org.apache.shiro.ShiroException Java Examples

The following examples show how to use org.apache.shiro.ShiroException. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
Source File: ShiroExceptionHandler.java    From gazpachoquest with GNU General Public License v3.0 6 votes vote down vote up
@Override
public Response toResponse(ShiroException exception) {

    Status status = Status.FORBIDDEN; // Invalid api key
    if (exception instanceof AccountException) {
        // API key missing
        status = Status.BAD_REQUEST;
        logger.warn(exception.getMessage());
    } else if (exception instanceof AuthorizationException) {
        // Not enough permissions
        status = Status.UNAUTHORIZED;
        logger.warn(exception.getMessage());
    } else {
        logger.error(exception.getMessage(), exception);
    }
    return Response.status(status).type(MediaType.APPLICATION_JSON)
            .entity(ErrorEntity.with().message(exception.getMessage()).build()).build();
}
 
Example #2
Source File: CassandraSessionDAO.java    From arcusplatform with Apache License 2.0 6 votes vote down vote up
@Override
public void init() throws ShiroException {
   //create the necessary schema if possible:
   com.datastax.driver.core.Session systemSession = cluster.connect();

   try {
      if (!isKeyspacePresent(systemSession)) {
         createKeyspace(systemSession);
         if (!isKeyspacePresent(systemSession)) {
            throw new IllegalStateException("Unable to create keyspace " + keyspaceName);
         }
      }
   } finally {
      systemSession.close();
   }

   cassandraSession = cluster.connect(keyspaceName);
   createTable();

   prepareReadStatement();
   prepareSaveStatement();
   prepareDeleteStatement();
}
 
Example #3
Source File: ShiroInterceptor.java    From shiro-jwt with MIT License 6 votes vote down vote up
@AroundInvoke
public Object around(final InvocationContext ic) throws Exception {
    try {
        assertAuthorized(new InvocationContextToMethodInvocationConverter(ic));
    } catch (AuthorizationException exception) {
        Method m = ic.getMethod();
        String message = m.getAnnotation(SecurityChecked.class).message();

        if ("".equals(message)) {
            throw exception;
        } else {
            throw new ShiroException(message, exception);
        }

    }
    return ic.proceed();
}
 
Example #4
Source File: LdapRealm.java    From zeppelin with Apache License 2.0 6 votes vote down vote up
static String getSystemPassword(String hadoopSecurityCredentialPath,
    String keystorePass) {
  String password = "";
  try {
    Configuration configuration = new Configuration();
    configuration.set(CredentialProviderFactory.CREDENTIAL_PROVIDER_PATH,
        hadoopSecurityCredentialPath);
    CredentialProvider provider = CredentialProviderFactory.getProviders(configuration).get(0);
    CredentialProvider.CredentialEntry credEntry = provider.getCredentialEntry(keystorePass);
    if (credEntry != null) {
      password = new String(credEntry.getCredential());
    }
  } catch (IOException e) {
    throw new ShiroException("Error from getting credential entry from keystore", e);
  }
  if (org.apache.commons.lang3.StringUtils.isEmpty(password)) {
    throw new ShiroException("Error getting SystemPassword from the provided keystore:"
        + keystorePass + ", in path:" + hadoopSecurityCredentialPath);
  }
  return password;
}
 
Example #5
Source File: DefineModularRealmAuthenticator.java    From cms with Apache License 2.0 6 votes vote down vote up
/**
 * 调用单个realm执行操作
 *
 * @param realm
 * @param token
 * @return
 */
@Override
protected AuthenticationInfo doSingleRealmAuthentication(Realm realm, AuthenticationToken token) {
    // 如果该realms不支持(不能验证)当前token
    if (!realm.supports(token)) {
        throw new ShiroException("token 错误");
    }
    AuthenticationInfo info = null;
    try {
        info = realm.getAuthenticationInfo(token);

        if (info == null) {
            throw new ShiroException("token不存在!");
        }
    } catch (Exception e) {
        throw new ShiroException("用户名或者密码错误!");
    }
    return info;
}
 
Example #6
Source File: ClusterFactory.java    From arcusplatform with Apache License 2.0 5 votes vote down vote up
public void init() throws ShiroException {
   if (cluster == null) {
      try {
         doInit();
      } catch (Exception e) {
         throw new ShiroException(e);
      }
   }
}
 
Example #7
Source File: ShiroExceptionMapper.java    From cassandra-reaper with Apache License 2.0 5 votes vote down vote up
@Override
public Response toResponse(ShiroException exception) {
  if (AuthorizationException.class.isAssignableFrom(exception.getClass())
      || AuthenticationException.class.isAssignableFrom(exception.getClass())) {
    LOG.info("Authentication failed", exception);
    return Response.status(Response.Status.FORBIDDEN).entity(exception.getMessage()).build();
  }

  LOG.error("Unexpected ShiroException", exception);
  return Response.status(Response.Status.INTERNAL_SERVER_ERROR).build();
}
 
Example #8
Source File: DefineModularRealmAuthenticator.java    From cms with Apache License 2.0 5 votes vote down vote up
/**
 * 判断realm是否为空
 *
 * @throws IllegalStateException
 */
@Override
protected void assertRealmsConfigured() throws IllegalStateException {
    this.definedRealms = this.getDefinedRealms();
    if (CollectionUtils.isEmpty(this.definedRealms)) {
        throw new ShiroException("值传递错误!");
    }
}
 
Example #9
Source File: ArbitraryCacheManagerTest.java    From ehcache-shiro with Apache License 2.0 5 votes vote down vote up
@Test(expected = ShiroException.class)
public void testDefaultCacheManagerBadConfigFile() {
  final String badConfiguration = "someStrangeValue";
  ehcacheShiroManager.setCacheManagerConfigFile(badConfiguration);
  Assert.assertEquals(badConfiguration, ehcacheShiroManager.getCacheManagerConfigFile());

  ehcacheShiroManager.init();
}
 
Example #10
Source File: AccountExceptionHandler.java    From biliob_backend with MIT License 5 votes vote down vote up
@ResponseBody
@ExceptionHandler(ShiroException.class)
@ResponseStatus(value = HttpStatus.FORBIDDEN)
public ExceptionResult handleShiroException() {
    // 生成返回结果
    ExceptionResult errorResult = new ExceptionResult();
    errorResult.setCode(403);
    errorResult.setMsg("登录失败");
    logger.info("登录失败");
    return errorResult;
}
 
Example #11
Source File: ExceptionController.java    From SpringBootBucket with MIT License 4 votes vote down vote up
@ResponseStatus(HttpStatus.UNAUTHORIZED)
@ExceptionHandler(ShiroException.class)
public BaseResponse handle401(ShiroException e) {
    return new BaseResponse<>(false, "shiro的异常", null);
}
 
Example #12
Source File: OneWebEnvironment.java    From onedev with MIT License 4 votes vote down vote up
@Override
public void init() throws ShiroException {
	setWebSecurityManager(OneDev.getInstance(WebSecurityManager.class));
	setFilterChainResolver(OneDev.getInstance(FilterChainResolver.class));
}
 
Example #13
Source File: ExceptionAdvice.java    From ShiroJwt with MIT License 4 votes vote down vote up
/**
 * 捕捉所有Shiro异常
 * @param e
 * @return
 */
@ResponseStatus(HttpStatus.UNAUTHORIZED)
@ExceptionHandler(ShiroException.class)
public ResponseBean handle401(ShiroException e) {
    return new ResponseBean(HttpStatus.UNAUTHORIZED.value(), "无权访问(Unauthorized):" + e.getMessage(), null);
}
 
Example #14
Source File: GuicedCassandraSessionDAO.java    From arcusplatform with Apache License 2.0 4 votes vote down vote up
@Override
public void init() throws ShiroException {
}
 
Example #15
Source File: SecurityExceptionMapper.java    From shiro-jwt with MIT License 4 votes vote down vote up
@Override
public Response toResponse(ShiroException exception) {
    JsonArrayBuilder array = Json.createArrayBuilder();
    array.add(getMessage(exception.getMessage(), req));
    return Response.status(Response.Status.BAD_REQUEST).entity(array.build()).type(MediaType.APPLICATION_JSON).build();
}
 
Example #16
Source File: SecurityModule.java    From tapestry-security with Apache License 2.0 4 votes vote down vote up
@SuppressWarnings("rawtypes")
public void contributeRequestExceptionHandler(MappedConfiguration<Class, Object> configuration) {
	configuration.add(ShiroException.class, SecurityExceptionHandlerAssistant.class);
}
 
Example #17
Source File: ExceptionController.java    From permission with MIT License 4 votes vote down vote up
@ExceptionHandler(ShiroException.class)
public CommonResult handle401() {
    return CommonResult.unauthorized(null);
}
 
Example #18
Source File: EhcacheShiroManager.java    From ehcache-shiro with Apache License 2.0 3 votes vote down vote up
/**
 * Initializes this instance.
 * <P>
 * If a {@link #setCacheManager CacheManager} has been
 * explicitly set (e.g. via Dependency Injection or programatically) prior to calling this
 * method, this method does nothing.
 * </P>
 * <P>
 * However, if no {@code CacheManager} has been set a new {@link org.ehcache.Cache} will be initialized.
 * It will use {@code ehcache.xml} configuration file at the root of the classpath.
 * </P>
 *
 * @throws org.apache.shiro.cache.CacheException if there are any CacheExceptions thrown by EhCache.
 */
public void init() throws ShiroException {
  try {
    ensureCacheManager();
  } catch (MalformedURLException e) {
    throw new ShiroException(e);
  }
}
 
Example #19
Source File: DataControllerAdvice.java    From notes with Apache License 2.0 2 votes vote down vote up
/**
 * @Author fruiqi
 * @Description  处理 shiro 异常信息
 * @Date 1:20 2019/3/9
 * @Param [e, request]
 * @return com.infervision.model.ResponseExceptionBody
 **/
@ExceptionHandler(ShiroException.class)
@ResponseStatus(HttpStatus.UNAUTHORIZED)
public ResponseExceptionBody handleShiroException(ShiroException e,HttpServletRequest request){
    return new ResponseExceptionBody(e.getMessage(),request);
}