate", "Basic realm=candlepin");
    NotAuthorizedExceptionMapper naem = injector.getInstance(NotAuthorizedExceptionMapper.class);
    Response r = naem.toResponse(nae);
    assertEquals(401, r.getStatus());
    verifyMessage(r, rtmsg("Not Authorized"));
}

Also used : Response(javax.ws.rs.core.Response) NotAuthorizedException(javax.ws.rs.NotAuthorizedException) Test(org.junit.Test)

Example 22 with NotAuthorizedException

use of javax.ws.rs.NotAuthorizedException in project teiid by teiid.

the class TeiidRSExceptionHandler method toResponse.

@Override
public Response toResponse(Exception e) {
    ResponseError error = new ResponseError();
    // $NON-NLS-1$
    String code = "ERROR";
    if (e instanceof NotAuthorizedException) {
        // $NON-NLS-1$
        code = "401";
    } else if (e instanceof NotFoundException) {
        // $NON-NLS-1$
        code = "404";
    } else if (e instanceof InternalServerErrorException) {
        // $NON-NLS-1$
        code = "500";
    } else if (e instanceof WebApplicationException) {
        // $NON-NLS-1$
        code = "500";
    }
    error.setCode(code);
    error.setMessage(e.getMessage());
    StringWriter sw = new StringWriter();
    PrintWriter pw = new PrintWriter(sw);
    e.printStackTrace(pw);
    error.setDetails(sw.toString());
    String type = MediaType.APPLICATION_XML;
    List<MediaType> acceptTypes = httpHeaders.getAcceptableMediaTypes();
    if (acceptTypes != null) {
        for (MediaType acceptType : acceptTypes) {
            if (isApplicationJsonWithParametersIgnored(acceptType)) {
                type = MediaType.APPLICATION_JSON;
                break;
            }
        }
    }
    return Response.serverError().entity(error).type(type).build();
}

Also used : WebApplicationException(javax.ws.rs.WebApplicationException) StringWriter(java.io.StringWriter) NotFoundException(javax.ws.rs.NotFoundException) InternalServerErrorException(org.jboss.resteasy.spi.InternalServerErrorException) MediaType(javax.ws.rs.core.MediaType) NotAuthorizedException(javax.ws.rs.NotAuthorizedException) PrintWriter(java.io.PrintWriter)

Example 23 with NotAuthorizedException

use of javax.ws.rs.NotAuthorizedException in project kylo by Teradata.

the class KyloRestLoginModule method doLogin.

@Override
protected boolean doLogin() throws Exception {
    final LoginJerseyClientConfig userConfig = createClientConfig(true);
    final User user;
    try {
        user = retrieveUser(userConfig);
    } catch (final NotAuthorizedException e) {
        log.debug("Received unauthorized response from Login API for user: {}", userConfig.getUsername());
        throw new CredentialException("The username and password combination do not match.");
    } catch (final ProcessingException e) {
        log.error("Failed to process response from Login API for user: {}", userConfig.getUsername(), e);
        throw new FailedLoginException("The login service is unavailable.");
    } catch (final WebApplicationException e) {
        log.error("Received unexpected response from Login API for user: {}", userConfig.getUsername(), e);
        throw new FailedLoginException("The login service is unavailable.");
    }
    // Parse response
    if (user == null) {
        log.debug("No account exists with the name: {}", userConfig.getUsername());
        throw new AccountNotFoundException("No account exists with the name: " + userConfig.getUsername());
    } else if (!user.isEnabled()) {
        log.debug("User from Login API is disabled: {}", userConfig.getUsername());
        throw new AccountLockedException("The account \"" + userConfig.getUsername() + "\" is currently disabled");
    }
    addNewUserPrincipal(user.getSystemName());
    user.getGroups().forEach(this::addNewGroupPrincipal);
    return true;
}

Also used : AccountLockedException(javax.security.auth.login.AccountLockedException) User(com.thinkbiganalytics.security.rest.model.User) FailedLoginException(javax.security.auth.login.FailedLoginException) CredentialException(javax.security.auth.login.CredentialException) WebApplicationException(javax.ws.rs.WebApplicationException) NotAuthorizedException(javax.ws.rs.NotAuthorizedException) AccountNotFoundException(javax.security.auth.login.AccountNotFoundException) ProcessingException(javax.ws.rs.ProcessingException)

Example 24 with NotAuthorizedException

use of javax.ws.rs.NotAuthorizedException in project keywhiz by square.

the class ClientAuthFactory method authenticateClientFromXfccHeader.

/**
 * Extracts client information from the XFCC header and retrieves the client if present, throwing
 * exceptions if the header is malformatted or the client is absent.
 */
private Client authenticateClientFromXfccHeader(List<String> xfccHeaderValues) {
    X509Certificate clientCert = getClientCertFromXfccHeaderEnvoyFormatted(xfccHeaderValues).orElseThrow(() -> new NotAuthorizedException(format("unable to parse client certificate from %s header", XFCC_HEADER_NAME)));
    CertificatePrincipal certificatePrincipal = new CertificatePrincipal(clientCert.getSubjectDN().toString(), new X509Certificate[] { clientCert });
    return authenticateClientFromPrincipal(certificatePrincipal);
}

Also used : CertificatePrincipal(keywhiz.auth.mutualssl.CertificatePrincipal) NotAuthorizedException(javax.ws.rs.NotAuthorizedException) X509Certificate(java.security.cert.X509Certificate)

Example 25 with NotAuthorizedException

use of javax.ws.rs.NotAuthorizedException in project keywhiz by square.

the class ClientAuthFactory method authenticateClientFromCallerSpiffeIdHeader.

/**
 * Extracts client information from the callerSpiffeIdHeader and retrieves the client if present,
 * throwing exceptions if the header is malformatted or the client is absent.
 */
private Client authenticateClientFromCallerSpiffeIdHeader(ContainerRequest containerRequest, String header) {
    // Retrieve the client's SPIFFE ID from the input header
    URI callerSpiffeId = ClientAuthenticator.getSpiffeIdFromHeader(containerRequest, header).orElseThrow(() -> new NotAuthorizedException(format("unable to parse client SPIFFE ID from %s header", header)));
    SpiffePrincipal spiffePrincipal = new SpiffePrincipal(callerSpiffeId);
    return authenticateClientFromPrincipal(spiffePrincipal);
}

Also used : NotAuthorizedException(javax.ws.rs.NotAuthorizedException) URI(java.net.URI) SpiffePrincipal(keywhiz.auth.mutualssl.SpiffePrincipal)

Aggregations

NotAuthorizedException (javax.ws.rs.NotAuthorizedException)28 ForbiddenException (javax.ws.rs.ForbiddenException)5 InternalServerErrorException (javax.ws.rs.InternalServerErrorException)5 POST (javax.ws.rs.POST)5 Response (javax.ws.rs.core.Response)5 NotFoundException (javax.ws.rs.NotFoundException)4 SecurityContext (javax.ws.rs.core.SecurityContext)4 ApiOperation (io.swagger.annotations.ApiOperation)3 BadRequestException (javax.ws.rs.BadRequestException)3 Produces (javax.ws.rs.Produces)3 ServiceUnavailableException (javax.ws.rs.ServiceUnavailableException)3 Session (org.apache.shiro.session.Session)3 Subject (org.apache.shiro.subject.Subject)3 AuthenticationException (io.dropwizard.auth.AuthenticationException)2 IOException (java.io.IOException)2 URI (java.net.URI)2 NotAcceptableException (javax.ws.rs.NotAcceptableException)2 NotAllowedException (javax.ws.rs.NotAllowedException)2 NotSupportedException (javax.ws.rs.NotSupportedException)2 WebApplicationException (javax.ws.rs.WebApplicationException)2