public final boolean isErrorPage(final Class<? extends Page> pageClassParam) { PARAM_REQ.Object.requireNotNull(pageClassParam, "Eror page parameter must not be null."); final IApplicationSettings settings = Application.get().getApplicationSettings(); return pageClassParam.isAssignableFrom(settings.getAccessDeniedPage()) || pageClassParam.isAssignableFrom(settings.getInternalErrorPage()) || pageClassParam.isAssignableFrom(settings.getPageExpiredErrorPage()) || isComplementaryErrorPage(pageClassParam); }
public void onUnauthorizedInstantiation(final Component componentParam) { PARAM_REQ.Object.requireNotNull(componentParam, "The component parameter must not be null."); if (!SecureSession.get().isAuthenticated()) { LOGGER.debug("Unauthorized and user not authenticated."); if (securityCheck.isApplicationWithSignInPageSpecified()) { LOGGER.debug("Application has a sign in page specified. Setting sign in page as response."); throw new RestartResponseAtInterceptPageException(securityCheck.signInPage()); } } LOGGER.debug("Setting access denied page as response."); throw new RestartResponseException(WebApplication.get().getApplicationSettings().getAccessDeniedPage()); } }
/** * Delegates authentication. Subclasses should first try there custom authentication scheme * before letting super handle the call. Subclasses should either return a boolean value (see * {@link #handleBasicAuthentication(WebRequest, WebResponse, String, String)} ) if processing * should continue or throw an exception. * * @param request * @param response * @param scheme * the authentication scheme like "Basic" or "Digest" * @param param * the parameters after the scheme from the header * @throws LoginException * if the user could not be logged in. * @throws RestartResponseAtInterceptPageException * to an {@link AccessDeniedPage} if the scheme is not supported */ protected void handleAuthentication(WebRequest request, WebResponse response, String scheme, String param) throws LoginException { if (!handleBasicAuthentication(request, response, scheme, param)) return; log.error("Unsupported Http authentication type: " + scheme); throw new RestartResponseAtInterceptPageException(Application.get() .getApplicationSettings() .getAccessDeniedPage()); }