Package railo.runtime.exp

Examples of railo.runtime.exp.SecurityException

2231
2232
2233
2234
2235
2236
2237
2238
2239
2240
    public void updateSessionManagement(Boolean sessionManagement) throws SecurityException {
      checkWriteAccess();
        boolean hasAccess=ConfigWebUtil.hasAccess(config,SecurityManager.TYPE_SETTING);
       
        if(!hasAccess)
            throw new SecurityException("no access to update scope setting");
       
        Element scope=_getRootElement("scope");
        scope.setAttribute("sessionmanagement",Caster.toString(sessionManagement,""));
    }
View Full Code Here
2247
2248
2249
2250
2251
2252
2253
2254
2255
2256
    public void updateClientManagement(Boolean clientManagement) throws SecurityException {
      checkWriteAccess();
        boolean hasAccess=ConfigWebUtil.hasAccess(config,SecurityManager.TYPE_SETTING);
       
        if(!hasAccess)
            throw new SecurityException("no access to update scope setting");
       
        Element scope=_getRootElement("scope");
        scope.setAttribute("clientmanagement",Caster.toString(clientManagement,""));
    }
View Full Code Here
2262
2263
2264
2265
2266
2267
2268
2269
2270
2271
     */
    public void updateClientCookies(Boolean clientCookies) throws SecurityException {
      checkWriteAccess();
        boolean hasAccess=ConfigWebUtil.hasAccess(config,SecurityManager.TYPE_SETTING);
        if(!hasAccess)
            throw new SecurityException("no access to update scope setting");
       
        Element scope=_getRootElement("scope");
        scope.setAttribute("setclientcookies",Caster.toString(clientCookies,""));
    }
View Full Code Here
2277
2278
2279
2280
2281
2282
2283
2284
2285
2286
     */
    public void updateDomaincookies(Boolean domainCookies) throws SecurityException {
      checkWriteAccess();
        boolean hasAccess=ConfigWebUtil.hasAccess(config,SecurityManager.TYPE_SETTING);
        if(!hasAccess)
            throw new SecurityException("no access to update scope setting");
       
        Element scope=_getRootElement("scope");
        scope.setAttribute("setdomaincookies",Caster.toString(domainCookies,""));
    }
View Full Code Here
2292
2293
2294
2295
2296
2297
2298
2299
2300
2301
     */
    public void updateLocale(String locale) throws SecurityException {
      checkWriteAccess();
        boolean hasAccess=ConfigWebUtil.hasAccess(config,SecurityManager.TYPE_SETTING);
        if(!hasAccess)
            throw new SecurityException("no access to update regional setting");
       
        Element scope=_getRootElement("regional");
        scope.setAttribute("locale",locale.trim());
    }
View Full Code Here
227
228
229
230
231
232
233
234
235
236
237
  }

  @Override
  public int doEndTag() throws PageException  {
    if(pageContext.getConfig().getSecurityManager().getAccess(SecurityManager.TYPE_TAG_EXECUTE)==SecurityManager.VALUE_NO)
      throw new SecurityException("can't access tag [execute]","access is prohibited by security manager");
      try {
            _execute();
        }
      catch (PageException pe) {
           throw pe;
View Full Code Here
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
  }
 
  private static void checkAccessibility(Object objMaybeNull,Class clazz, Key methodName) {
    // do not allow java.lang.System.exit()
    if(methodName.equals(EXIT) && clazz==System.class) { // TODO better implementation
      throw new PageRuntimeException(new SecurityException("Calling the method java.lang.System.exit is not allowed"));       
        }
    // change the accessibility of Railo methods is not allowed
    else if(methodName.equals(SET_ACCESSIBLE)) {
      if(objMaybeNull instanceof JavaObject)
        objMaybeNull=((JavaObject)objMaybeNull).getEmbededObject(null);
      if(objMaybeNull instanceof Member) {
        Member member=(Member) objMaybeNull;
            Class<?> cls = member.getDeclaringClass();
            if(cls!=null) {
              String name=cls.getName();
              if(name!=null && name.startsWith("railo.")) {
                throw new PageRuntimeException(new SecurityException("Changing the accessibility of an object's members in the railo.* package is not allowed"));
             
            }
            
      }      
        }
View Full Code Here
164
165
166
167
168
169
170
171
172
173
174

  @Override
  public int doStartTag() throws PageException  {
      if(pageContext.getConfig().getSecurityManager().getAccess(SecurityManager.TYPE_TAG_REGISTRY)==SecurityManager.VALUE_NO)
      throw new SecurityException("can't access tag [registry]","access is prohibited by security manager");
   
     
      if(action==ACTION_GET) doGet();
      else if(action==ACTION_GET_ALL) doGetAll();
      else if(action==ACTION_SET) doSet();
View Full Code Here
153
154
155
156
157
158
159
160
161
162
163
        else if(accessType.equals("search")) return TYPE_SEARCH;
        else if(accessType.equals("cache")) return TYPE_CACHE;
        else if(accessType.equals("gateway")) return TYPE_GATEWAY;
        else if(accessType.equals("orm")) return TYPE_ORM;
        else if(accessType.startsWith("scheduled_task")) return TYPE_SCHEDULED_TASK;
        else throw new SecurityException(
                "invalid access type ["+accessType+"]",
                "valid access types are [setting,file,direct_java_access,mail,datasource,mapping,custom_tag,cfx_setting" +
                "cfx_usage,debugging]");
       
    }
View Full Code Here
183
184
185
186
187
188
189
190
        else if(accessValue.equals("6"))     return VALUE_6;
        else if(accessValue.equals("7"))     return VALUE_7;
        else if(accessValue.equals("8"))     return VALUE_8;
        else if(accessValue.equals("9"))     return VALUE_9;
        else if(accessValue.equals("10"))     return VALUE_10;
        else throw new SecurityException("invalid access value ["+accessValue+"]", "valid access values are [all,local,no,none,yes,1,...,10]");
       
    }
View Full Code Here
TOP

Related Classes of railo.runtime.exp.SecurityException

  • railo.runtime.config.ConfigWebAdmin
  • railo.runtime.config.ConfigWebImpl
  • railo.runtime.config.ConfigWebUtil
  • railo.runtime.functions.cache.CacheSetProperties
  • railo.runtime.functions.other.CreateObject
  • railo.runtime.functions.rest.RestDeleteApplication
  • railo.runtime.op.ExceptonImpl
  • railo.runtime.reflection.Reflector
  • railo.runtime.security.SecurityManagerImpl
  • railo.runtime.tag.Execute
    • Copyright © 2018 www.massapicom. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.