List of usage examples for javax.servlet.http HttpServletResponse SC_FORBIDDEN
int SC_FORBIDDEN
To view the source code for javax.servlet.http HttpServletResponse SC_FORBIDDEN.
Click Source Link
From source file:se.kth.csc.auth.FilteredCasAuthEntryPoint.java
public final void commence(final HttpServletRequest servletRequest, final HttpServletResponse response, final AuthenticationException authenticationException) throws IOException, ServletException { final String urlEncodedService = CommonUtils.constructServiceUrl(null, response, this.serviceProperties.getService(), null, this.serviceProperties.getArtifactParameter(), true); final String redirectUrl = CommonUtils.constructRedirectUrl(this.loginUrl, this.serviceProperties.getServiceParameter(), urlEncodedService, this.serviceProperties.isSendRenew(), false); String accept = servletRequest.getHeader("Accept"); if (accept != null && accept.contains("text/html")) { response.sendRedirect(redirectUrl); } else {/*from w ww .ja va2 s . c om*/ response.sendError(HttpServletResponse.SC_FORBIDDEN, "Access to this resource requires authentication"); } }
From source file:org.cloudfoundry.identity.uaa.error.JsonAwareAccessDeniedHandlerTests.java
@Test public void testCommenceWithHtmlAndJsonAccept() throws Exception { request.addHeader("Accept", String.format("%s,%s", MediaType.TEXT_HTML_VALUE, MediaType.APPLICATION_JSON)); entryPoint.handle(request, response, new AccessDeniedException("Bad")); assertEquals(HttpServletResponse.SC_FORBIDDEN, response.getStatus()); assertEquals(null, response.getErrorMessage()); }
From source file:net.shopxx.filter.AuthenticationFilter.java
@Override protected boolean onAccessDenied(ServletRequest servletRequest, ServletResponse servletResponse) throws Exception { HttpServletRequest request = (HttpServletRequest) servletRequest; HttpServletResponse response = (HttpServletResponse) servletResponse; if (StringUtils.equalsIgnoreCase(request.getHeader("X-Requested-With"), "XMLHttpRequest")) { response.addHeader("loginStatus", "accessDenied"); response.sendError(HttpServletResponse.SC_FORBIDDEN); return false; }//from w w w.j av a 2 s . com String loginToken = net.shopxx.util.WebUtils.getCookie(request, Admin.LOGIN_TOKEN_COOKIE_NAME); if (!StringUtils.equalsIgnoreCase(loginToken, adminService.getLoginToken())) { WebUtils.issueRedirect(request, response, "/"); return false; } return super.onAccessDenied(request, response); }
From source file:com.haulmont.cuba.web.controllers.LogDownloadController.java
@RequestMapping(value = "/log/{file:[a-zA-Z0-9\\.\\-_]+}", method = RequestMethod.GET) public void getLogFile(HttpServletResponse response, @RequestParam(value = "s") String sessionId, @RequestParam(value = "full", required = false) Boolean downloadFull, @PathVariable(value = "file") String logFileName) throws IOException { UserSession userSession = getSession(sessionId, response); if (userSession == null) return;//from w w w .j av a 2s . c om if (!userSession.isSpecificPermitted("cuba.gui.administration.downloadlogs")) { response.sendError(HttpServletResponse.SC_FORBIDDEN); return; } // security check, handle only valid file name String filename = FilenameUtils.getName(logFileName); try { File logFile = logControl.getLogFile(filename); response.setHeader("Cache-Control", "no-cache"); response.setHeader("Pragma", "no-cache"); response.setDateHeader("Expires", 0); response.setHeader("Content-Type", "application/zip"); response.setHeader("Pragma", "no-cache"); response.setHeader("Content-Disposition", "attachment; filename=" + filename + ".zip"); OutputStream outputStream = null; try { outputStream = response.getOutputStream(); if (BooleanUtils.isTrue(downloadFull)) { LogArchiver.writeArchivedLogToStream(logFile, outputStream); } else { LogArchiver.writeArchivedLogTailToStream(logFile, outputStream); } } catch (RuntimeException | IOException ex) { log.error("Unable to download file", ex); response.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR); } finally { IOUtils.closeQuietly(outputStream); } } catch (LogFileNotFoundException e) { response.setStatus(HttpServletResponse.SC_NOT_FOUND); } }
From source file:com.haulmont.cuba.portal.controllers.LogDownloadController.java
@RequestMapping(value = "/log/{file:[a-zA-Z0-9\\.\\-_]+}", method = RequestMethod.GET) public void getLogFile(HttpServletResponse response, @RequestParam(value = "s") String sessionId, @RequestParam(value = "full", required = false) Boolean downloadFull, @PathVariable(value = "file") String logFileName) throws IOException { UserSession userSession = getSession(sessionId, response); if (userSession == null) return;//from w w w . java 2 s.c o m if (!userSession.isSpecificPermitted("cuba.gui.administration.downloadlogs")) { response.sendError(HttpServletResponse.SC_FORBIDDEN); return; } // security check, handle only valid file name String filename = FilenameUtils.getName(logFileName); try { File logFile = logControl.getLogFile(filename); response.setHeader("Cache-Control", "no-cache"); response.setHeader("Pragma", "no-cache"); response.setDateHeader("Expires", 0); response.setHeader("Content-Type", "application/zip"); response.setHeader("Pragma", "no-cache"); response.setHeader("Content-Disposition", "attachment; filename=" + filename); OutputStream outputStream = null; try { outputStream = response.getOutputStream(); if (BooleanUtils.isTrue(downloadFull)) { LogArchiver.writeArchivedLogToStream(logFile, outputStream); } else { LogArchiver.writeArchivedLogTailToStream(logFile, outputStream); } } catch (RuntimeException | IOException ex) { log.error("Unable to assemble zipped log file", ex); response.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR); } finally { IOUtils.closeQuietly(outputStream); } } catch (LogFileNotFoundException e) { response.setStatus(HttpServletResponse.SC_NOT_FOUND); } }
From source file:com.thinkberg.webdav.MkColHandler.java
public void service(HttpServletRequest request, HttpServletResponse response) throws IOException { BufferedReader bufferedReader = request.getReader(); String line = bufferedReader.readLine(); if (line != null) { response.sendError(HttpServletResponse.SC_UNSUPPORTED_MEDIA_TYPE); return;/*www.j a v a2 s. com*/ } FileObject object = VFSBackend.resolveFile(request.getPathInfo()); try { if (!LockManager.getInstance().evaluateCondition(object, getIf(request)).result) { response.sendError(HttpServletResponse.SC_PRECONDITION_FAILED); return; } } catch (LockException e) { response.sendError(SC_LOCKED); return; } catch (ParseException e) { response.sendError(HttpServletResponse.SC_PRECONDITION_FAILED); return; } if (object.exists()) { response.sendError(HttpServletResponse.SC_METHOD_NOT_ALLOWED); return; } if (!object.getParent().exists() || !FileType.FOLDER.equals(object.getParent().getType())) { response.sendError(HttpServletResponse.SC_CONFLICT); return; } try { object.createFolder(); response.setStatus(HttpServletResponse.SC_CREATED); } catch (FileSystemException e) { response.sendError(HttpServletResponse.SC_FORBIDDEN); } }
From source file:org.shredzone.cilla.view.HeaderView.java
/** * Shows details about a header (like a detailled caption and the location it was * taken)./*w w w . j ava 2 s. c om*/ */ @Framed @View(pattern = "/header/${header.id}/${#simplify(header.name)}.html", signature = { "header" }) public String headerView(@PathPart("header.id") Header header, HttpServletRequest req, HttpServletResponse resp) throws ViewException { if (!headerService.isVisible(header)) { throw new ErrorResponseException(HttpServletResponse.SC_FORBIDDEN); } commentFormHandler.handleComment(header, req); req.setAttribute("headerImage", header); return "view/headerDetails.jsp"; }
From source file:it.marcoberri.mbfasturl.cron.QuartzInitServlet.java
/** * // w w w.j av a2 s .co m * @param request * @param response * @throws ServletException * @throws IOException */ @Override public void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { response.sendError(HttpServletResponse.SC_FORBIDDEN); }
From source file:com.sammyun.interceptor.MemberInterceptor.java
@Override public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception { HttpSession session = request.getSession(); Principal principal = (Principal) session.getAttribute(Member.PRINCIPAL_ATTRIBUTE_NAME); if (HttpRequestDeviceUtils.isMobileDevice(request)) { loginUrl = DEFAULT_MOBILE_LOGIN_RUL; } else {/*w w w. ja v a2s . c o m*/ //2014120812:02:08Bug fix ?waploginUrl????DEFAULT_MOBILE_LOGIN_RUL loginUrl = DEFAULT_LOGIN_URL; } if (principal != null) { return true; } else { String requestType = request.getHeader("X-Requested-With"); if (requestType != null && requestType.equalsIgnoreCase("XMLHttpRequest")) { response.addHeader("loginStatus", "accessDenied"); response.sendError(HttpServletResponse.SC_FORBIDDEN); return false; } else { if (request.getMethod().equalsIgnoreCase("GET")) { String redirectUrl = request.getQueryString() != null ? request.getRequestURI() + "?" + request.getQueryString() : request.getRequestURI(); response.sendRedirect(request.getContextPath() + loginUrl + "?" + REDIRECT_URL_PARAMETER_NAME + "=" + URLEncoder.encode(redirectUrl, urlEscapingCharset)); } else { response.sendRedirect(request.getContextPath() + loginUrl); } return false; } } }
From source file:de.unirostock.sems.cbarchive.web.servlet.DownloadServlet.java
@Override protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { // set charset response.setCharacterEncoding(Fields.CHARSET); request.setCharacterEncoding(Fields.CHARSET); // login stuff UserManager user = null;//from w w w .ja va 2 s. c o m try { user = Tools.doLogin(request, response, false); } catch (CombineArchiveWebCriticalException e) { LOGGER.error(e, "Exception while getting User"); response.setStatus(HttpServletResponse.SC_FORBIDDEN); } catch (CombineArchiveWebException e) { LOGGER.warn(e, "Exception while getting User"); response.setStatus(HttpServletResponse.SC_NO_CONTENT); return; } // splitting request URL String[] requestUrl = request.getRequestURI().substring(request.getContextPath().length()).split("/"); // check entry points if (requestUrl.length >= 5 && requestUrl[2].equals("archive")) { // request to download an archive from *any* workspace // without necessarily obtained this workspace before UserManager targetUser = null; if (requestUrl[3] != null && !requestUrl[3].isEmpty()) targetUser = new UserManager(requestUrl[3]); else return; if (requestUrl[4] != null && !requestUrl[4].isEmpty() && targetUser != null) downloadArchive(request, response, targetUser, URLDecoder.decode(requestUrl[4], Fields.CHARSET)); } else if (requestUrl.length >= 4 && requestUrl[2].equals("archive")) { // request to download an archive from the workspace if (requestUrl[3] != null && !requestUrl[3].isEmpty()) downloadArchive(request, response, user, URLDecoder.decode(requestUrl[3], Fields.CHARSET)); } else if (requestUrl.length >= 5 && requestUrl[2].equals("file")) { String archive = null; String file = null; if (requestUrl[3] != null && !requestUrl[3].isEmpty()) archive = URLDecoder.decode(requestUrl[3], Fields.CHARSET); else return; StringBuilder filePath = new StringBuilder(); for (int i = 4; i < requestUrl.length; i++) { if (requestUrl[i] != null && !requestUrl[i].isEmpty()) { filePath.append("/"); filePath.append(requestUrl[i]); } } // decode the name file = URLDecoder.decode(filePath.toString(), Fields.CHARSET); if (archive != null && !archive.isEmpty() && file != null && !file.isEmpty()) downloadFile(request, response, user, archive, file); } }